Nelze otevřít soubory EXE - pouze jako správce

Zpráva

richi4ever · #1 Příspěvek od **richi4ever** » 30 bře 2010 23:54

Dobrý den, používám Google Chroom na win7 a dnes mi nechtěla najet stránka, proto jsem zvolil Mozzilu kterou v podstatě vůbec nepoužívám a v tom vyjel windows deffender a něco křičel HIJACK a automaticky mi vypnul ESSET, nevěděl jsem co to je a a počítač jsem restartoval, chtěl jsem spustit ESET ale jako by tam nebyl, přitom nainstalovaný byl. Nechal jsem to vyčistit CCleanrem a nootebook restartoval, od té doby mi nejdou spusti soubory EXE. Vždy to napíše: K souboru není přidružen program, který by mohl tuto akci provést. Nainstalujte potřebný program, pokud je již nainstalovaný, vytvořte přidružení pomocí ovládacího panelu Výchozí programy".Spustím to pouze, když na ně kliknu pravým a spustit jako správce. Ale i přesto některé programy nelze spustit.

Moc Vás prosím o pomoc mého problému.

Proto jsem Vám chtěl poslat RSIT ale při spuštění (jako správce) mi najížděl HIJACK THIS a v tom skočilo okénko s textem : " K souboru není přidružen program, který by mohl tuto akci provést. Nainstalujte potřebný program, pokud je již nainstalovaný, vytvořte přidružení pomocí ovládacího panelu Výchozí programy". Dak jsem OK a napsalo mi to "Error: Variable used without being declared.

Proto jsem stáhnul Hijackthis z www.hijackthis.cz a zde ho posílam. Zda to nějak pomůže.Jiná možnost mě nenapadla.

Předem moc děkuji.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:48:17, on 31.3.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\RocketDock\RocketDock .exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Richi\Desktop\hijackthis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\system32\tsnp2std.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock .exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3310651923-3931097451-1174285733-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Richi test')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - http://intel-drv-cdn.systemrequirements ... b_srlx.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 5123 bytes

#2 Příspěvek od **motji** » 31 bře 2010 07:03

Dobré ranko

z přílohy si stahněte soubor,
-rozbalte ho
- poklepejte na něj, nechejte přidat do registrů .

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
(nechejte restartovat počítač)

Combofix stahněte takto:
- pravým myšítkem klikněte na odkaz combofixu --uložit jako.. ,a teď ho přejmenujte na Potvora.com a uložte.

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

richi4ever · #3 Příspěvek od **richi4ever** » 31 bře 2010 09:38

Dobré ranko

Bohužel mi nejde spusti ani ten xp_exe_fix. Napíše mi to sice jestli chci povolit přidat do registru atd.........ale ihned po dkliknutí ok jelikož mi opět píše že xp_exe_fix\xp.exe_fix.reg nelze importovat: Do registru se nepodařilo úspěšně zadat všechna data. Některé klíče jsou otevřeny systémem nebo jinými procesy . A možnost spustit jako správce tam bohužel není

#4 Příspěvek od **motji** » 31 bře 2010 09:39

v nouzovém režimu zkuste spustit přejmenovaný combofix na Potvora.com

richi4ever · #5 Příspěvek od **richi4ever** » 31 bře 2010 09:48

Takže nemám ani stahovat to OTC ale hned stáhnout a spustit combofix? Protože když mi nejelel ten reg. tak jsem dále ani podle toho prvního postupu nepostupoval.

#6 Příspěvek od **motji** » 31 bře 2010 09:55

Ten OTC vyčistí tempy, klidně ho stahněte a použijte, a po restartu rovnou nabootujte do nouzového režimu (mačkejte F8)

richi4ever · #7 Příspěvek od **richi4ever** » 31 bře 2010 13:26

Tak OTC už vyčistilo, spustil jsem i combofix a tady je Report:

ComboFix 10-03-29.04 - Richi 31.03.2010 14:42:18.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.1534.971 [GMT 2:00]
Spuštěný z: c:\users\Richi\Desktop\Potvora.com.exe
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\vsnp2std .exe

Nakažená kopie c:\windows\system32\DRIVERS\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - Kitty ate it :p
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-28 do 2010-03-31 )))))))))))))))))))))))))))))))
.

2010-03-31 05:22 . 2010-02-23 07:56 977920 ----a-w- c:\windows\system32\wininet.dll
2010-03-30 22:38 . 2010-03-30 22:44 -------- d-----w- c:\program files\trend micro
2010-03-30 21:09 . 2010-03-30 21:09 -------- d-----w- C:\abc
2010-03-30 20:07 . 2010-03-30 20:07 -------- d-----w- c:\users\Richi\AppData\Local\Apps
2010-03-30 19:07 . 2010-03-30 19:07 -------- d-----w- c:\users\Richi\AppData\Local\ESET
2010-03-30 18:32 . 2010-03-30 18:47 -------- d-----w- C:\AdobeTemp
2010-03-30 18:08 . 2010-03-30 18:31 -------- d-----w- c:\program files\Lavasoft
2010-03-18 08:42 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-17 19:49 . 2010-03-17 19:49 -------- d-----w- c:\users\Richi\AppData\Local\Sam Francke

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-31 12:48 . 2010-02-04 17:48 -------- d-----w- c:\program files\Common Files\Akamai
2010-03-31 08:21 . 2009-07-14 08:44 622660 ----a-w- c:\windows\system32\perfh005.dat
2010-03-31 08:21 . 2009-07-14 08:44 118810 ----a-w- c:\windows\system32\perfc005.dat
2010-03-30 20:28 . 2009-12-09 03:18 -------- d-----w- c:\program files\RocketDock
2010-03-30 18:48 . 2010-02-23 08:29 -------- d-----w- c:\program files\Fotolab
2010-03-30 18:45 . 2009-12-08 23:25 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-30 18:38 . 2009-12-09 04:30 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-03-30 18:08 . 2010-01-26 09:03 -------- d-----w- c:\program files\Google
2010-03-30 17:48 . 2010-02-28 16:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-03-30 14:30 . 2009-12-09 15:01 -------- d-----w- c:\program files\QuickTime
2010-03-29 18:01 . 2009-12-09 04:23 -------- d-----w- c:\users\Richi\AppData\Roaming\uTorrent
2010-02-28 17:46 . 2010-02-28 16:12 -------- d-----w- c:\program files\Ubisoft
2010-02-28 17:46 . 2009-12-08 23:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-28 16:25 . 2010-02-28 16:25 -------- d-----w- c:\users\Richi\AppData\Roaming\InstallShield
2010-02-28 16:25 . 2010-02-28 16:25 -------- d-----w- c:\programdata\InstallShield
2010-02-28 16:12 . 2009-12-08 23:18 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-24 09:16 . 2009-12-08 22:52 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 08:36 . 2010-02-23 08:36 -------- d-----w- c:\programdata\hps
2010-02-16 16:59 . 2010-02-16 16:59 -------- d-----w- c:\users\Richi\AppData\Roaming\Publish Providers
2010-02-16 16:59 . 2010-02-16 16:53 -------- d-----w- c:\users\Richi\AppData\Roaming\Sony
2010-02-16 16:48 . 2010-02-16 16:48 -------- d-----w- c:\programdata\Sony
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\users\Richi\AppData\Roaming\AdobeSupportAdvisor.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\program files\AdobeSupportAdvisor
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-02-16 15:11 . 2010-03-30 21:00 38784 ----a-w- c:\users\Richi test\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-16 15:11 . 2010-02-16 15:12 38784 ----a-w- c:\users\Richi\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-16 15:11 . 2010-02-16 15:12 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-15 23:29 . 2010-02-15 23:25 -------- d-----w- c:\program files\Project64 1.6
2010-02-15 10:41 . 2009-12-09 00:01 108464 ----a-w- c:\users\Richi\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-12 11:52 . 2009-12-09 00:25 -------- d-----w- c:\programdata\Microsoft Help
2010-02-07 11:09 . 2010-02-04 10:50 -------- d-----w- c:\program files\SuperDVD Video Editor
2010-02-04 19:45 . 2009-12-09 14:30 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-04 19:43 . 2010-02-04 11:41 794 ---ha-w- C:\os117275.bin
2010-02-04 11:53 . 2010-02-04 11:53 -------- d-----w- c:\users\Richi\AppData\Roaming\AnvSoft
2010-02-04 11:25 . 2010-02-04 11:25 -------- d-----w- c:\program files\Common Files\Vbox
2010-02-04 00:23 . 2010-02-04 00:23 -------- d-----w- c:\program files\CountDown ShutDown PC
2010-02-02 07:45 . 2010-02-24 05:56 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-18 23:29 . 2010-02-10 08:26 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 08:26 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 08:26 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 08:26 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 08:26 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 08:26 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 08:26 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 08:26 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-08 03:18 . 2010-02-10 08:27 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 08:27 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

