Prosím o kontrolu logu - SearchSettings.exe

michael95 · Příspěvekod **michael95** » 19 čer 2012 14:50

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-19 14:26:06
-----------------------------
14:26:06.279 OS Version: Windows 6.0.6002 Service Pack 2
14:26:06.279 Number of processors: 1 586 0x170A
14:26:06.280 ComputerName: JA-PC UserName: ja
14:26:08.061 Initialize success
14:26:15.241 AVAST engine defs: 12061900
14:26:26.511 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:26:26.517 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
14:26:26.543 Disk 0 MBR read successfully
14:26:26.548 Disk 0 MBR scan
14:26:26.617 Disk 0 unknown MBR code
14:26:26.645 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset 2048
14:26:26.668 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 295243 MB offset 20482048
14:26:26.687 Disk 0 scanning sectors +625139712
14:26:26.796 Disk 0 scanning C:\Windows\system32\drivers
14:26:41.448 Service scanning
14:27:14.006 Modules scanning
14:27:46.313 Disk 0 trace - called modules:
14:27:47.093 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll dxgkrnl.sys igdkmd32.sys ndis.sys NETw5v32.sys USBPORT.SYS usbehci.sys
14:27:47.109 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8658d730]
14:27:47.109 3 CLASSPNP.SYS[8a5a98b3] -> nt!IofCallDriver -> [0x84b0d200]
14:27:48.794 AVAST engine scan C:\Windows
14:27:55.923 AVAST engine scan C:\Windows\system32
14:31:43.558 AVAST engine scan C:\Windows\system32\drivers
14:32:02.590 AVAST engine scan C:\Users\ja
14:44:11.765 AVAST engine scan C:\ProgramData
14:45:30.935 Scan finished successfully
14:45:47.736 Disk 0 MBR has been saved successfully to "C:\Users\ja\Documents\MBR.dat"
14:45:47.736 The log file has been saved successfully to "C:\Users\ja\Documents\aswMBR.txt"

Reklama

Příspěvekod **jaro3** » 19 čer 2012 23:29

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Co problémy?

michael95 · Příspěvekod **michael95** » 20 čer 2012 14:22

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2012/06/20 14:22:42

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- WDC WD3200BEVT-22ZCT0
- MATSHITA DVD-RAM UJ862AS
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-22ZCT0 : 320,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD3200BEVT-22ZCT0
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-22ZCT0
Firmware : 11.01A11
Serial Number : WD-WX50A59H5208
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 4027 hod.
Power On Count : 1157 krát
Temparature : 39 C (102 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 188 187 _21 00000000061E Čas na roztočení ploten
04 _99 _99 __0 0000000004B3 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _95 _95 __0 000000000FBB Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000485 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000040 Počet vypnutí disku
C1 180 180 __0 00000000F10E Počet cyklů načítání/vymazání
C2 108 _99 __0 000000000027 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4135 4135 3948 3532 3038
020: 0000 4000 0032 3131 2E30 3131 3131 5744 4320 5744
030: 3332 3030 4245 5654 2D32 4354 4354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 BC09 BC09 6163 407F 0033
090: 0033 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE2
110: AD82 4202 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 169E 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DBA5

Příspěvekod **Žbeky** » 20 čer 2012 15:36

Disk OK, co ty problémy?

michael95 · Příspěvekod **michael95** » 20 čer 2012 16:47

Mám problém jen jediný. V adrásaři Common Files se mi pořád objevuje složka Spigot a v ní je SearchSettings.exe. Odstraním ji, smažu klíč z registrů a za pár týdnů je tam znova i s klíčem registrů. Program občas vytěžuje CPU na 100%.

Příspěvekod **Žbeky** » 20 čer 2012 19:03

Dej sem nový HJT log? Spigot by mohl být spojený s nějakým toolbarem

michael95 · Příspěvekod **michael95** » 20 čer 2012 21:11

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:58, on 20.6.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Diar 5\diar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ja\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ja\Downloads\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: CENZURA Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\CENZURA Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: CENZURA Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\CENZURA Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: CENZURA Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\CENZURA Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [MediaGet2] C:\Users\ja\AppData\Local\MediaGet2\mediaget.exe --minimized
O4 - HKCU\..\Run: [Diar_VS] C:\Program Files\Diar 5\diar.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ALL_LINK
O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ONE_LINK
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: vToolbarUpdater11.1.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

--
End of file - 10364 bytes

Příspěvekod **jaro3** » 20 čer 2012 22:16

Ty toolbary si neodinstaloval , Babylon a spigot pořád...

