Facebook vir

Zpráva

#31 Příspěvek od **Mc_Murphy** » 08 lis 2011 07:06

OTL Extras logfile created on: 11/7/2011 8:35:47 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vojta\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.99 Gb Total Physical Memory | 2.93 Gb Available Physical Memory | 73.43% Memory free
7.98 Gb Paging File | 6.87 Gb Available in Paging File | 86.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 289.95 Gb Total Space | 29.36 Gb Free Space | 10.12% Space Free | Partition Type: NTFS
Drive D: | 290.12 Gb Total Space | 251.80 Gb Free Space | 86.79% Space Free | Partition Type: NTFS

Computer Name: VOJTA-PC | User Name: Vojta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"FirewallOverride" = 0
"DisableThumbnailCache" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 0
"DisableThumbnailCache" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 29
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2D9C81F2-CF30-47F9-860E-58DACF92ABC9}" = Razer Arctosa
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{46710AEB-ACE9-4386-9DFB-8B65153BFA74}" = REALTEK Wireless LAN Driver
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8305}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8306}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8307}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{58580f2c-4562-4196-9a8a-9d6180bac5d0}" = Nero 9 Essentials
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{67EA4F15-C7C4-436A-B6A2-352BC2CE11DC}" = Dealio Toolbar v4.7
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}" = SweetIM Toolbar for Internet Explorer 4.2
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A81A974F-8A22-43E6-9243-5198FF758DA1}" = SweetIM for Messenger 3.6
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"5513-1208-7298-9440" = JDownloader 0.9
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BearShare 2 MediaBar" = MediaBar
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"conduitEngine" = Conduit Engine
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"F.E.A.R. 3_is1" = F.E.A.R. 3
"FIFA 12 (c) EA_is1" = FIFA 12 (c) EA version 1
"GamePlayLabs Plugin" = GamePlayLabs Plugin
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"PunkBusterSvc" = PunkBuster Services
"SearchCore for Browsers" = SearchCore for Browsers
"Steam App 10" = Counter-Strike
"TeamViewer 6" = TeamViewer 6
"TorrentMan Toolbar" = TorrentMan Toolbar
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-193897993-210543724-810583694-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#32 Příspěvek od **Mc_Murphy** » 08 lis 2011 07:35

Jinak ještě vydrž, napíšu script na OTL, protože tam pořád ještě něco visí. Po provedení scanu si myslím, že bude čisto, jen dočistíme zbytky po utilitách, odinstalujeme Combo a můžeš se mu vrhnout na ten antivir i na aktualizace. Snad s tím nebudou žádné problémy.

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

:OTL
PRC - [2011/09/27 19:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
SRV - [2011/09/27 19:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
CHR - default_search_provider: search_url = http://search.bearshare.com/web?src=crb ... =2&sr=0&q={searchTerms}
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-193897993-210543724-810583694-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O3 - HKU\S-1-5-21-193897993-210543724-810583694-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3:64bit: - HKU\S-1-5-21-193897993-210543724-810583694-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-193897993-210543724-810583694-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (MusicLab, LLC)
O8:64bit: - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\001eb024e3e4a075499121b09d79daaf\*.tmp files -> C:\Windows\SoftwareDistribution\Download\001eb024e3e4a075499121b09d79daaf\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\023c4f300a1412193e91f96c90e8ee99\*.tmp files -> C:\Windows\SoftwareDistribution\Download\023c4f300a1412193e91f96c90e8ee99\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2a126cd9b589f78768b01dcff6e2ab71\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2a126cd9b589f78768b01dcff6e2ab71\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\65b406b7f28ba0f00f95cb730b908d9c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\65b406b7f28ba0f00f95cb730b908d9c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\861750b96d28fe2fdd009b6afa86d3bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\861750b96d28fe2fdd009b6afa86d3bb\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\95fdded43253e3432324814f2f0e9126\*.tmp files -> C:\Windows\SoftwareDistribution\Download\95fdded43253e3432324814f2f0e9126\*.tmp -> ]
[40 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[40 C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[2 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:0B9176C0

:Services
Nero BackItUp Scheduler 4.0

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"OOTag"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"OOTag"=-

:Files
%windir%\*.tmp /s
%windir%\system32\SET*.tmp /s
%windir%\system32\*.tmp.dll /s
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT] /d
C:\Users\Vojta\Downloads\Call of Duty - Black Ops\Call.of.Duty.Black.Ops-SKIDROW-Crack.rar /d
C:\Users\Vojta\Downloads\GTA IV PC Version /d
C:\Users\Vojta\Downloads\torenty\Far_Cry_2_PC_Windows_Game_Full_Game___Serial___Crack___PowerISO.4703507.TPB.torrent /d
C:\Users\Vojta\Downloads\torenty\Medal_of_Honor_2010_[Eng]_Full_Game_Keygen_Crack[OP_SN_95].6095273.TPB.torrent /d
C:\Users\Vojta\Downloads\Far Cry 2 /d
C:\Program Files (x86)\SearchCore for Browsers
C:\Program Files (x86)\Application Updater
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\DAEMON Tools Toolbar