Kód: Vybrat vše

<pre>
c:\program files\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM .exe
c:\program files\DAEMON Tools Lite\DTLite .exe
c:\program files\ESET\ESET Smart Security\egui .exe
c:\program files\Java\jre6\bin\jusched .exe
c:\program files\Microsoft Office\Office12\GrooveMonitor .exe
c:\program files\QuickTime\QTTask  .exe
c:\program files\RocketDock\RocketDock   .exe
c:\program files\RocketDock\RocketDock  .exe
c:\program files\RocketDock\RocketDock .exe
c:\program files\Seznam\Postak\Postak .exe
</pre>

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock .exe" [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask .exe -atboottime" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"tsnp2std"="c:\windows\system32\tsnp2std.exe" [2005-12-27 122880]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 135664]
R3 athrusb;TP-LINK Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2007-08-17 891392]
R3 bpenum;Intel(R) WiMAX Link Enumerator;c:\windows\system32\DRIVERS\bpenum.sys [2009-07-30 56320]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-08 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 38240]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-03-18 520704]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'

2010-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 18:08]

2010-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 18:08]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\55n1vqer.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-dmboot.sys
SafeBoot-dmio.sys
SafeBoot-dmload.sys
SafeBoot-dmadmin
SafeBoot-dmserver
SafeBoot-SRService
AddRemove-HijackThis - e:\stažené soubory\Stáhnuté soubory\HijackThis.exe

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.032"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.abr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ani"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.arw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bay"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bmp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cr2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.crw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cs1"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cur"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dib"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djv"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djvu"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dng"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.emf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.eps"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.erf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fpx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.gif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.hdr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icl"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icn"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ilbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.int"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.inta"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iw4"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2c"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2k"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jbr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jfif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jp2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpe"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpeg"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-3310651923-3931097451-1174285733-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpk"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.kdc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.lbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mos"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mrw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.nef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.orf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcd"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pct"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pgm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pic"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pict"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pix"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.png"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ppm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psd"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspbrush"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspimage"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ras"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgb"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgba"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rle"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rsb"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sgi"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sr2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.srf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tga"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.thm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tiff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbmp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wmf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xpm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Premiere Pro\1.5\DefaultPreset]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Settings\\DV - NTSC\\Standard 48kHz.prpreset"

[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Premiere Pro\1.5\Help]
@DACL=(02 0000)
"AdobeMediaEncoder"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_0_0_0.html"
"Contents"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_0_0_0.html"
"ExportToDVD"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_19_2_0.html"
"HowToUse"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\0_0_0_0.html"
"Keyboard"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_21_0_0.html"
"Search"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\search.html"
"Support"="http://www.adobe.com/support/products/premiere.html"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="095B77C875896336EB921585FB58F7762CCBE4C245E73E92952697E251BF8CC351B3C32557CED47D9DD2F4FC4BE13AAF9ECBC731ECEFB85033409DD4EB2CDB39606BD48A1CF60550CEB41E973490C0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DFEBC9E127BECC74CBA7FD869164D679479C270058634FE95CD5C50FB7522DF5EF22BEFAB26199103E86CD4C4391BD3F1DCABA9DE29741558D1404A495A8031F79FD2A6E982F6708B3CFC73275A52E9C05F70286CA644253A66B2D2350632142A1567B8AA1C4B60F7A1ABC0D6032B7DF4127EBBDD0F0D12A468BD70CD650A36129DAC7F80DEF173B5ED940D07BB28256F786BC925AB1A9A092A0C3C699D3E954F7687E8406AA90D35ECF63AABC1B049108AED487A741CCBD96E71E21E07E58606D301F8021513666D5E3442FE0890294034E245D899A7080FF0E0A649AA8131DFDAC8C324E5370CD67354AE0232765568D5C9E0FE7DB507245CF3DA8B4AEE100A24307547997D5EEF56029D731B7634F743C64F70B621D29953E7E94759F675343F2C4BD0223714B99E8B445CD0887FE1C42159730E2C4BF1E99DD1A5FC4182932DD717682215B3BADDE569841486441C15455A94047A223529982314935BB0606570C07D72AD9A7B952567FA5930662366C242A14B14DD700F0382BFAAB6CA57D0D7C040207BFA0BBC852F924BAA1972DACD96AE48E45A300C2AAA2087A871B84D94A6A56CDC577A4066C2E048FAE7100C3EEE12973FC58B84FCE76BA0EA174AACCF94E6CA948ADEFCC9B9BF600EAF00848F77E708D5A318D2139B1D219A05D43657C0016448BF5247D7BFCD593223CEC463718F9942C971C2A2BB77E8B857A3A39E74B59583F872E55914ECAD9C460A42FA2FAA0500E238168ACF7D8CABFA08A1B98F8A6E338AE0933F88C30AE27544E2BF9A2235EF6F9002CA77F6D13CB65654E30347332B9D43FE1B073B4F80DB15833EAF9FC555BF20AE0962703597A1E7CF79D5F8DD222D434C2588031456FC96F424FE138CD9FB14B98D563B665026981F7E227299300C8F91B71D8CA2A62D677A482C308D0A9E9B3445AC69C85A85C9C01695C747555FD75AD0E80E7699182ACBA070EC85D5F66A234153547490D2DFA50D7452FBF41D53A494210243B9B98516481604E19127B8FE364918B2AE76433450922F00D315BA654993A56D7666247881FE7644F52641357D27148557AB6147F05B404F1CE64C02D99DFB0E24C0B4862F1F86849E3F432793136D9F1002A9AB24CCA91BDD86C8D655334AF2F943E9C8D87F3BAC0E9004A9194C8C68C05D12A346F854C78ABDF6B0EEDB1C1E12BDFABBAA3ADF7BA58D4A0653231CFB387691E4D308ED6D78299FD47DB23EC4ECD0A14F"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2072)
c:\program files\RocketDock\RocketDock.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2010-03-31 14:52:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-31 12:52

Před spuštěním: Volných bajtů: 10 403 274 752
Po spuštění: Volných bajtů: 10 174 898 176

- - End Of File - - B9EF8B46ACE282E0D4D8C6535AA017E5

#8 Příspěvek od **motji** » 31 bře 2010 15:50

Ještě se zapotíme

tuto složku znáte?
C:\abc

exe soubory už jdou spouštět? Jak to vypadá s počítačem?