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

michael95 · Příspěvekod **michael95** » 24 črc 2012 09:40

OTL logfile created on: 24.7.2012 9:24:02 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\ja\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,93 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 61,20% Memory free
6,06 Gb Paging File | 4,83 Gb Available in Paging File | 79,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 189,31 Gb Free Space | 65,66% Space Free | Partition Type: NTFS

Computer Name: JA-PC | User Name: ja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\ja\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
PRC - C:\Program Files\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgmfapx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Diar 5\diar.exe (Václav Šimandl)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll ()
MOD - C:\Program Files\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files\Google\Google Desktop Search\gzlib.dll ()
MOD - C:\Program Files\4shared Desktop\CMenu32.dll ()
MOD - C:\Program Files\IZArc\IZArcCM.dll ()
MOD - C:\Program Files\Unlocker\UnlockerCOM.dll ()
MOD - C:\Program Files\Unlocker\UnlockerHook.dll ()
MOD - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()

========== Win32 Services (SafeList) ==========

SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (vToolbarUpdater11.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (SmartDefragDriver) -- C:\Windows\System32\drivers\SmartDefragDriver.sys ()
DRV - (L1C) -- C:\Windows\System32\drivers\L1C60x86.sys (Atheros Communications, Inc.)
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\CENZURA Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=KPQsE35R ... quzIyKQ?q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9E096EAC-9C16-4780-9B92-6FD33AA5D837}&mid=42b383ec144547d19c2fd15650465386-b7d980e0108a663e7c2d58e31d3330b6555ceea1&lang=cs&ds=AVG&pr=fr&d=2012-06-05 18:00:35&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703
IE - HKCU\..\SearchScopes\{D6CD481D-B257-421D-95ED-826EDE896AA8}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ja\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ja\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.12.10 04:04:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.07.17 14:13:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012.07.11 11:35:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.07.02 18:22:15 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://www.google.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ja\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ja\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ja\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ja\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Angry Birds = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: James White = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: Offline Google Mail = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.18_1\
CHR - Extension: Rise of the Castle = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjiimafmabdhgeiejkcggbgpfpoelggf\1.0_0\
CHR - Extension: Fujitsu Defender = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkkonejampkaeiifkgnelenjgeiafmj\1.2.1_0\
CHR - Extension: AdBlock = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\
CHR - Extension: Isoball 3 = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.2.1_0\
CHR - Extension: Social Fixer = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb\6.741_1\
CHR - Extension: 4Search = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbdhkliopceabeahdhjjooojfmimggp\1.0_0\
CHR - Extension: AVG Safe Search = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\
CHR - Extension: AVG Do Not Track = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Evolved Arcade = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkdaebmimnhlmgpjoppmdeokffoahpan\5.0.0_0\
CHR - Extension: Roz\u0161\u00ED\u0159en\u00ED Odb\u011Bry RSS (od Googlu) = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.0_0\

O1 HOSTS File: ([2012.05.16 15:32:25 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Pomocník pro přihlášení ke službě Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CENZURA Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\CENZURA Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (CENZURA Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\CENZURA Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Diar_VS] C:\Program Files\Diar 5\diar.exe (Václav Šimandl)
O4 - HKCU..\Run: [Google Update] C:\Users\ja\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [MediaGet2] C:\Users\ja\AppData\Local\MediaGet2\mediaget.exe --minimized File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ALL_LINK File not found
O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ONE_LINK File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54B8B1F4-00AD-4C84-B6CE-58F06784BCFB}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67654613-AEE8-44A3-9BF1-5C9BD1675C04}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ja\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\ja\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.07.24 09:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\CENZURA Toolbar
[2012.07.24 09:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012.07.24 09:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012.07.24 09:21:37 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\ja\Desktop\OTL.exe
[2012.07.17 14:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.07.16 17:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.5
[2012.07.16 14:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012.07.16 14:54:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012.07.15 15:30:20 | 000,000,000 | ---D | C] -- C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
[2012.07.11 20:13:23 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.11 20:07:25 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.07.11 20:07:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.07.11 20:07:23 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.07.11 20:07:22 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.07.11 20:07:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.07.11 20:07:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.07.11 20:07:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.07.11 15:49:19 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.07 17:47:20 | 000,000,000 | ---D | C] -- C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMTS
[2012.07.07 17:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\IMTS
[2012.07.04 12:04:24 | 000,000,000 | ---D | C] -- C:\Users\ja\Documents\FormatFactory