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

radim30 · #33 Příspěvek od **radim30** » 08 lis 2011 16:51

Dobrý den,

děkuji za script, aplikoval jsem to zas kámošovi v klasickém režimu se všemi uzavřenými aplikacemi přes TeamViewer. Když jsem ale vše nastavil a klikl na Opravit, tak v tu ránu se mi ukončil TeamViewer přenos. Kámoš pak říkal, že se to v pohodě smazalo a PC se následně po dotazu restartoval.

V C: se ještě vytvořila složka _OTL\MovedFiles která obsahuje texťák a složku, obě s názvem "11082011_163004". Ten texťák nevím jestli můžu brát jako log, ale pro jistotu ho sem dávám. V té složce 11082011_163004 pak nalezneme modifikaci názvů složek pro 32bitový program files a Windows, pravděpodobně karanténa souborů co to smazalo. Tady je ten záznam:

All processes killed
========== OTL ==========
No active process named ApplicationUpdater.exe was found!
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7c5c0f58-e061-457d-9033-77307f5ed00c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Unable to fix default_search_provider items.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-193897993-210543724-810583694-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-193897993-210543724-810583694-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
64bit-Registry value HKEY_USERS\S-1-5-21-193897993-210543724-810583694-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found.
Registry value HKEY_USERS\S-1-5-21-193897993-210543724-810583694-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe moved successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\WikiKomentáře Google...\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\WikiKomentáře Google...\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB5D7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2BD0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5FFA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8093.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA553.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI15EE.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\001eb024e3e4a075499121b09d79daaf\BIT7BF.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\023c4f300a1412193e91f96c90e8ee99\BITEF20.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\2a126cd9b589f78768b01dcff6e2ab71\BIT7BC4.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\65b406b7f28ba0f00f95cb730b908d9c\BIT8E2C.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\861750b96d28fe2fdd009b6afa86d3bb\BITEC33.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\95fdded43253e3432324814f2f0e9126\BIT7B85.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt163E.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1821.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2370.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2733.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2776.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2895.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2C75.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt3891.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt38AC.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt39A7.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt3C00.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt3EB.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt4E51.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt51DF.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt59F9.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt68C9.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt6BC5.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt7D5C.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt8342.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt8E3A.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt97AC.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtA647.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtAEBD.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtE1E5.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtE5CC.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtE780.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtE7EE.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtE8F7.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEAEA.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEB4F.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEC22.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEC9F.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEDB8.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEDC7.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEEC1.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEF5D.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF008.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF47B.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF787.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtFB20.tmp deleted successfully.
C:\Windows\temp\CabEA9C.tmp deleted successfully.
C:\Windows\temp\TarEAAD.tmp deleted successfully.
ADS C:\ProgramData\Temp:0B9176C0 deleted successfully.
========== SERVICES/DRIVERS ==========
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\OOTag not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\OOTag not found.
========== FILES ==========
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 CrackOnly SKIDROW\DukeForever.exe deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 CrackOnly SKIDROW\engine.dll deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 CrackOnly SKIDROW\Launcher.exe deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 CrackOnly SKIDROW\Open.txt deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 CrackOnly SKIDROW\SKIDROW.ini deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 CrackOnly SKIDROW\Steamclient.dll deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 CrackOnly SKIDROW\steam_api.dll deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 CrackOnly SKIDROW folder deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\Graphics\piston.tga deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\Graphics folder deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\GreenLuma.dll deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\GreenLuma.exe deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\GreenLuma.ini deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\GreenLuma.txt deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\LumaServerPatcher.exe deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\msvcp100.dll deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\msvcr100.dll deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma\Subscriptions.ini deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\GreenLuma folder deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\Crack Multi\System\steam_api.dll deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\Crack Multi\System\steam_appid.txt deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\Crack Multi\System folder deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\Crack Multi folder deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\Open.txt deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer\SteamInstall.msi deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer folder deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\DKF Multiplayer.rar deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 CrackOnly SKIDROW.rar deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Duke Nukem Forever 2011 SKIDROW.iso deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT]\Open.txt deleted successfully.