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

RenV::
c:\program files\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM .exe
c:\program files\DAEMON Tools Lite\DTLite .exe
c:\program files\ESET\ESET Smart Security\egui .exe
c:\program files\Java\jre6\bin\jusched .exe
c:\program files\Microsoft Office\Office12\GrooveMonitor .exe
c:\program files\QuickTime\QTTask  .exe
c:\program files\RocketDock\RocketDock   .exe
c:\program files\RocketDock\RocketDock  .exe
c:\program files\RocketDock\RocketDock .exe
c:\program files\Seznam\Postak\Postak .exe

Folder::
c:\program files\Common Files\Akamai

Driver::
Akamai

Netsvc::
Akamai

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-

DDS::
uStart Page = hxxp://www.daemon-search.com/startpage

Firefox::
FF - ProfilePath - c:\users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\55n1vqer.default\
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?tool ... m-1.0.0&q=

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

richi4ever · #9 Příspěvek od **richi4ever** » 31 bře 2010 16:30

Ještě se zapotím? A ja ja jaj

C:abc tam mám

ale nic tam není

Noťas jakž takž, je trošku pomalý....
S tím combofixem jsem to udělal a najelo to normálně, tady je report:

ComboFix 10-03-29.04 - Richi 31.03.2010 17:15:37.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.1534.936 [GMT 2:00]
Spuštěný z: c:\users\Richi\Desktop\Potvora.com.exe
Použité ovládací přepínače :: c:\users\Richi\Desktop\CFScript.txt
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\Akamai
c:\program files\Common Files\Akamai\AdminTool.exe
c:\program files\Common Files\Akamai\appregistry.dat
c:\program files\Common Files\Akamai\Cache\73f18d23945c01b90c34c4b4814e500c6592f1ba.rsmd
c:\program files\Common Files\Akamai\Cache\aae08079f9738e42c1db2a9f9bf28a206d09766c.rsmd
c:\program files\Common Files\Akamai\client.ini
c:\program files\Common Files\Akamai\client.ini.json
c:\program files\Common Files\Akamai\data.dat
c:\program files\Common Files\Akamai\debug.log
c:\program files\Common Files\Akamai\guid.ini
c:\program files\Common Files\Akamai\Readme.txt
c:\program files\Common Files\Akamai\root.pem
c:\program files\Common Files\Akamai\rswin_3648.dll
c:\program files\Common Files\Akamai\rswinui.exe
c:\program files\Common Files\Akamai\uninstall.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Akamai

((((((((((((((((((((((((( Soubory vytvořené od 2010-02-28 do 2010-03-31 )))))))))))))))))))))))))))))))
.

2010-03-31 15:21 . 2010-03-31 15:23 -------- d-----w- c:\users\Richi\AppData\Local\temp
2010-03-31 15:21 . 2010-03-31 15:21 -------- d-----w- c:\users\Richi test\AppData\Local\temp
2010-03-31 15:21 . 2010-03-31 15:21 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-31 15:21 . 2010-03-31 15:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-31 05:22 . 2010-02-23 07:56 977920 ----a-w- c:\windows\system32\wininet.dll
2010-03-30 22:38 . 2010-03-30 22:44 -------- d-----w- c:\program files\trend micro
2010-03-30 21:09 . 2010-03-30 21:09 -------- d-----w- C:\abc
2010-03-30 20:07 . 2010-03-30 20:07 -------- d-----w- c:\users\Richi\AppData\Local\Apps
2010-03-30 19:07 . 2010-03-30 19:07 -------- d-----w- c:\users\Richi\AppData\Local\ESET
2010-03-30 18:32 . 2010-03-30 18:47 -------- d-----w- C:\AdobeTemp
2010-03-30 18:08 . 2010-03-30 18:31 -------- d-----w- c:\program files\Lavasoft
2010-03-18 08:42 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-17 19:49 . 2010-03-17 19:49 -------- d-----w- c:\users\Richi\AppData\Local\Sam Francke

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-31 15:15 . 2009-12-09 03:18 -------- d-----w- c:\program files\RocketDock
2010-03-31 15:15 . 2009-12-09 15:01 -------- d-----w- c:\program files\QuickTime
2010-03-31 15:15 . 2010-02-28 16:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-03-31 08:21 . 2009-07-14 08:44 622660 ----a-w- c:\windows\system32\perfh005.dat
2010-03-31 08:21 . 2009-07-14 08:44 118810 ----a-w- c:\windows\system32\perfc005.dat
2010-03-30 18:48 . 2010-02-23 08:29 -------- d-----w- c:\program files\Fotolab
2010-03-30 18:45 . 2009-12-08 23:25 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-30 18:38 . 2009-12-09 04:30 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-03-30 18:08 . 2010-01-26 09:03 -------- d-----w- c:\program files\Google
2010-03-29 18:01 . 2009-12-09 04:23 -------- d-----w- c:\users\Richi\AppData\Roaming\uTorrent
2010-02-28 17:46 . 2010-02-28 16:12 -------- d-----w- c:\program files\Ubisoft
2010-02-28 17:46 . 2009-12-08 23:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-28 16:25 . 2010-02-28 16:25 -------- d-----w- c:\users\Richi\AppData\Roaming\InstallShield
2010-02-28 16:25 . 2010-02-28 16:25 -------- d-----w- c:\programdata\InstallShield
2010-02-28 16:12 . 2009-12-08 23:18 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-24 09:16 . 2009-12-08 22:52 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 08:36 . 2010-02-23 08:36 -------- d-----w- c:\programdata\hps
2010-02-16 16:59 . 2010-02-16 16:59 -------- d-----w- c:\users\Richi\AppData\Roaming\Publish Providers
2010-02-16 16:59 . 2010-02-16 16:53 -------- d-----w- c:\users\Richi\AppData\Roaming\Sony
2010-02-16 16:48 . 2010-02-16 16:48 -------- d-----w- c:\programdata\Sony
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\users\Richi\AppData\Roaming\AdobeSupportAdvisor.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\program files\AdobeSupportAdvisor
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-02-16 15:11 . 2010-03-30 21:00 38784 ----a-w- c:\users\Richi test\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-16 15:11 . 2010-02-16 15:12 38784 ----a-w- c:\users\Richi\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-16 15:11 . 2010-02-16 15:12 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-15 23:29 . 2010-02-15 23:25 -------- d-----w- c:\program files\Project64 1.6
2010-02-15 10:41 . 2009-12-09 00:01 108464 ----a-w- c:\users\Richi\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-12 11:52 . 2009-12-09 00:25 -------- d-----w- c:\programdata\Microsoft Help
2010-02-07 11:09 . 2010-02-04 10:50 -------- d-----w- c:\program files\SuperDVD Video Editor
2010-02-04 19:45 . 2009-12-09 14:30 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-04 19:43 . 2010-02-04 11:41 794 ---ha-w- C:\os117275.bin
2010-02-04 11:53 . 2010-02-04 11:53 -------- d-----w- c:\users\Richi\AppData\Roaming\AnvSoft
2010-02-04 11:25 . 2010-02-04 11:25 -------- d-----w- c:\program files\Common Files\Vbox
2010-02-04 00:23 . 2010-02-04 00:23 -------- d-----w- c:\program files\CountDown ShutDown PC
2010-02-02 07:45 . 2010-02-24 05:56 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-18 23:29 . 2010-02-10 08:26 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 08:26 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 08:26 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 08:26 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 08:26 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 08:26 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 08:26 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 08:26 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-08 03:18 . 2010-02-10 08:27 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 08:27 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