========== Files - Modified Within 30 Days ==========

[2012.07.24 09:31:26 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.24 09:25:50 | 102,047,786 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.07.24 09:21:34 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\ja\Desktop\OTL.exe
[2012.07.24 09:18:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.24 09:18:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.24 09:18:29 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.24 09:17:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.24 09:17:48 | 3147,612,160 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.23 18:56:52 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.07.23 18:56:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.23 18:09:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264547331-1410352844-3773754925-1000UA.job
[2012.07.23 17:07:03 | 000,162,304 | ---- | M] () -- C:\Users\ja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.23 14:41:12 | 000,000,680 | ---- | M] () -- C:\Users\ja\AppData\Local\d3d9caps.dat
[2012.07.23 14:09:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264547331-1410352844-3773754925-1000Core.job
[2012.07.19 17:46:18 | 000,313,377 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.07.17 14:02:48 | 000,351,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.16 17:59:46 | 000,129,834 | ---- | M] () -- C:\Users\ja\Documents\Obsah paměťové karty.html
[2012.07.16 17:54:48 | 000,000,945 | ---- | M] () -- C:\Users\Public\Desktop\LibreOffice 3.5.lnk
[2012.07.16 15:01:14 | 014,175,140 | ---- | M] () -- C:\Users\ja\Documents\Karma feat. Aleksandar Olujic - Subota (M Dee J Remix).flv
[2012.07.16 14:54:57 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.07.14 14:49:46 | 000,607,464 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.14 14:49:46 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.14 14:49:46 | 000,118,096 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.07.14 14:49:46 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.13 12:09:22 | 000,002,031 | ---- | M] () -- C:\Users\ja\Desktop\Google Chrome.lnk
[2012.07.12 12:31:38 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.12 12:31:38 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.07 17:47:20 | 000,001,612 | ---- | M] () -- C:\Users\ja\Desktop\I Miss the Sunrise.lnk
[2012.07.07 12:31:47 | 000,000,218 | ---- | M] () -- C:\Users\ja\.recently-used.xbel
[2012.07.01 19:20:53 | 009,842,289 | ---- | M] () -- C:\Users\ja\Documents\SASH - sweat.flv