C:\Program Files (x86)\BitLord\Downloads\[www.tnttorrent.info] Duke Nukem Forever 2011 [FULL] [miguel] [Ekipa TnT] folder deleted successfully.
C:\Users\Vojta\Downloads\Call of Duty - Black Ops\Call.of.Duty.Black.Ops-SKIDROW-Crack.rar deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\Alice\natives.ini deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\Alice folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\Alice.asi deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\dsound.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\EFC20FIX.asi deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\lua.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\lualib.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only.rar deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA_4_No_Shaking_Camera_Working_Personaly_Tried_Shezan___Redor_1.0.3_only folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\1911.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\binkw32.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\GTA 4 Downgrader.bat deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\GTAIV.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\LaunchGTAIV.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\Media1.cab deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\Patch 1.0.7.0 GTA IV.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\Paul.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\stream.ini deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\TitleUpdate.msi deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\visualSettings.xls deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix\xlive.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix\GTA IV Shaking Cam And Lag Fix.zip deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV Shaking Cam And Lag Fix folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV PATCH 1.0.3.0 + CRACK\GTA IV 1.0.3.0 Crack + Patch\GTA IV 1.0.3.0 Crack + Patch\Crack\1911.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV PATCH 1.0.3.0 + CRACK\GTA IV 1.0.3.0 Crack + Patch\GTA IV 1.0.3.0 Crack + Patch\Crack\LaunchGTAIV.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV PATCH 1.0.3.0 + CRACK\GTA IV 1.0.3.0 Crack + Patch\GTA IV 1.0.3.0 Crack + Patch\Crack\xlive.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV PATCH 1.0.3.0 + CRACK\GTA IV 1.0.3.0 Crack + Patch\GTA IV 1.0.3.0 Crack + Patch\Crack folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV PATCH 1.0.3.0 + CRACK\GTA IV 1.0.3.0 Crack + Patch\GTA IV 1.0.3.0 Crack + Patch\GTAIV_Patch_1030.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV PATCH 1.0.3.0 + CRACK\GTA IV 1.0.3.0 Crack + Patch\GTA IV 1.0.3.0 Crack + Patch folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV PATCH 1.0.3.0 + CRACK\GTA IV 1.0.3.0 Crack + Patch folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV PATCH 1.0.3.0 + CRACK\GTA IV 1.0.3.0 Crack + Patch.rar deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV PATCH 1.0.3.0 + CRACK folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack\rzr-gta4-crack\1911.dll deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack\rzr-gta4-crack\GTAIV.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack\rzr-gta4-crack\LaunchGTAIV.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack\rzr-gta4-crack folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack\78a4d0bec90476eea7df9002a8fd20b5\GTAIV.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack\78a4d0bec90476eea7df9002a8fd20b5\LaunchGTAIV.exe deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack\78a4d0bec90476eea7df9002a8fd20b5 folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack\78a4d0bec90476eea7df9002a8fd20b5.rar deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack\rzr-gta4-crack.rar deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\crack folder deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA 4.txt deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV DVD 1.iso deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\GTA IV DVD 2.iso deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version\Torrent downloaded from Demonoid.com.txt deleted successfully.
C:\Users\Vojta\Downloads\GTA IV PC Version folder deleted successfully.
C:\Users\Vojta\Downloads\torenty\Far_Cry_2_PC_Windows_Game_Full_Game___Serial___Crack___PowerISO.4703507.TPB.torrent deleted successfully.
C:\Users\Vojta\Downloads\torenty\Medal_of_Honor_2010_[Eng]_Full_Game_Keygen_Crack[OP_SN_95].6095273.TPB.torrent deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Power ISO+serial\Power ISO+serial\PowerISO38.exe deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Power ISO+serial\Power ISO+serial\readme.txt deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Power ISO+serial\Power ISO+serial\serial.txt deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Power ISO+serial\Power ISO+serial folder deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Power ISO+serial folder deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Crack + Serial\CD Key.txt deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Crack + Serial\FarCry2.exe deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Crack + Serial folder deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Backup Original exe\FarCry2.exe deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Backup Original exe\Info - Read This.txt deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Backup Original exe folder deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\FARCRY2.iso deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Power ISO+serial.rar deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2\Torrent downloaded from Demonoid.com.txt deleted successfully.
C:\Users\Vojta\Downloads\Far Cry 2 folder deleted successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64 folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers folder moved successfully.
C:\Program Files (x86)\Application Updater folder moved successfully.
File\Folder C:\Program Files (x86)\Google\Google Toolbar not found.
C:\Program Files (x86)\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Vojta
->Temp folder emptied: 3332332 bytes
->Temporary Internet Files folder emptied: 176563552 bytes
->Java cache emptied: 9608944 bytes
->Google Chrome cache emptied: 308079405 bytes
->Opera cache emptied: 48372436 bytes
->Flash cache emptied: 103186 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 48338 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 35488138 bytes
RecycleBin emptied: 2317406705 bytes

Total Files Cleaned = 2,765.00 mb

[EMPTYFLASH]

User: All Users

User: AppData

User: Default

User: Default User

User: Public

User: Vojta
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.31.0 log created on 11082011_163004

Proběhlo tedy všechno v pořádku? Předem moc děkuji.