Kód: Vybrat vše

<pre>
c:\program files\ESET\ESET Smart Security\egui .exe
</pre>

((((((((((((((((((((((((((((( SnapShot@2010-03-31_12.49.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:55 . 2010-03-31 12:51 36192 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2010-03-31 15:24 36192 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-12-08 22:32 . 2010-03-31 12:18 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-08 22:32 . 2010-03-31 12:51 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-08 22:32 . 2010-03-31 12:51 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-08 22:32 . 2010-03-31 12:18 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:41 . 2010-03-31 12:18 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:41 . 2010-03-31 12:51 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-08 22:43 . 2010-03-31 15:23 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 22:43 . 2010-03-31 15:23 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-08 22:43 . 2010-03-31 15:23 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-08 22:43 . 2010-03-31 15:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-08 23:03 . 2010-03-31 15:10 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-08 23:03 . 2010-03-31 12:16 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 23:03 . 2010-03-31 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
- 2009-12-08 23:03 . 2010-03-31 12:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-12-08 23:03 . 2010-03-31 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-12-08 23:03 . 2010-03-31 12:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 22:43 . 2010-03-31 15:23 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-08 22:43 . 2010-03-31 15:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-08 22:38 . 2010-03-31 15:24 9202 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3310651923-3931097451-1174285733-1000_UserData.bin
- 2010-03-31 12:41 . 2010-03-31 12:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-03-31 12:41 . 2010-03-31 15:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-03-31 12:41 . 2010-03-31 15:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-03-31 12:41 . 2010-03-31 12:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-09 20:20 . 2010-03-31 15:06 284078 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock .exe" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"tsnp2std"="c:\windows\system32\tsnp2std.exe" [2005-12-27 122880]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 135664]
R3 bpenum;Intel(R) WiMAX Link Enumerator;c:\windows\system32\DRIVERS\bpenum.sys [2009-07-30 56320]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-08 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 38240]
S3 athrusb;TP-LINK Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2007-08-17 891392]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-03-18 520704]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'

2010-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 18:08]

2010-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 18:08]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\55n1vqer.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Akamai - c:\program files\Common Files\Akamai\uninstall.exe

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.032"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.abr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ani"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.arw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bay"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bmp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cr2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.crw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cs1"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cur"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dib"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djv"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djvu"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dng"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.emf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.eps"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.erf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fpx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.gif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.hdr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icl"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icn"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ilbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.int"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.inta"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iw4"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2c"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2k"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jbr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jfif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jp2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpe"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpeg"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-3310651923-3931097451-1174285733-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpk"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.kdc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.lbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mos"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mrw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.nef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.orf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcd"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pct"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pgm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pic"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pict"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pix"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.png"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ppm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psd"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspbrush"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspimage"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ras"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgb"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgba"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rle"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rsb"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sgi"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sr2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.srf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tga"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.thm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tiff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbmp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wmf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xpm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Premiere Pro\1.5\DefaultPreset]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Settings\\DV - NTSC\\Standard 48kHz.prpreset"

[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Premiere Pro\1.5\Help]
@DACL=(02 0000)
"AdobeMediaEncoder"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_0_0_0.html"
"Contents"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_0_0_0.html"
"ExportToDVD"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_19_2_0.html"
"HowToUse"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\0_0_0_0.html"
"Keyboard"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_21_0_0.html"
"Search"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\search.html"
"Support"="http://www.adobe.com/support/products/premiere.html"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="095B77C875896336EB921585FB58F7762CCBE4C245E73E92952697E251BF8CC351B3C32557CED47D9DD2F4FC4BE13AAF9ECBC731ECEFB85033409DD4EB2CDB39606BD48A1CF60550CEB41E973490C0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DFEBC9E127BECC74CBA7FD869164D679479C270058634FE95CD5C50FB7522DF5EF22BEFAB26199103E86CD4C4391BD3F1DCABA9DE29741558D1404A495A8031F79FD2A6E982F6708B3CFC73275A52E9C05F70286CA644253A66B2D2350632142A1567B8AA1C4B60F7A1ABC0D6032B7DF4127EBBDD0F0D12A468BD70CD650A36129DAC7F80DEF173B5ED940D07BB28256F786BC925AB1A9A092A0C3C699D3E954F7687E8406AA90D35ECF63AABC1B049108AED487A741CCBD96E71E21E07E58606D301F8021513666D5E3442FE0890294034E245D899A7080FF0E0A649AA8131DFDAC8C324E5370CD67354AE0232765568D5C9E0FE7DB507245CF3DA8B4AEE100A24307547997D5EEF56029D731B7634F743C64F70B621D29953E7E94759F675343F2C4BD0223714B99E8B445CD0887FE1C42159730E2C4BF1E99DD1A5FC4182932DD717682215B3BADDE569841486441C15455A94047A223529982314935BB0606570C07D72AD9A7B952567FA5930662366C242A14B14DD700F0382BFAAB6CA57D0D7C040207BFA0BBC852F924BAA1972DACD96AE48E45A300C2AAA2087A871B84D94A6A56CDC577A4066C2E048FAE7100C3EEE12973FC58B84FCE76BA0EA174AACCF94E6CA948ADEFCC9B9BF600EAF00848F77E708D5A318D2139B1D219A05D43657C0016448BF5247D7BFCD593223CEC463718F9942C971C2A2BB77E8B857A3A39E74B59583F872E55914ECAD9C460A42FA2FAA0500E238168ACF7D8CABFA08A1B98F8A6E338AE0933F88C30AE27544E2BF9A2235EF6F9002CA77F6D13CB65654E30347332B9D43FE1B073B4F80DB15833EAF9FC555BF20AE0962703597A1E7CF79D5F8DD222D434C2588031456FC96F424FE138CD9FB14B98D563B665026981F7E227299300C8F91B71D8CA2A62D677A482C308D0A9E9B3445AC69C85A85C9C01695C747555FD75AD0E80E7699182ACBA070EC85D5F66A234153547490D2DFA50D7452FBF41D53A494210243B9B98516481604E19127B8FE364918B2AE76433450922F00D315BA654993A56D7666247881FE7644F52641357D27148557AB6147F05B404F1CE64C02D99DFB0E24C0B4862F1F86849E3F432793136D9F1002A9AB24CCA91BDD86C8D655334AF2F943E9C8D87F3BAC0E9004A9194C8C68C05D12A346F854C78ABDF6B0EEDB1C1E12BDFABBAA3ADF7BA58D4A0653231CFB387691E4D308ED6D78299FD47DB23EC4ECD0A14F"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2010-03-31 17:26:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-31 15:26
ComboFix2.txt 2010-03-31 12:52

Před spuštěním: Volných bajtů: 10 212 564 992
Po spuštění: Volných bajtů: 10 170 691 584

- - End Of File - - 242C773DBB707602271638D54B670942

#10 Příspěvek od **motji** » 31 bře 2010 18:49

Tu složku ABC v počítači máte, to vidím

, ale znáte ji?