========== Files Created - No Company Name ==========

[2012.07.21 11:51:21 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.21 11:51:20 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.18 14:04:55 | 000,000,950 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264547331-1410352844-3773754925-1000UA.job
[2012.07.18 14:04:55 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264547331-1410352844-3773754925-1000Core.job
[2012.07.16 17:54:48 | 000,000,945 | ---- | C] () -- C:\Users\Public\Desktop\LibreOffice 3.5.lnk
[2012.07.16 14:56:39 | 014,175,140 | ---- | C] () -- C:\Users\ja\Documents\Karma feat. Aleksandar Olujic - Subota (M Dee J Remix).flv
[2012.07.16 14:54:57 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.07.07 17:47:20 | 000,001,612 | ---- | C] () -- C:\Users\ja\Desktop\I Miss the Sunrise.lnk
[2012.07.07 12:31:47 | 000,000,218 | ---- | C] () -- C:\Users\ja\.recently-used.xbel
[2012.07.05 15:16:47 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.04 12:49:30 | 000,129,834 | ---- | C] () -- C:\Users\ja\Documents\Obsah paměťové karty.html
[2012.07.01 19:16:36 | 009,842,289 | ---- | C] () -- C:\Users\ja\Documents\SASH - sweat.flv
[2012.05.24 17:09:17 | 000,000,680 | ---- | C] () -- C:\Users\ja\AppData\Local\d3d9caps.dat
[2012.05.16 15:16:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.05.16 15:16:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.05.16 15:16:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.05.16 15:16:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.05.16 15:16:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.05.14 19:42:59 | 000,052,587 | ---- | C] () -- C:\Users\ja\as.png
[2012.05.14 19:42:00 | 000,052,206 | ---- | C] () -- C:\Users\ja\aa.png
[2012.05.08 20:36:01 | 000,130,476 | ---- | C] () -- C:\Users\ja\karma.png
[2012.04.11 19:14:03 | 000,085,825 | ---- | C] () -- C:\Users\ja\Inq XP WM - Customization.png
[2012.04.11 19:14:03 | 000,010,945 | ---- | C] () -- C:\Users\ja\Inq XP WM - Desert.png
[2012.04.11 19:14:03 | 000,008,878 | ---- | C] () -- C:\Users\ja\Inq XP WM - Mountains.png
[2012.04.11 19:14:03 | 000,005,684 | ---- | C] () -- C:\Users\ja\Inq XP WM - Snow.png
[2012.04.11 19:14:02 | 000,035,840 | ---- | C] () -- C:\Users\ja\Dialogy.odt
[2012.04.11 19:14:02 | 000,003,475 | ---- | C] () -- C:\Users\ja\Coffin.png
[2012.03.29 13:37:59 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\DC44A189E5.sys
[2012.03.29 13:37:51 | 000,001,890 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2012.03.25 19:13:19 | 000,394,752 | ---- | C] () -- C:\Windows\System32\diarbp32.exe
[2012.01.17 20:39:23 | 000,000,146 | ---- | C] () -- C:\Users\ja\AppData\Roaming\wklnhst.dat
[2012.01.11 14:58:40 | 000,107,276 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT
[2012.01.11 14:58:40 | 000,000,712 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2012.01.11 14:58:40 | 000,000,632 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2012.01.11 14:58:40 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2012.01.11 14:58:40 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2012.01.11 14:58:40 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2012.01.11 14:58:40 | 000,000,016 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2012.01.11 13:19:20 | 000,161,179 | ---- | C] () -- C:\Windows\Expstudio Audio Editor FREE Uninstaller.exe
[2012.01.04 17:24:46 | 000,000,124 | ---- | C] () -- C:\Windows\kaillera.ini
[2011.12.26 19:01:32 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011.12.17 12:08:06 | 000,029,520 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011.12.17 12:08:05 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011.12.17 10:38:29 | 000,162,304 | ---- | C] () -- C:\Users\ja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.09 12:59:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.12.09 12:59:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.02.11 20:10:52 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011.02.11 20:10:50 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011.02.11 20:10:50 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011.02.11 19:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.02.11 19:38:44 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

========== LOP Check ==========

[2012.06.06 16:43:26 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\4shared Desktop
[2009.04.11 03:07:40 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Acer GameZone Console
[2012.01.08 22:39:00 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\arbarlith2
[2011.12.09 10:30:52 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\AVG2012
[2012.04.26 17:34:26 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\avidemux
[2012.05.14 20:37:48 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Babylon
[2012.06.18 16:36:39 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Free Download Manager
[2012.03.05 19:25:04 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\GetRightToGo
[2012.05.28 18:58:19 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\gtk-2.0
[2011.12.26 13:35:49 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\inkscape
[2011.12.17 12:08:05 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\IObit
[2012.03.04 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\LibreOffice
[2012.05.14 17:10:48 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\mp3DirectCut
[2012.01.09 19:37:35 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\OpenOffice.org
[2011.12.17 10:57:27 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Philipp Winterberg
[2012.05.14 17:10:48 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\PhotoScape
[2012.02.13 19:03:50 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Solveig Multimedia
[2012.01.17 20:39:24 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Template
[2012.03.26 19:40:43 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Thinstall
[2012.06.18 16:36:39 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\uTorrent
[2011.12.17 10:42:52 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Zoner
[2012.07.23 18:56:59 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\ja\Documents\Video2.mp3.~~~.mp3:TOC.WMV
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:BB24555F

< End of report >

michael95 · Příspěvekod **michael95** » 24 črc 2012 09:47

OTL Extras logfile created on: 24.7.2012 9:24:02 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\ja\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,93 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 61,20% Memory free
6,06 Gb Paging File | 4,83 Gb Available in Paging File | 79,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 189,31 Gb Free Space | 65,66% Space Free | Partition Type: NTFS