#34 Příspěvek od **Mc_Murphy** » 08 lis 2011 19:11

Ukončení TeamVieweru je v pořádku, protože OTL ve scriptu resetuje Tobě už známý hosts soubor, takže takováto spojení přeruší. Stejně tak restart je naprosto v pořádku.

S logem jsi to udělal bravurně, to bylo přesně to, co jsem potřeboval vidět - a vidím, že OTL provedlo všechno, co mělo.

Teď bychom se tedy vrhnuli na ten antivir. On tam měl co? No, ať to nezdržujeme... mrkni sem na tyto naše stránky, kde si najdi případný odinstalátor (remover) antiviru, který Tvůj kamarád měl. Pak mu tam nainstaluj nějaké to free řešení nebo jak uznáš za vhodné. Hlavně žádně nelegální ESETy, NODy a crackování!

Mám za to, že veškeré dostupné aktualizace můžeš zkusit už v této fázi, protože bychom měli mít čisto, jen nemáme dočištěno. Takže vyzkoušej všechno, co jsem psal a napiš mi, jak se daří či nikoliv. Pak bychom provedli konečné dočištění a bude hotovo.

radim30 · #35 Příspěvek od **radim30** » 08 lis 2011 19:50

Měl tam MS Essentials a ten by i chtěl zachovat. Můžu ty aktualizace + AV zkusit skrz ten TeamViewer?

Jinak dočištění a odinstalace ComboFixu jsem myslel že bude před tímhle, ale hned co odepíšeš, tak se na to vrhnem

Díky moc!

#36 Příspěvek od **Mc_Murphy** » 08 lis 2011 20:32

Tak jo, dočistíme teď, ať máme čisto a pak tedy rozjeď MSE a aktualizace.

Na správnou odinstalaci MSE použij oba dva removery z těchto stránek.

Odinstaluj ComboFix.

Přejmenuj ComboFix na Uninstall.
Spusť jej.
Tohle smaže ComboFix a jeho složky.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stáhni a spusť.
Pro potvrzení volby mačkej A, Enter.
Po použití utilitu smaž.
Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir).

A na zbytek tohle:

OTC http://oldtimer.geekstogo.com/OTC.exe

Stáhni a spusť.
Klikni na CleanUp a potvrď YES.
Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

CCleaner můžeš nechat až na úplný závěr.

radim30 · #37 Příspěvek od **radim30** » 08 lis 2011 23:57

Dobrý večer,

tak veškerá čištění dokončena, vše proběhlo v naprostém pořádku bez problémů. Po následném pokusu o nainstalování aktualizací se ale objevila chyba, která souvisela se Službou inteligentního přenosu na pozadí (BITS). Už dřív jsem si pročítal témata, kde lidi řešili facebook viry, někdo tam měl naprosto stejný problém. Uživatel MiliNess při této situaci danému člověku radil, aby do system32 překopíroval dané knihovny + spustil jeden soubor pro přidání hodnoty do registru. Člověka jsem tedy kontaktoval s popisem svého problému a on mi ve finále poslal speciálně pro můj systém (lišil se od toho uživatelova) 2 knihovny do system32 + ten jeden dávkový soubor do registru. Dvě knihovny (qmgr.dll a qmgrprxy.dll) se ale v system32 již nacházely a také měly naprosto totožnou velikost s těmi dodávanými. Přesto jsem je raději zaměnil za ty poskytované MiliNessem a do registru přidal danou hodnotu BITS.

Aktualizace ale nyní háže pro změnu chybu 80070643. Na netu jsem se dočetl, že to souvisí s .NET od Microsoftu, tak jsem si řekl; virus naboural systém, nainstaluju to tam "znova". Nicméně i po instalaci a restartu (restart proběhl už i při přidání hodnot do registru) se tam tato chyba zobrazuje. Vůbec netuším, co v současné situaci dělat.