Ještě Vás poprosím, je pro Vás problém přeinstalovat RocketDock?

richi4ever · #11 Příspěvek od **richi4ever** » 31 bře 2010 21:03

Tu složku ABC neznám nebyla tam.Je tam myslím více složek kterých tam nebylo jako třeba BOOT MSOCache,Recovery,Qoobox ty jsem tam myslím nikdy neměl.
Rocketdock my problém vůbec nedělá, klidně přeinstaluju.

#12 Příspěvek od **motji** » 01 dub 2010 02:33

Máte zobrazené skryté a systémové soubory, proto vidíte složky, co dříve ne.
Qoobox je karantena combofixu

, nebojte, pak po sobě uklidím

.

Dejte soubor otestovat na http://www.virustotal.com

C:\os117275.bin

-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

RenV::
c:\program files\ESET\ESET Smart Security\egui .exe

File::
c:\program files\RocketDock\RocketDock .exe

Folder::
C:\abc

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=-

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Přeinstalujte RocketDock

richi4ever · #13 Příspěvek od **richi4ever** » 01 dub 2010 07:49

Dobre ranko

Zadaný soubor jsem dal testovat a zde je link :

http://www.virustotal.com/cs/analisis/8 ... 1270103335

Tady je Report z combofixu a já se jdu reinstalovat ten rocketdock.

ComboFix 10-03-29.04 - Richi 01.04.2010 8:34.3.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.1534.1003 [GMT 2:00]
Spuštěný z: c:\users\Richi\Desktop\Potvora.com.exe
Použité ovládací přepínače :: c:\users\Richi\Desktop\CFScript.txt
* Rezidentní štít AV je zapnutý

FILE ::
"c:\program files\RocketDock\RocketDock .exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\abc

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-01 do 2010-04-01 )))))))))))))))))))))))))))))))
.

2010-04-01 06:40 . 2010-04-01 06:40 -------- d-----w- c:\users\Richi test\AppData\Local\temp
2010-04-01 06:40 . 2010-04-01 06:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-01 06:40 . 2010-04-01 06:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-31 15:21 . 2010-04-01 06:42 -------- d-----w- c:\users\Richi\AppData\Local\temp
2010-03-31 05:22 . 2010-02-23 07:56 977920 ----a-w- c:\windows\system32\wininet.dll
2010-03-30 22:38 . 2010-03-30 22:44 -------- d-----w- c:\program files\trend micro
2010-03-30 20:07 . 2010-03-30 20:07 -------- d-----w- c:\users\Richi\AppData\Local\Apps
2010-03-30 19:07 . 2010-03-30 19:07 -------- d-----w- c:\users\Richi\AppData\Local\ESET
2010-03-30 18:32 . 2010-03-30 18:47 -------- d-----w- C:\AdobeTemp
2010-03-30 18:08 . 2010-03-30 18:31 -------- d-----w- c:\program files\Lavasoft
2010-03-18 08:42 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-17 19:49 . 2010-03-17 19:49 -------- d-----w- c:\users\Richi\AppData\Local\Sam Francke

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-01 06:34 . 2009-12-09 03:18 -------- d-----w- c:\program files\RocketDock
2010-04-01 06:34 . 2010-02-28 16:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-03-31 15:53 . 2010-03-31 15:53 112 ----a-w- c:\programdata\ym0sD033.dat
2010-03-31 15:15 . 2009-12-09 15:01 -------- d-----w- c:\program files\QuickTime
2010-03-31 08:21 . 2009-07-14 08:44 622660 ----a-w- c:\windows\system32\perfh005.dat
2010-03-31 08:21 . 2009-07-14 08:44 118810 ----a-w- c:\windows\system32\perfc005.dat
2010-03-30 18:48 . 2010-02-23 08:29 -------- d-----w- c:\program files\Fotolab
2010-03-30 18:45 . 2009-12-08 23:25 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-30 18:38 . 2009-12-09 04:30 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-03-30 18:08 . 2010-01-26 09:03 -------- d-----w- c:\program files\Google
2010-03-29 18:01 . 2009-12-09 04:23 -------- d-----w- c:\users\Richi\AppData\Roaming\uTorrent
2010-02-28 17:46 . 2010-02-28 16:12 -------- d-----w- c:\program files\Ubisoft
2010-02-28 17:46 . 2009-12-08 23:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-28 16:25 . 2010-02-28 16:25 -------- d-----w- c:\users\Richi\AppData\Roaming\InstallShield
2010-02-28 16:25 . 2010-02-28 16:25 -------- d-----w- c:\programdata\InstallShield
2010-02-28 16:12 . 2009-12-08 23:18 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-24 09:16 . 2009-12-08 22:52 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 08:36 . 2010-02-23 08:36 -------- d-----w- c:\programdata\hps
2010-02-16 16:59 . 2010-02-16 16:59 -------- d-----w- c:\users\Richi\AppData\Roaming\Publish Providers
2010-02-16 16:59 . 2010-02-16 16:53 -------- d-----w- c:\users\Richi\AppData\Roaming\Sony
2010-02-16 16:48 . 2010-02-16 16:48 -------- d-----w- c:\programdata\Sony
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\users\Richi\AppData\Roaming\AdobeSupportAdvisor.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\program files\AdobeSupportAdvisor
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-02-16 15:11 . 2010-03-30 21:00 38784 ----a-w- c:\users\Richi test\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-16 15:11 . 2010-02-16 15:12 38784 ----a-w- c:\users\Richi\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-16 15:11 . 2010-02-16 15:12 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-15 23:29 . 2010-02-15 23:25 -------- d-----w- c:\program files\Project64 1.6
2010-02-15 10:41 . 2009-12-09 00:01 108464 ----a-w- c:\users\Richi\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-12 11:52 . 2009-12-09 00:25 -------- d-----w- c:\programdata\Microsoft Help
2010-02-07 11:09 . 2010-02-04 10:50 -------- d-----w- c:\program files\SuperDVD Video Editor
2010-02-04 19:45 . 2009-12-09 14:30 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-04 19:43 . 2010-02-04 11:41 794 ---ha-w- C:\os117275.bin
2010-02-04 11:53 . 2010-02-04 11:53 -------- d-----w- c:\users\Richi\AppData\Roaming\AnvSoft
2010-02-04 11:25 . 2010-02-04 11:25 -------- d-----w- c:\program files\Common Files\Vbox
2010-02-04 00:23 . 2010-02-04 00:23 -------- d-----w- c:\program files\CountDown ShutDown PC
2010-02-02 07:45 . 2010-02-24 05:56 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-18 23:29 . 2010-02-10 08:26 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 08:26 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 08:26 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 08:26 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 08:26 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 08:26 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 08:26 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 08:26 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-08 03:18 . 2010-02-10 08:27 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 08:27 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