Computer Name: JA-PC | User Name: ja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{36036DA0-31C7-4039-8C35-E814772E7B2C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9D01666C-E6F6-4AD8-8218-C5839316BE02}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EBFEB64-0A00-4391-989A-5FEBF5C8AEFF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{2939A745-D9AA-41DC-B28C-F207AE65EB5A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{34B8228F-13A1-4844-BC9B-258FCD380C1E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{3A7C90E2-61AA-43DD-B3FF-22029D9E9038}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{3D53509B-AC8A-45E6-AA38-80246A718490}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{429308A4-7B2D-4CEE-A073-4B995975ABDF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{4FA7F0E1-3A3C-4DF5-84F1-503A66662062}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{614B046C-D031-41DE-A057-B72F4554714A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{670E899D-F2E8-4C92-859D-4152CFE395C2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{7838BA2D-119B-4DC8-AFEB-C3896BC5585A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{8A4F009D-F3F6-45AA-8C02-7BB2DA2A45DD}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{8ABE7228-9EFA-4FBB-865C-DD2DADACD962}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{8EB991AB-8553-4D3E-ADC9-CDC10424F21D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{91712181-FB46-4168-B3E6-ACF83CF6744A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{9A353A86-F963-4B90-9923-D8804A1A292D}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{A8E81D33-24DD-4C1F-8FD6-00A7BC05E47D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{B4687CD4-6F9F-4D9F-BCA4-F209D5F21C25}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{BACF8E9C-A0F3-4DB7-9B19-5191CABC8E33}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C57B3C13-857E-4D02-86FD-F05E7EEBD6AA}" = protocol=6 | dir=in | app=c:\users\ja\appdata\local\temp\~ose9b5.tmp\rlvknlg.exe |
"{DBBDA72F-25EF-4534-B2E4-37008ECE26D1}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{DC61E04F-5BFC-4598-9DEE-65DA4562DD04}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{E2D5F173-2049-4668-BA5D-957D9835FB92}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{EA3AA7BB-FB13-4917-94A9-D83C6381E93B}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{ECCC8F34-776B-42F4-9BA7-688389197A75}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{F39F28CD-7E5D-4B9A-A494-6D2843FAE321}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{F636D990-1F44-4CD6-B609-157EC8056E92}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"TCP Query User{13ED68F2-0346-49B7-B718-14B066D2C27C}C:\program files\ditto\ditto.exe" = protocol=6 | dir=in | app=c:\program files\ditto\ditto.exe |
"TCP Query User{7B42C137-78D5-4516-95A3-190882379B7E}C:\program files\ditto\ditto.exe" = protocol=6 | dir=in | app=c:\program files\ditto\ditto.exe |
"TCP Query User{EB4461E0-E9C0-41C2-8EC5-4A8735C42768}C:\users\ja\downloads\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\users\ja\downloads\call of duty\codmp.exe |
"UDP Query User{4106D7C0-3627-47EB-A462-123A177926C9}C:\users\ja\downloads\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\users\ja\downloads\call of duty\codmp.exe |
"UDP Query User{7B9946EF-6C3C-4A90-80FC-A893FC17DD48}C:\program files\ditto\ditto.exe" = protocol=17 | dir=in | app=c:\program files\ditto\ditto.exe |
"UDP Query User{B368A82B-DA51-4440-B5D7-6DDF5523F398}C:\program files\ditto\ditto.exe" = protocol=17 | dir=in | app=c:\program files\ditto\ditto.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1" = Free Video Joiner
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9
"{1C753699-A426-4A84-9752-59EE4CDEE689}" = Call of the Underworld
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Software Intel(R) PROSet/Wireless WiFi
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}" = Windows Live Essentials
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{6B1907E6-1CF2-4B54-A0A7-E880927FDCE6}" = CENZURA Toolbar v6.1
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111125700}" = Rainbow Web
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113056167}" = Dream Day Honeymoon
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113297350}" = Cake Mania 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}" = Wedding Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}" = Parking Dash
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.6
"{99D7DE4C-2775-4B16-B155-7F09AE939E8E}" = Microsoft Works
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{A13DE9CB-8C84-4889-B114-C5A9661F844E}" = Windows Live Fotogalerie
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B1F9C834-0594-4563-B344-4ED9599A5945}" = LibreOffice 3.5
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{C01408FC-117C-44B7-8B0C-17794E526A01}" = Disc2Phone
"{C9BFF8C0-2698-4E07-A808-5971E573D257}_is1" = Quintessence - The Blighted Venom [Chapter 1 - 11]
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ECC42BBC-BC08-49E3-84B2-8CD1BA94BBC9}" = Exe to msi Converter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"4shared Desktop" = 4shared Desktop
"A5C76F143DE85710B0FDBABC39480EC492EE05CF" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG" = AVG 2012
"BabylonToolbar" = Babylon toolbar on IE
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Bombermania_is1" = Bombermania ver 1.0
"BombermanNES40" = DJ OldGames Package: Bomberman (NES)
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Diář 5_is1" = Diář 5.5
"Ditto_is1" = Ditto
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Expstudio Audio Editor FREE" = Expstudio Audio Editor FREE
"FastStone Capture" = FastStone Capture 5.3
"FBReader for Windows XP" = FBReader for Windows XP
"FormatFactory" = FormatFactory 2.90
"Free Download Manager_is1" = Free Download Manager 3.8
"FTP Commander" = FTP Commander
"Gear Flash Downloader_is1" = Gear Flash Downloader 1.1
"Google Desktop" = Google Desktop
"HyperCam 3" = HyperCam 3
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"Inkscape" = Inkscape 0.48.2
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"IrfanView" = IrfanView (remove only)
"Mario Forever Galaxy" = Mario Forever Galaxy
"Mega Bomberman_is1" = Mega Bomberman
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"PhotoFiltre" = PhotoFiltre
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"ProInst" = Intel PROSet Wireless
"RarZilla Free Unrar" = RarZilla Free Unrar
"RGSS-RTP" = RGSS-RTP 1.03
"RPG Maker VX RTP_is1" = RPG Maker VX RTP
"Smart Defrag 2_is1" = Smart Defrag 2
"The KMPlayer" = The KMPlayer (remove only)
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"Video Cutter_is1" = Video Cutter 1.0
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Episode Four" = Episode Four
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11.6.2012 14:11:49 | Computer Name = ja-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 12.6.2012 7:59:31 | Computer Name = ja-PC | Source = WinMgmt | ID = 10
Description =