Pro všechny případy sem ještě dodávám LOG z RSITu, protože se obávám, že tam nějaká potvůrka ještě přece jenom bude. Předem díky moc:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vojta at 2011-11-08 23:46:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 66 GB (22%) free of 297 GB
Total RAM: 4087 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:46:20, on 8.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Users\Vojta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vojta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
C:\Program Files (x86)\Razer\Arctosa\razerhid.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Vojta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Users\Vojta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\trend micro\Vojta.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... weetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Arctosa] "C:\Program Files (x86)\Razer\Arctosa\razerhid.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8559 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {F1604E68-43EB-44CC-8795-B7687E0AD463}
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\OEM\USBDECTION\USBS3S4Detection.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a64e4adb-18ea-486a-840d-5cf4e575c75f -SystemEventPortName:HostProcess-ccf487f0-f1e1-4e87-bafb-116bde39183b -IoCancelEventPortName:HostProcess-06834d9f-9970-4dce-9829-8f421d227ac7 -NonStateChangingEventPortName:HostProcess-4b8cfb70-7498-4325-8a1a-0106d492e4c3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8d4f31b7-4bad-470e-aeb0-4a712e74be8d
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Vojta\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Vojta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=3732.00B786E0.1681144627 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
"C:\Program Files (x86)\Razer\Arctosa\razerhid.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
C:\Windows\system32\rundll32.exe "C:\Users\Vojta\AppData\Local\Google\Chrome\APPLIC~1\150874~1.106\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Vojta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Vojta\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll" --lang=cs --channel=3732.06E92C40.1582027870 --flash-broker=3748 /prefetch:4
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe"
"c:\program files (x86)\teamviewer\version6\TeamViewer_Desktop.exe" --IPCport 5939
"C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version6\TeamViewer6_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version6\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version6\TeamViewer6_Logfile.log
C:\Windows\system32\msiexec.exe /V
"C:\Windows\system32\notepad.exe"
"C:\Users\Vojta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=3732.0709D000.1622015190 /prefetch:3
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Vojta\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-02-01 349552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-02-24 9642528]
"OOTag"=C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [2010-02-23 13856]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2011-10-24 1242448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192]
"Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2010-05-06 609312]
"ArcadeMovieService"=C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [2010-02-05 124136]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Arctosa"=C:\Program Files (x86)\Razer\Arctosa\razerhid.exe [2008-10-06 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-05-22 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-11-08 23:46:20 ----D---- C:\rsit
2011-11-08 22:57:34 ----D---- C:\Program Files\CCleaner
2011-11-08 22:34:27 ----SD---- C:\Uninstall
2011-11-07 16:22:21 ----D---- C:\Program Files (x86)\TeamViewer
2011-11-04 23:25:17 ----D---- C:\Windows\temp
2011-11-04 23:22:19 ----D---- C:\$RECYCLE.BIN
2011-11-04 15:07:47 ----D---- C:\Users\Vojta\AppData\Roaming\Malwarebytes
2011-11-04 15:07:42 ----D---- C:\ProgramData\Malwarebytes
2011-11-04 15:07:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-04 15:07:39 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-11-04 14:07:52 ----D---- C:\Program Files (x86)\trend micro
2011-10-25 18:48:11 ----D---- C:\Program Files (x86)\Eidos
2011-10-24 14:53:40 ----D---- C:\Program Files (x86)\Steam
2011-10-21 15:39:46 ----D---- C:\Program Files (x86)\Valve
2011-10-18 18:05:38 ----D---- C:\Users\Vojta\AppData\Roaming\Razer
2011-10-18 18:05:35 ----D---- C:\Program Files (x86)\Razer
2011-10-18 18:05:26 ----D---- C:\Users\Vojta\AppData\Roaming\InstallShield
2011-10-13 16:46:38 ----D---- C:\Users\Vojta\AppData\Roaming\MusicNet
2011-10-13 16:41:52 ----D---- C:\Program Files (x86)\BearShare Applications
2011-10-13 15:26:59 ----D---- C:\Windows\system32\SPReview
2011-10-13 15:26:24 ----D---- C:\Windows\system32\EventProviders
2011-10-12 23:26:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-12 23:26:02 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 23:26:01 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 23:26:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-12 23:26:00 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-12 23:26:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-12 23:26:00 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 23:26:00 ----A---- C:\Windows\system32\url.dll
2011-10-12 23:25:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-12 23:25:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-12 23:25:59 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 23:25:59 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 23:25:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-10-12 23:25:58 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-10-12 23:25:58 ----A---- C:\Windows\system32\jscript9.dll
2011-10-12 23:25:58 ----A---- C:\Windows\system32\jscript.dll
2011-10-12 23:25:58 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 23:25:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-12 23:25:56 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-12 23:25:55 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 23:25:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-12 23:25:53 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 19:50:08 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 19:46:55 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 19:46:54 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-12 19:46:53 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-12 19:46:53 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-12 19:46:53 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-12 19:46:53 ----A---- C:\Windows\system32\oleacc.dll

