VIRY.CZ

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Tak tady je log z Combofixu:

ComboFix 13-01-23.01 - Pitris 23.01.2013 19:22:54.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1139 [GMT 1:00]
Spuštěný z: c:\users\Pitris\Desktop\ComboFix.exe
AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: FortKnox Firewall *Disabled* {D706C250-E69C-F021-BA79-86E338E2273B}
SP: Norton AntiVirus *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\184F109446.sys
c:\programdata\Windows
c:\programdata\windows\xdor.dat
c:\users\Pitris\AppData\Local\Microsoft\AddIns\MMOutlookAddIn.dll
c:\users\Pitris\AppData\Roaming\inst.exe
c:\users\Pitris\AppData\Roaming\Pitrislog.dat
c:\users\Pitris\AppData\Roaming\vso_ts_preview.xml
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\UA000106.DLL
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-23 do 2013-01-23 )))))))))))))))))))))))))))))))
.
.
2013-01-23 22:43 . 2013-01-23 22:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-23 22:43 . 2013-01-23 22:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-22 12:53 . 2013-01-22 12:53 512 ----a-w- C:\PhysicalMBR.bin
2013-01-21 11:24 . 2013-01-21 11:24 15739912 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-01-09 14:22 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\system32\gameux.dll
2013-01-09 14:21 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 14:21 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 11:47 . 2013-01-09 11:47 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-01-07 00:10 . 2013-01-07 00:10 -------- d-----w- c:\windows\system32\syncdb
2013-01-06 23:55 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-01-06 23:55 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll
2013-01-06 23:55 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-01-06 23:05 . 2009-11-15 17:24 57808 ----a-w- c:\windows\system32\drivers\fortknoxfw.sys
2013-01-06 23:05 . 2009-09-17 06:57 23120 ----a-w- c:\windows\system32\drivers\fortknoxfw_ndisim.sys
2013-01-05 13:12 . 2013-01-05 13:12 -------- d-----w- c:\users\Pitris\AppData\Local\Comodo
2013-01-05 13:12 . 2013-01-05 13:12 42760 ----a-w- c:\windows\system32\certsentry.dll
2013-01-05 13:11 . 2013-01-05 13:11 -------- d-----w- c:\programdata\Comodo Downloader
2013-01-05 12:01 . 2013-01-06 11:07 -------- d-----w- c:\windows\system32\drivers\NST
2013-01-05 12:01 . 2013-01-05 12:01 -------- d-----w- c:\program files\Norton Identity Safe
2013-01-05 12:01 . 2013-01-05 12:17 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-01-05 12:01 . 2013-01-05 12:01 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-01-05 12:00 . 2013-01-18 22:48 -------- d-----w- c:\windows\system32\drivers\NAV
2013-01-05 12:00 . 2013-01-05 12:00 -------- d-----w- c:\program files\Norton AntiVirus
2013-01-05 12:00 . 2013-01-05 12:02 -------- d-----w- c:\programdata\Norton
2013-01-05 12:00 . 2013-01-05 12:01 -------- d-----w- c:\program files\NortonInstaller
2013-01-05 11:04 . 2013-01-05 11:04 -------- d-----w- C:\$AVG
2013-01-05 11:04 . 2013-01-05 11:45 -------- d-----w- c:\programdata\AVG2013
2013-01-05 11:00 . 2013-01-05 11:00 -------- d--h--w- c:\programdata\Common Files
2013-01-05 11:00 . 2013-01-05 11:45 -------- d-----w- c:\programdata\MFAData
2013-01-05 11:00 . 2013-01-05 11:00 -------- d-----w- c:\users\Pitris\AppData\Local\MFAData
2013-01-05 11:00 . 2013-01-05 11:00 -------- d-----w- c:\users\Pitris\AppData\Local\Avg2013
2013-01-04 13:45 . 2013-01-04 14:01 -------- d-----w- c:\users\Pitris\AppData\Roaming\calibre
2013-01-04 13:44 . 2013-01-04 13:51 -------- d-----w- c:\program files\Calibre2
2013-01-01 23:04 . 2013-01-01 23:04 -------- d-----w- c:\users\Pitris\AppData\Roaming\Se Analyzer Tool SA
2013-01-01 17:16 . 2013-01-01 17:16 -------- d-----w- c:\users\Pitris\workspace
2013-01-01 17:14 . 2013-01-01 17:14 -------- d-----w- c:\users\Pitris\.eclipse
2013-01-01 16:53 . 2013-01-01 16:57 -------- d-----w- c:\program files\adt-bundle-windows
2013-01-01 16:48 . 2013-01-01 17:16 -------- d-----w- c:\users\Pitris\.android
2013-01-01 16:29 . 2013-01-01 16:29 -------- d-----w- c:\program files\Unlockroot
2012-12-29 13:29 . 2012-12-29 13:30 -------- d-----w- c:\users\Pitris\AppData\Local\Facebook
2012-12-25 09:59 . 2012-12-25 10:01 -------- d-----w- c:\program files\ASUS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-21 11:24 . 2012-04-10 11:05 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-21 11:24 . 2011-05-19 05:26 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-24 19:12 . 2012-12-24 19:11 167440 ----a-w- c:\users\Pitris\comcat5.dll
2012-12-16 14:13 . 2012-12-22 12:21 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 12:21 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-30 21:20 . 2010-10-07 12:52 47360 ----a-w- c:\users\Pitris\AppData\Roaming\pcouffin.sys
2012-11-14 02:09 . 2012-12-12 11:05 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 11:05 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 11:05 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 11:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 11:05 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 11:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 10:56 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11 . 2012-12-12 10:56 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-01-10 22:06 . 2011-10-28 09:25 904192 ----a-w- c:\program files\SRDownloader.exe
2011-05-25 14:07 . 2011-05-25 14:24 4771328 ----a-w- c:\program files\PortableFotoSketcher.exe
2011-02-01 23:23 . 2011-02-01 23:25 1197568 ----a-w- c:\program files\Easy Pro ShutDown.exe
2012-01-29 16:10 . 2011-03-23 15:07 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Workshelf"="c:\program files\Winstep\workshelf.exe" [2010-10-13 15274112]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FortKnoxPersonalFirewall"="c:\program files\NETGATE\FortKnox Personal Firewall\FortKnoxGUI.exe" [2012-12-11 1810312]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"NeXuS-Ultimate"=c:\program files\Winstep\Nexus-Ultimate.exe autostart
"Facebook Update"="c:\users\Pitris\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"USBToolTip"=c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Pitris\AppData\Local\Temp\ALSysIO.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\Drivers\spyemrg_access.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1402000.013\SYMDS.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1402000.013\SYMEFA.SYS [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130116.013\BHDrvx86.sys [x]
S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAV\1402000.013\ccSetx86.sys [x]
S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NST\7DD01000.020\ccSetx86.sys [x]
S1 cmdGuard;cmdGuard;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;cmdHlp;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 fortknox_drv;fortknox_drv;c:\windows\system32\drivers\fortknoxfw.sys [x]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130122.001\IDSvix86.sys [x]
S1 krnl_akl;krnl_akl;c:\windows\system32\drivers\krnl_akl.sys [x]
S1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1402000.013\Ironx86.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAV\1402000.013\SYMNETS.SYS [x]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 fortknox;FortKnox Personal Firewall;c:\program files\NETGATE\FortKnox Personal Firewall\FortKnox.exe [x]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe [x]
S2 NCO;Norton Identity Safe;c:\program files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [x]
S2 SpyEmrgSrv;Spy Emergency Engine Service;c:\program files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [x]
S2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files\Winstep\WsxService [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 Fkndisf;FortKnox Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\fortknoxfw_ndisim.sys [x]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\Drivers\spyemrg_guard.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [x]
S3 usbsmi;USB2.0 UVC WebCam;c:\windows\system32\DRIVERS\SMIksdrv.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 11:24]
.
2013-01-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2189574246-2748877713-2644438562-1001Core.job
- c:\users\Pitris\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-29 13:29]
.