Error - 12.6.2012 8:08:41 | Computer Name = ja-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12.6.2012 8:09:16 | Computer Name = ja-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace Explorer.EXE, verze 6.0.6002.18005, časové razítko
0x49e01da5, chybující modul btwapi.dll, verze 6.2.1.800, časové razítko 0x4ac6929e,
kód výjimky 0xc0000005, posun chyby 0x0004df41, ID procesu 0xe08, čas spuštění aplikace
0x01cd4892d863cff0.

Error - 13.6.2012 6:03:13 | Computer Name = ja-PC | Source = WinMgmt | ID = 10
Description =

Error - 13.6.2012 8:06:59 | Computer Name = ja-PC | Source = Application Hang | ID = 1002
Description = Program i_view32.exe verze 4.2.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 1728 Čas zahájení: 01cd495cea5b9b55 Čas ukončení: 0

Error - 14.6.2012 4:46:22 | Computer Name = ja-PC | Source = WinMgmt | ID = 10
Description =

Error - 14.6.2012 5:03:49 | Computer Name = ja-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 14.6.2012 5:06:51 | Computer Name = ja-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 17.6.2012 15:13:22 | Computer Name = ja-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 16.7.2012 12:28:09 | Computer Name = ja-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.101 pro síťovou kartu s adresou 0022FB6EBCD6
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 16.7.2012 12:58:47 | Computer Name = ja-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.102 pro síťovou kartu s adresou 0022FB6EBCD6
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 17.7.2012 8:06:57 | Computer Name = ja-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.3 pro síťovou kartu s adresou 0022FB6EBCD6
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 18.7.2012 9:46:08 | Computer Name = ja-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.3 pro síťovou kartu s adresou 0022FB6EBCD6
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 19.7.2012 8:15:49 | Computer Name = ja-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.3 pro síťovou kartu s adresou 0022FB6EBCD6
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 21.7.2012 5:50:57 | Computer Name = ja-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 21.7.2012 5:50:57 | Computer Name = ja-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 21.7.2012 10:07:43 | Computer Name = ja-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.100 pro síťovou kartu s adresou 0022FB6EBCD6
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 21.7.2012 10:07:44 | Computer Name = ja-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetbiosSmb, protože
jiný počítač v síti má stejný název. Server nelze spustit.