======List of files/folders modified in the last 1 month======

2011-11-08 23:46:20 ----D---- C:\Windows\Prefetch
2011-11-08 23:45:09 ----SHD---- C:\Windows\Installer
2011-11-08 23:45:04 ----SHD---- C:\System Volume Information
2011-11-08 23:37:25 ----D---- C:\Windows\System32
2011-11-08 23:37:25 ----D---- C:\Windows\inf
2011-11-08 23:37:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-08 23:31:30 ----D---- C:\Windows\system32\config
2011-11-08 23:28:26 ----RSD---- C:\Windows\assembly
2011-11-08 23:28:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-11-08 23:28:09 ----D---- C:\Windows\system32\cs-CZ
2011-11-08 23:26:28 ----D---- C:\Windows\Microsoft.NET
2011-11-08 23:26:12 ----D---- C:\Windows\SysWOW64
2011-11-08 23:26:09 ----D---- C:\Windows\SYSWOW64\en-US
2011-11-08 23:26:09 ----D---- C:\Windows\system32\en-US
2011-11-08 23:26:09 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-11-08 23:24:34 ----D---- C:\Windows
2011-11-08 23:00:19 ----D---- C:\Users\Vojta\AppData\Roaming\Winamp
2011-11-08 23:00:19 ----D---- C:\Users\Vojta\AppData\Roaming\uTorrent
2011-11-08 23:00:19 ----D---- C:\Users\Vojta\AppData\Roaming\DAEMON Tools Lite
2011-11-08 23:00:17 ----D---- C:\Windows\Panther
2011-11-08 23:00:17 ----D---- C:\Windows\Logs
2011-11-08 23:00:17 ----D---- C:\Windows\debug
2011-11-08 22:57:34 ----RD---- C:\Program Files
2011-11-08 22:34:26 ----D---- C:\Windows\system32\drivers
2011-11-08 22:32:15 ----D---- C:\Windows\Tasks
2011-11-08 22:32:15 ----D---- C:\Windows\system32\Tasks
2011-11-08 16:31:17 ----D---- C:\Windows\system32\drivers\etc
2011-11-08 16:30:27 ----D---- C:\Program Files (x86)
2011-11-07 20:08:36 ----D---- C:\Program Files (x86)\AV Digital Talking Parrot
2011-11-07 19:44:08 ----D---- C:\Windows\SYSWOW64\drivers
2011-11-04 23:22:20 ----A---- C:\Windows\system.ini
2011-11-04 23:20:13 ----D---- C:\Windows\AppPatch
2011-11-04 23:20:12 ----D---- C:\Program Files\Common Files
2011-11-04 23:20:12 ----D---- C:\Program Files (x86)\Common Files
2011-11-04 18:44:29 ----D---- C:\ProgramData
2011-11-04 16:32:23 ----D---- C:\Program Files (x86)\Java
2011-11-04 15:40:06 ----D---- C:\Windows\system32\catroot2
2011-11-04 15:24:30 ----D---- C:\Windows\system32\wdi
2011-11-03 04:28:30 ----D---- C:\Windows\system32\wfp
2011-11-03 04:28:30 ----D---- C:\Windows\system32\wbem
2011-11-03 04:28:29 ----D---- C:\Windows\system32\DriverStore
2011-11-03 04:28:29 ----D---- C:\Windows\system32\drivers\UMDF
2011-11-03 04:28:27 ----D---- C:\Windows\AppCompat
2011-11-03 04:28:27 ----D---- C:\ProgramData\OEM
2011-11-03 04:28:25 ----D---- C:\Windows\registration
2011-11-03 04:28:16 ----SD---- C:\Users\Vojta\AppData\Roaming\Microsoft
2011-11-02 19:09:09 ----D---- C:\Windows\system32\NDF
2011-10-26 16:08:11 ----D---- C:\ProgramData\Adobe
2011-10-26 16:08:10 ----D---- C:\Program Files (x86)\Adobe
2011-10-26 15:59:20 ----D---- C:\Program Files\Microsoft Security Client
2011-10-26 15:57:20 ----SD---- C:\ProgramData\Microsoft
2011-10-26 15:53:21 ----D---- C:\Program Files (x86)\Ubisoft
2011-10-25 18:48:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-15 14:00:24 ----D---- C:\Windows\winsxs
2011-10-14 21:53:52 ----D---- C:\Users\Vojta\AppData\Roaming\vlc
2011-10-14 10:34:37 ----D---- C:\Windows\system32\catroot
2011-10-14 10:30:11 ----D---- C:\ProgramData\boost_interprocess
2011-10-13 21:55:51 ----D---- C:\Windows\rescache
2011-10-13 15:37:39 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-10-13 15:37:39 ----D---- C:\Program Files (x86)\Windows Portable Devices
2011-10-13 15:37:39 ----D---- C:\Program Files (x86)\Windows Media Player
2011-10-13 15:37:39 ----D---- C:\Program Files (x86)\Windows Mail