Kód: Vybrat vše

<pre>
c:\program files\ESET\ESET Smart Security\egui .exe
</pre>

((((((((((((((((((((((((((((( SnapShot@2010-03-31_12.49.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:55 . 2010-03-31 12:51 36192 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2010-04-01 06:43 36192 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-12-08 22:32 . 2010-03-31 12:18 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-08 22:32 . 2010-03-31 16:32 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 22:32 . 2010-03-31 12:18 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 22:32 . 2010-03-31 16:32 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:41 . 2010-03-31 16:32 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2010-03-31 12:18 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-08 22:43 . 2010-04-01 06:42 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 22:43 . 2010-04-01 06:42 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 22:43 . 2010-04-01 06:42 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-08 22:43 . 2010-04-01 06:42 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 23:03 . 2010-03-31 12:16 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 23:03 . 2010-04-01 06:22 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-08 23:03 . 2010-03-31 12:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-12-08 23:03 . 2010-04-01 06:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-12-08 23:03 . 2010-04-01 06:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-12-08 23:03 . 2010-03-31 12:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
+ 2009-12-08 22:43 . 2010-04-01 06:42 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-08 22:43 . 2010-04-01 06:42 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-19 22:20 . 2010-03-26 00:54 2946 c:\windows\System32\wdi\ERCQueuedResolutions.dat
+ 2009-12-19 22:20 . 2010-03-31 22:24 2946 c:\windows\System32\wdi\ERCQueuedResolutions.dat
+ 2009-12-08 22:38 . 2010-04-01 06:43 9286 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3310651923-3931097451-1174285733-1000_UserData.bin
+ 2010-04-01 06:16 . 2010-04-01 06:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-03-31 12:41 . 2010-03-31 12:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-03-31 12:41 . 2010-03-31 12:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-04-01 06:16 . 2010-04-01 06:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-09 20:20 . 2010-03-31 19:51 285072 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
- 2009-07-14 02:03 . 2010-03-31 12:06 6815744 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:03 . 2010-04-01 06:29 6815744 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"tsnp2std"="c:\windows\system32\tsnp2std.exe" [2005-12-27 122880]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 135664]
R3 bpenum;Intel(R) WiMAX Link Enumerator;c:\windows\system32\DRIVERS\bpenum.sys [2009-07-30 56320]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-08 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 38240]
S3 athrusb;TP-LINK Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2007-08-17 891392]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-03-18 520704]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'

2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 18:08]

2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 18:08]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\55n1vqer.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.032"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.abr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ani"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.arw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bay"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bmp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cr2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.crw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cs1"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cur"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dib"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djv"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djvu"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dng"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.emf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.eps"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.erf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fpx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.gif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.hdr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icl"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icn"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ilbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.int"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.inta"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iw4"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2c"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2k"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jbr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jfif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jp2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpe"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpeg"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-3310651923-3931097451-1174285733-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpk"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.kdc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.lbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mos"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mrw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.nef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.orf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcd"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pct"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pgm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pic"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pict"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pix"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.png"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ppm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psd"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspbrush"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspimage"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ras"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgb"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgba"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rle"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rsb"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sgi"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sr2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.srf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tga"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.thm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tiff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbmp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wmf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xpm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Premiere Pro\1.5\DefaultPreset]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Settings\\DV - NTSC\\Standard 48kHz.prpreset"

[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Premiere Pro\1.5\Help]
@DACL=(02 0000)
"AdobeMediaEncoder"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_0_0_0.html"
"Contents"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_0_0_0.html"
"ExportToDVD"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_19_2_0.html"
"HowToUse"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\0_0_0_0.html"
"Keyboard"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_21_0_0.html"
"Search"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\search.html"
"Support"="http://www.adobe.com/support/products/premiere.html"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="095B77C875896336EB921585FB58F7762CCBE4C245E73E92952697E251BF8CC351B3C32557CED47D9DD2F4FC4BE13AAF9ECBC731ECEFB85033409DD4EB2CDB39606BD48A1CF60550CEB41E973490C0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DFEBC9E127BECC74CBA7FD869164D679479C270058634FE95CD5C50FB7522DF5EF22BEFAB26199103E86CD4C4391BD3F1DCABA9DE29741558D1404A495A8031F79FD2A6E982F6708B3CFC73275A52E9C05F70286CA644253A66B2D2350632142A1567B8AA1C4B60F7A1ABC0D6032B7DF4127EBBDD0F0D12A468BD70CD650A36129DAC7F80DEF173B5ED940D07BB28256F786BC925AB1A9A092A0C3C699D3E954F7687E8406AA90D35ECF63AABC1B049108AED487A741CCBD96E71E21E07E58606D301F8021513666D5E3442FE0890294034E245D899A7080FF0E0A649AA8131DFDAC8C324E5370CD67354AE0232765568D5C9E0FE7DB507245CF3DA8B4AEE100A24307547997D5EEF56029D731B7634F743C64F70B621D29953E7E94759F675343F2C4BD0223714B99E8B445CD0887FE1C42159730E2C4BF1E99DD1A5FC4182932DD717682215B3BADDE569841486441C15455A94047A223529982314935BB0606570C07D72AD9A7B952567FA5930662366C242A14B14DD700F0382BFAAB6CA57D0D7C040207BFA0BBC852F924BAA1972DACD96AE48E45A300C2AAA2087A871B84D94A6A56CDC577A4066C2E048FAE7100C3EEE12973FC58B84FCE76BA0EA174AACCF94E6CA948ADEFCC9B9BF600EAF00848F77E708D5A318D2139B1D219A05D43657C0016448BF5247D7BFCD593223CEC463718F9942C971C2A2BB77E8B857A3A39E74B59583F872E55914ECAD9C460A42FA2FAA0500E238168ACF7D8CABFA08A1B98F8A6E338AE0933F88C30AE27544E2BF9A2235EF6F9002CA77F6D13CB65654E30347332B9D43FE1B073B4F80DB15833EAF9FC555BF20AE0962703597A1E7CF79D5F8DD222D434C2588031456FC96F424FE138CD9FB14B98D563B665026981F7E227299300C8F91B71D8CA2A62D677A482C308D0A9E9B3445AC69C85A85C9C01695C747555FD75AD0E80E7699182ACBA070EC85D5F66A234153547490D2DFA50D7452FBF41D53A494210243B9B98516481604E19127B8FE364918B2AE76433450922F00D315BA654993A56D7666247881FE7644F52641357D27148557AB6147F05B404F1CE64C02D99DFB0E24C0B4862F1F86849E3F432793136D9F1002A9AB24CCA91BDD86C8D655334AF2F943E9C8D87F3BAC0E9004A9194C8C68C05D12A346F854C78ABDF6B0EEDB1C1E12BDFABBAA3ADF7BA58D4A0653231CFB387691E4D308ED6D78299FD47DB23EC4ECD0A14F"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2010-04-01 08:45:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-01 06:45
ComboFix2.txt 2010-03-31 15:26
ComboFix3.txt 2010-03-31 12:52

Před spuštěním: Volných bajtů: 10 290 593 792
Po spuštění: Volných bajtů: 10 227 949 568

- - End Of File - - CAF4FA21802E54039B344D0017AF5FB3

#14 Příspěvek od **motji** » 01 dub 2010 14:05

Můžete přeinstalovat i ESET, pokud teď nepujde?