Error - 23.7.2012 9:27:24 | Computer Name = ja-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.100 pro síťovou kartu s adresou 0022FB6EBCD6
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

Příspěvekod **jaro3** » 24 črc 2012 10:31

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\CENZURA Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=KPQsE35R ... quzIyKQ?q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9E096EAC-9C16-4780-9B92-6FD33AA5D837}&mid=42b383ec144547d19c2fd15650465386-b7d980e0108a663e7c2d58e31d3330b6555ceea1&lang=cs&ds=AVG&pr=fr&d=2012-06-05 18:00:35&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703
IE - HKCU\..\SearchScopes\{D6CD481D-B257-421D-95ED-826EDE896AA8}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
O1 HOSTS File: ([2012.05.16 15:32:25 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (CENZURA Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\CENZURA Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (CENZURA Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\CENZURA Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [Google Update] C:\Users\ja\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ALL_LINK File not found
O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ONE_LINK File not found
[2012.07.14 14:49:46 | 000,607,464 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.14 14:49:46 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.14 14:49:46 | 000,118,096 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.07.14 14:49:46 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:BB24555F

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Program Files\CENZURA Toolbar
C:\Program Files\Common Files\Spigot
C:\Users\ja\AppData\Local\d3d9caps.dat
C:\Users\ja\AppData\Local\d3d9caps.dat
C:\Windows\PEV.exe
C:\Windows\MBR.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\zip.exe
C:\Windows\System32\DC44A189E5.sys
C:\Windows\System32\KGyGaAvL.sys
C:\Windows\System32\diarbp32.exe
C:\Users\ja\AppData\Roaming\wklnhst.dat
C:\Users\ja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\ja\AppData\Roaming\Babylon

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" =-
"BabylonToolbar" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

michael95 · Příspěvekod **michael95** » 24 črc 2012 12:02

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
No active process named SearchSettings.exe was found!
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
C:\Program Files\CENZURA Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D6CD481D-B257-421D-95ED-826EDE896AA8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6CD481D-B257-421D-95ED-826EDE896AA8}\ not found.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\CENZURA Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\CENZURA Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
C:\Users\ja\AppData\Local\Google\Update\GoogleUpdate.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download All using 4shared Desktop\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download using 4shared Desktop\ deleted successfully.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
ADS C:\ProgramData\TEMP:BB24555F deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4264547331-1410352844-3773754925-1000Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4264547331-1410352844-3773754925-1000UA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Program Files\CENZURA Toolbar\Res\Lang folder moved successfully.
C:\Program Files\CENZURA Toolbar\Res folder moved successfully.
C:\Program Files\CENZURA Toolbar\IE\6.1 folder moved successfully.
C:\Program Files\CENZURA Toolbar\IE folder moved successfully.
C:\Program Files\CENZURA Toolbar folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Users\ja\AppData\Local\d3d9caps.dat moved successfully.
File\Folder C:\Users\ja\AppData\Local\d3d9caps.dat not found.
C:\Windows\PEV.exe moved successfully.
C:\Windows\MBR.exe moved successfully.
C:\Windows\sed.exe moved successfully.
C:\Windows\grep.exe moved successfully.
C:\Windows\zip.exe moved successfully.
C:\Windows\System32\DC44A189E5.sys moved successfully.
C:\Windows\System32\KGyGaAvL.sys moved successfully.
C:\Windows\System32\diarbp32.exe moved successfully.
C:\Users\ja\AppData\Roaming\wklnhst.dat moved successfully.
C:\Users\ja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Users\ja\AppData\Roaming\Babylon folder moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{86D4B82A-ABED-442A-BE86-96357B70F4FE} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\BabylonToolbar not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: ja
->Temp folder emptied: 12359555 bytes
->Temporary Internet Files folder emptied: 5391853 bytes
->Java cache emptied: 86747 bytes
->Google Chrome cache emptied: 9102135 bytes
->Flash cache emptied: 739 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5033007 bytes
RecycleBin emptied: 4045556476 bytes

Total Files Cleaned = 3 889,00 mb

OTL by OldTimer - Version 3.2.54.1 log created on 07242012_115827

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Re: Prosím o kontrolu logu - SearchSettings.exe

Kdo je online