2011-10-13 15:37:38 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-10-13 15:37:37 ----D---- C:\Program Files\Windows Sidebar
2011-10-13 15:37:37 ----D---- C:\Program Files\Windows Portable Devices
2011-10-13 15:37:37 ----D---- C:\Program Files\Windows Photo Viewer
2011-10-13 15:37:37 ----D---- C:\Program Files\Windows Media Player
2011-10-13 15:37:37 ----D---- C:\Program Files\Windows Mail
2011-10-13 15:37:37 ----D---- C:\Program Files\Windows Journal
2011-10-13 15:37:37 ----D---- C:\Program Files\DVD Maker
2011-10-13 15:37:36 ----D---- C:\Windows\servicing
2011-10-13 15:37:36 ----D---- C:\Program Files\Windows Defender
2011-10-13 15:37:35 ----D---- C:\Windows\ehome
2011-10-13 15:37:30 ----D---- C:\Windows\SYSWOW64\Setup
2011-10-13 15:37:30 ----D---- C:\Windows\SYSWOW64\oobe
2011-10-13 15:37:30 ----D---- C:\Windows\SYSWOW64\migration
2011-10-13 15:37:30 ----D---- C:\Windows\SYSWOW64\da-DK
2011-10-13 15:37:30 ----D---- C:\Windows\SYSWOW64\cs
2011-10-13 15:37:30 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2011-10-13 15:37:29 ----D---- C:\Windows\SYSWOW64\wbem
2011-10-13 15:37:29 ----D---- C:\Windows\SYSWOW64\sppui
2011-10-13 15:37:29 ----D---- C:\Windows\SYSWOW64\manifeststore
2011-10-13 15:37:29 ----D---- C:\Windows\SYSWOW64\es-ES
2011-10-13 15:37:28 ----D---- C:\Windows\SYSWOW64\migwiz
2011-10-13 15:37:28 ----D---- C:\Windows\SYSWOW64\Dism
2011-10-13 15:37:18 ----D---- C:\Windows\system32\Setup
2011-10-13 15:37:18 ----D---- C:\Windows\system32\oobe
2011-10-13 15:37:18 ----D---- C:\Windows\system32\migration
2011-10-13 15:37:18 ----D---- C:\Windows\system32\da-DK
2011-10-13 15:37:18 ----D---- C:\Windows\system32\cs
2011-10-13 15:37:18 ----D---- C:\Windows\system32\AdvancedInstallers
2011-10-13 15:37:17 ----D---- C:\Windows\system32\sppui
2011-10-13 15:37:17 ----D---- C:\Windows\system32\manifeststore
2011-10-13 15:37:17 ----D---- C:\Windows\system32\es-ES
2011-10-13 15:37:17 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-10-13 15:37:16 ----D---- C:\Windows\system32\migwiz
2011-10-13 15:37:16 ----D---- C:\Windows\system32\Dism
2011-10-13 15:37:07 ----RSD---- C:\Windows\Fonts
2011-10-13 15:37:00 ----D---- C:\Windows\system32\Boot
2011-10-13 15:33:12 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2011-10-13 15:33:12 ----A---- C:\Windows\system32\msclmd.dll
2011-10-13 08:15:42 ----D---- C:\Program Files\Internet Explorer
2011-10-13 08:15:42 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-13 08:15:39 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-12 23:26:57 ----A---- C:\Windows\system32\MRT.exe
2011-10-12 23:26:38 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-02 537112]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-16 834544]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R3 AVer7231_x64;AVerMedia 7231 capture service; C:\Windows\system32\DRIVERS\AVer7231_x64.sys [2009-08-24 1622528]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-02-24 2217504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-01-27 86120]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 aure53o6;aure53o6; C:\Windows\system32\drivers\aure53o6.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-02-17 151144]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-09-25 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-09-25 103736]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2010-02-03 244904]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
R2 USBS3S4Detection;USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-11-05 419624]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-26 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-12 1255736]