. Vir si totiž za legální asoubory dosazuje svoje kopie, a takhle se ne a ne smazat

. Tuhle natvrdo smažu přes combofix, ale možná pak Eset nebude fungovat, to poznáte

Další skript do combofixu

Kód: Vybrat vše

File::
c:\program files\ESET\ESET Smart Security\egui .exe

Reglock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Ještě prosím otestujte na www.virustotal.com
c:\windows\system32\sppsvc.exe

richi4ever · #15 Příspěvek od **richi4ever** » 01 dub 2010 14:44

NOD32 klidně přeinstaluju, to by se dalo ale myslím že se s ním nic nestalo, V podstatě jsem v tom reportu zahlédl, že nemohl být vymazán. Je možné že to je tím že jsem ho nechal omylem zapnutý?Mám ho vypnout a znova spustit combofix?

Tady je virustotal

http://www.virustotal.com/cs/analisis/6 ... 1270129123

A tady report z combofix:

ComboFix 10-03-29.04 - Richi 01.04.2010 15:20:49.4.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.1534.992 [GMT 2:00]
Spuštěný z: c:\users\Richi\Desktop\Potvora.com.exe
Použité ovládací přepínače :: c:\users\Richi\Desktop\CFScript.txt
* Rezidentní štít AV je zapnutý

FILE ::
"c:\program files\ESET\ESET Smart Security\egui .exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ESET\ESET Smart Security\egui .exe . . . . nemohl být smazán

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-01 do 2010-04-01 )))))))))))))))))))))))))))))))
.

2010-04-01 13:26 . 2010-04-01 13:30 -------- d-----w- c:\users\Richi\AppData\Local\temp
2010-04-01 13:26 . 2010-04-01 13:26 -------- d-----w- c:\users\Richi test\AppData\Local\temp
2010-04-01 13:26 . 2010-04-01 13:26 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-01 13:26 . 2010-04-01 13:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-31 05:22 . 2010-02-23 07:56 977920 ----a-w- c:\windows\system32\wininet.dll
2010-03-30 22:38 . 2010-03-30 22:44 -------- d-----w- c:\program files\trend micro
2010-03-30 20:07 . 2010-03-30 20:07 -------- d-----w- c:\users\Richi\AppData\Local\Apps
2010-03-30 19:07 . 2010-03-30 19:07 -------- d-----w- c:\users\Richi\AppData\Local\ESET
2010-03-30 18:32 . 2010-03-30 18:47 -------- d-----w- C:\AdobeTemp
2010-03-30 18:08 . 2010-03-30 18:31 -------- d-----w- c:\program files\Lavasoft
2010-03-18 08:42 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-17 19:49 . 2010-03-17 19:49 -------- d-----w- c:\users\Richi\AppData\Local\Sam Francke

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-01 06:53 . 2009-12-09 03:18 -------- d-----w- c:\program files\RocketDock
2010-04-01 06:34 . 2010-02-28 16:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-03-31 15:53 . 2010-03-31 15:53 112 ----a-w- c:\programdata\ym0sD033.dat
2010-03-31 15:15 . 2009-12-09 15:01 -------- d-----w- c:\program files\QuickTime
2010-03-31 08:21 . 2009-07-14 08:44 622660 ----a-w- c:\windows\system32\perfh005.dat
2010-03-31 08:21 . 2009-07-14 08:44 118810 ----a-w- c:\windows\system32\perfc005.dat
2010-03-30 18:48 . 2010-02-23 08:29 -------- d-----w- c:\program files\Fotolab
2010-03-30 18:45 . 2009-12-08 23:25 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-30 18:38 . 2009-12-09 04:30 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-03-30 18:08 . 2010-01-26 09:03 -------- d-----w- c:\program files\Google
2010-03-29 18:01 . 2009-12-09 04:23 -------- d-----w- c:\users\Richi\AppData\Roaming\uTorrent
2010-02-28 17:46 . 2010-02-28 16:12 -------- d-----w- c:\program files\Ubisoft
2010-02-28 17:46 . 2009-12-08 23:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-28 16:25 . 2010-02-28 16:25 -------- d-----w- c:\users\Richi\AppData\Roaming\InstallShield
2010-02-28 16:25 . 2010-02-28 16:25 -------- d-----w- c:\programdata\InstallShield
2010-02-28 16:12 . 2009-12-08 23:18 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-24 09:16 . 2009-12-08 22:52 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 08:36 . 2010-02-23 08:36 -------- d-----w- c:\programdata\hps
2010-02-16 16:59 . 2010-02-16 16:59 -------- d-----w- c:\users\Richi\AppData\Roaming\Publish Providers
2010-02-16 16:59 . 2010-02-16 16:53 -------- d-----w- c:\users\Richi\AppData\Roaming\Sony
2010-02-16 16:48 . 2010-02-16 16:48 -------- d-----w- c:\programdata\Sony
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\users\Richi\AppData\Roaming\AdobeSupportAdvisor.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\program files\AdobeSupportAdvisor
2010-02-16 15:12 . 2010-02-16 15:12 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-02-16 15:11 . 2010-03-30 21:00 38784 ----a-w- c:\users\Richi test\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-16 15:11 . 2010-02-16 15:12 38784 ----a-w- c:\users\Richi\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-16 15:11 . 2010-02-16 15:12 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-15 23:29 . 2010-02-15 23:25 -------- d-----w- c:\program files\Project64 1.6
2010-02-15 10:41 . 2009-12-09 00:01 108464 ----a-w- c:\users\Richi\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-12 11:52 . 2009-12-09 00:25 -------- d-----w- c:\programdata\Microsoft Help
2010-02-07 11:09 . 2010-02-04 10:50 -------- d-----w- c:\program files\SuperDVD Video Editor
2010-02-04 19:45 . 2009-12-09 14:30 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-04 19:43 . 2010-02-04 11:41 794 ---ha-w- C:\os117275.bin
2010-02-04 11:53 . 2010-02-04 11:53 -------- d-----w- c:\users\Richi\AppData\Roaming\AnvSoft
2010-02-04 11:25 . 2010-02-04 11:25 -------- d-----w- c:\program files\Common Files\Vbox
2010-02-04 00:23 . 2010-02-04 00:23 -------- d-----w- c:\program files\CountDown ShutDown PC
2010-02-02 07:45 . 2010-02-24 05:56 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-18 23:29 . 2010-02-10 08:26 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 08:26 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 08:26 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 08:26 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 08:26 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 08:26 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 08:26 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 08:26 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-08 03:18 . 2010-02-10 08:27 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 08:27 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