-----------------EOF-----------------

#38 Příspěvek od **Mc_Murphy** » 09 lis 2011 06:50

S MiliNess jsi to udělal dobře, protože co se týče těchto specifických problémů, ví toho opravdu hodně.
S tímto problémem jsem se tu již párkrát setkal, ale nikdy se mi ho nepodařilo vyřešit. Pokud v tomhle neví nic víc MiliNess, tak už asi nikdo. Tady už nezbývá asi nic jiného, než se s přesným popisem chyby obrátit přímo na MS podporu. Kamarád za systém jistě zaplatil, tudíž má na podporu právo.

Mě napadá jen kompletní odinstalace .NET Framework, restart, vyčištění registrů CCleanerem a nainstalovat poslední verzi .NET Framework znovu na čisto, ale tos asi provedl.
Dále bych zkusil provést aktualizace přímo z webového rozhraní přes Windows Update. Jinak mě opravdu už nic nenapadá.

Napsal jsem ještě dalšímu kolegovi, jestli ho něco nenapadá.

#39 Příspěvek od **Mc_Murphy** » 09 lis 2011 12:48

Postupy z těchto stránek jsi zkoušel?

radim30 · #40 Příspěvek od **radim30** » 09 lis 2011 16:22

Dobrý den,

tak aplikoval jsem návod z odkazovaných MS stránek (atumatická oprava), zkusil aktualizace, ale pořád nic.

Od začátku těch pokusů o aktualizaci zkouším jenom antivir MSE ve volitelných akzualizacích. Jen tak jsem zkusil něco jiného a AKTUALIZACE JELY V POHODĚ! Zkusil jsem tedy AV MSE stáhnout a nainstalovat manuálně, v tomto případě se to taky nepovedlo a ukázala se chyba 0x80070643. U aktualizací když zkusím MSE, tak to ukazuje 80070643, tzn. jde o ten stejný error.

Nevíte, prosím, čím by to mohlo být? Kámoš by antivir měnit nechtěl, takže pokud možno aby zase šel nainstalovat ten antivirus. Čištění po MSE jsme již prováděli, hned jako první v čišťovacím procesu, který jste nám posílal. Zachovali jsme i pořadí programů, v jakém se mají aplikovat.

Mohl byste se nám kdyžtak prosím ještě kouknout na ten LOG z RSITu? Je to už log ze stavu, kdy by tam nic nemělo být, vše vyčištěné, akorát ten antivir ještě nejede. LOG je o 3 příspěvky výše (Napsal: včera, 23:57).

Předem moc děkuji.

MiliNess · #41 Příspěvek od **MiliNess** » 09 lis 2011 16:45

Ahoj, omlouvám se za vstup. Můžeš najít instalační protokol MSE (měl by být v C:\ProgramData\Microsoft\Microsoft Security Essentials\Support\msseInstall.txt) a upnout ho?

radim30 · #42 Příspěvek od **radim30** » 09 lis 2011 16:51

Ahoj, psal jsem PM, jelikož jsem slyšel, že se orientuješ skrz věci v rámci Windows, ne ani tak viry.

Takže se není za co omlouvat, naopak děkuju za rychlou reakci

Tady je potřebný soubor:

Kód: Vybrat vše

http://leteckaposta.cz/106350299

MiliNess · #43 Příspěvek od **MiliNess** » 09 lis 2011 17:27

Vypadáto, že instalátoru MSE se nelíbí, že Newer version already installed
Doporučuji odstranit stávající verzi a pak se znovu pokusit o instalaci.
Zde nějaké užitečné informace

radim30 · #44 Příspěvek od **radim30** » 10 lis 2011 18:32

Dobrý den,

právě teď jsme to vyzkoušeli, při postupování návodem na manuální smazání jsem prošel všechny kroky, ale všude mě to hlásilo, že nic takového v PC (už) nemám. Nejdřív ukončení procesu msseces.exe, který vůbec nebyl mezi běžícími, tak si říkám, OK, aspoň tohle mám z krku. Jdu na další, což je zadání příkazu net stop msmpsvc, ale k mému (až ani ne moc) překvapení žádná taková věc neexistovala. Co se týče registrů, tak naprosto to stejné. Žádné takové složky tam nebyly. Když jsem celý registr progledal na "Microsoft Security Essentials", vůbec nic to nenašlo! Když jsem jej prohledal na "Microsoft Antimalware", našlo to 3 klíče, které jsem hned odstranil. Poté jsem zkusil antivir a stále nainstalovat nešel.

Dle mého byl tento manuální návod pro kompletní odstranění MSE s tím, že jen jenom smažete v Program Files a následně abyste si dočistili PC. Což ale my jsme již udělali pomocí těch 2 cleanerů speciálně vytvořených na MSE, takže si nemyslím, že tohle byla potřeba.

Má ještě někdo, prosím, nějaké nápady čím by toto mohlo být zapříčiněno?

Předem děkuji.

MiliNess · #45 Příspěvek od **MiliNess** » 10 lis 2011 18:58

Mohlo by se to motat kolem GUID hodnoty {42738DB0-FC3E-4672-A99B-9372F5696E30} v registru.
Zkus se podívat, k čemu patří.
Jinak bych doporučoval stáhnout Process Monitor, spustit ho, pak spustit instalátor MSE, po neůspěšném dokončení instalace kliknou v PM na ikonu lupy - Capture (nebo stisknout Ctrl+E). Pak v nabídce File zvolíš Save, vybereš All Events a uložíš události jako PML soubor. Ten zabal v RARu a někam mi ho upni.

VIRY.CZ

Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir

Re: Facebook vir