Kód: Vybrat vše

<pre>
c:\program files\ESET\ESET Smart Security\egui .exe
</pre>

((((((((((((((((((((((((((((( SnapShot@2010-03-31_12.49.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:55 . 2010-03-31 12:51 36192 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2010-04-01 13:31 36192 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-12-08 22:32 . 2010-03-31 12:18 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-08 22:32 . 2010-04-01 06:44 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 22:32 . 2010-03-31 12:18 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 22:32 . 2010-04-01 06:44 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:41 . 2010-04-01 06:44 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2010-03-31 12:18 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-08 22:43 . 2010-04-01 13:30 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 22:43 . 2010-04-01 13:30 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-08 22:43 . 2010-04-01 13:30 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-08 22:43 . 2010-04-01 13:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 23:03 . 2010-03-31 12:16 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 23:03 . 2010-04-01 13:16 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-08 23:03 . 2010-03-31 12:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-12-08 23:03 . 2010-04-01 13:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-12-08 23:03 . 2010-04-01 13:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-12-08 23:03 . 2010-03-31 12:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 22:43 . 2010-04-01 13:30 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-08 22:43 . 2010-04-01 13:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-08 22:43 . 2010-03-31 12:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-19 22:20 . 2010-04-01 13:27 4394 c:\windows\System32\wdi\ERCQueuedResolutions.dat
+ 2009-12-08 22:38 . 2010-04-01 13:31 9488 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3310651923-3931097451-1174285733-1000_UserData.bin
- 2010-03-31 12:41 . 2010-03-31 12:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-04-01 06:16 . 2010-04-01 13:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-03-31 12:41 . 2010-03-31 12:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-04-01 06:16 . 2010-04-01 13:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-09 20:20 . 2010-04-01 13:12 285568 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
- 2009-07-14 02:03 . 2010-03-31 12:06 6815744 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:03 . 2010-04-01 07:57 6815744 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"tsnp2std"="c:\windows\system32\tsnp2std.exe" [2005-12-27 122880]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 135664]
R3 bpenum;Intel(R) WiMAX Link Enumerator;c:\windows\system32\DRIVERS\bpenum.sys [2009-07-30 56320]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-08 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 38240]
S3 athrusb;TP-LINK Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2007-08-17 891392]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-03-18 520704]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'

2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 18:08]

2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-30 18:08]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\55n1vqer.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.032"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.abr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ani"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.arw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bay"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bmp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cr2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.crw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cs1"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cur"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dib"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djv"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djvu"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dng"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.emf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.eps"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.erf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fpx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.gif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.hdr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icl"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icn"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ilbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.int"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.inta"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iw4"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2c"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2k"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jbr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jfif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jp2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpe"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpeg"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-3310651923-3931097451-1174285733-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpk"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.kdc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.lbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mos"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mrw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.nef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.orf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbr"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcd"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pct"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcx"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pef"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pgm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pic"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pict"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pix"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.png"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ppm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psd"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspbrush"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspimage"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ras"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raw"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgb"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgba"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rle"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rsb"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sgi"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sr2"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.srf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tga"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.thm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tiff"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttc"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbmp"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wmf"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xbm"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xif"

[HKEY_USERS\S-1-5-21-3310651923-3931097451-1174285733-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xpm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Premiere Pro\1.5\DefaultPreset]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Settings\\DV - NTSC\\Standard 48kHz.prpreset"

[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Premiere Pro\1.5\Help]
@DACL=(02 0000)
"AdobeMediaEncoder"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_0_0_0.html"
"Contents"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_0_0_0.html"
"ExportToDVD"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_19_2_0.html"
"HowToUse"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\0_0_0_0.html"
"Keyboard"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\1_21_0_0.html"
"Search"="c:\\Program Files\\Adobe\\Premiere Pro 1.5 Tryout\\Help\\search.html"
"Support"="http://www.adobe.com/support/products/premiere.html"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="095B77C875896336EB921585FB58F7762CCBE4C245E73E92952697E251BF8CC351B3C32557CED47D9DD2F4FC4BE13AAF9ECBC731ECEFB85033409DD4EB2CDB39606BD48A1CF60550CEB41E973490C0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DFEBC9E127BECC74CBA7FD869164D679479C270058634FE95CD5C50FB7522DF5EF22BEFAB26199103E86CD4C4391BD3F1DCABA9DE29741558D1404A495A8031F79FD2A6E982F6708B3CFC73275A52E9C05F70286CA644253A66B2D2350632142A1567B8AA1C4B60F7A1ABC0D6032B7DF4127EBBDD0F0D12A468BD70CD650A36129DAC7F80DEF173B5ED940D07BB28256F786BC925AB1A9A092A0C3C699D3E954F7687E8406AA90D35ECF63AABC1B049108AED487A741CCBD96E71E21E07E58606D301F8021513666D5E3442FE0890294034E245D899A7080FF0E0A649AA8131DFDAC8C324E5370CD67354AE0232765568D5C9E0FE7DB507245CF3DA8B4AEE100A24307547997D5EEF56029D731B7634F743C64F70B621D29953E7E94759F675343F2C4BD0223714B99E8B445CD0887FE1C42159730E2C4BF1E99DD1A5FC4182932DD717682215B3BADDE569841486441C15455A94047A223529982314935BB0606570C07D72AD9A7B952567FA5930662366C242A14B14DD700F0382BFAAB6CA57D0D7C040207BFA0BBC852F924BAA1972DACD96AE48E45A300C2AAA2087A871B84D94A6A56CDC577A4066C2E048FAE7100C3EEE12973FC58B84FCE76BA0EA174AACCF94E6CA948ADEFCC9B9BF600EAF00848F77E708D5A318D2139B1D219A05D43657C0016448BF5247D7BFCD593223CEC463718F9942C971C2A2BB77E8B857A3A39E74B59583F872E55914ECAD9C460A42FA2FAA0500E238168ACF7D8CABFA08A1B98F8A6E338AE0933F88C30AE27544E2BF9A2235EF6F9002CA77F6D13CB65654E30347332B9D43FE1B073B4F80DB15833EAF9FC555BF20AE0962703597A1E7CF79D5F8DD222D434C2588031456FC96F424FE138CD9FB14B98D563B665026981F7E227299300C8F91B71D8CA2A62D677A482C308D0A9E9B3445AC69C85A85C9C01695C747555FD75AD0E80E7699182ACBA070EC85D5F66A234153547490D2DFA50D7452FBF41D53A494210243B9B98516481604E19127B8FE364918B2AE76433450922F00D315BA654993A56D7666247881FE7644F52641357D27148557AB6147F05B404F1CE64C02D99DFB0E24C0B4862F1F86849E3F432793136D9F1002A9AB24CCA91BDD86C8D655334AF2F943E9C8D87F3BAC0E9004A9194C8C68C05D12A346F854C78ABDF6B0EEDB1C1E12BDFABBAA3ADF7BA58D4A0653231CFB387691E4D308ED6D78299FD47DB23EC4ECD0A14F"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3016)
c:\program files\RocketDock\RocketDock.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2010-04-01 15:34:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-01 13:34
ComboFix2.txt 2010-04-01 06:45
ComboFix3.txt 2010-03-31 15:26
ComboFix4.txt 2010-03-31 12:52

Před spuštěním: Volných bajtů: 10 166 620 160
Po spuštění: Volných bajtů: 10 124 619 776

- - End Of File - - E903DC6E3079D67EEDEF328AC124DE12

VIRY.CZ

Nelze otevřít soubory EXE - pouze jako správce

Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce

Re: Nelze otevřít soubory EXE - pouze jako správce