2013-01-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2189574246-2748877713-2644438562-1001UA.job
- c:\users\Pitris\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-29 13:29]
.
2013-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-03 13:11]
.
2013-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-03 13:11]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = http=;ftp=;https=;
IE: Download ALL with IDA - c:\program files\IDA\idaieall.htm
IE: Download remotely with IDA - c:\program files\IDA\remdown.htm
IE: Download with IDA - c:\program files\IDA\idaie.htm
IE: LG Air Sync (R-Click) - Save as Mobile Image - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.1.1 192.168.0.1
FF - ProfilePath - c:\users\Pitris\AppData\Roaming\Mozilla\Firefox\Profiles\1pxrzpo6.PItrisek\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2012-12-09 16:55; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\Pitris\AppData\Roaming\Mozilla\Firefox\Profiles\1pxrzpo6.PItrisek\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF - ExtSQL: 2012-12-09 16:55; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Pitris\AppData\Roaming\Mozilla\Firefox\Profiles\1pxrzpo6.PItrisek\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - ExtSQL: 2013-01-05 13:01; {F04D2D30-776C-4d02-8627-8E4385ECA58D}; c:\programdata\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.0.32\coFFPlgn
FF - ExtSQL: 2013-01-05 13:02; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPlgn
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_MS_USB_Modem_Driver - c:\program files\SAMSUNG\USB Drivers\22_MS_USB_Modem_Driver\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-Game Organizer - c:\programdata\GameXN\GameXNGO.exe
AddRemove-Winamp Detect - c:\program files\Winamp Detect\UninstWaDetect.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe\" /s \"NCO\" /m \"c:\program files\Norton Identity Safe\Engine\2013.1.0.32\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winstep Xtreme Service]
"ImagePath"="c:\program files\Winstep\WsxService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.032"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.3g2"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.3gp2"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.3gpp"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.aac"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.abr"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ac3\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.ac3"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.adts"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.amc"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.amr"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.ani"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.apd"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.arw"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.bay"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.bmp"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.bw"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.bwf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.caf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdda\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.cdda"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.cel"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.cr2"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.crw"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.cs1"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.cur"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.dcr"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.dcx"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.dib"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.dif"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.djv"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.djvu"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.dng"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dv\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.dv"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.emf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.eps"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.erf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.fff"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.flc"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.fli"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.fpx"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.gif"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gsm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.gsm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.hdr"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.icl"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.icn"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.iff"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.ilbm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.int"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.inta"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.iw4"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.j2c"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.j2k"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jbr"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jfif"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jif"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jp2"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jpc"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jpe"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jpeg"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jpg"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jpk"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.jpx"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.kar"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.kdc"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.lbm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.m15"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.m1a"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.m2a"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.m3u"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.m4a"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4b\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.m4b"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4p\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.m4p"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.m4v"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.m75"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.mef"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.mos"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.mov"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.mpv"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.mrw"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.nrw"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.orf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pbm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pbr"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pcd"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pct"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pcx"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pef"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pgm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pic"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pics"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pict"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pix"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.png"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.ppm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.psd"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.psp"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pspbrush"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.pspimage"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.qcp"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qt\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.qt"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.qtpf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.raf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.ras"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.raw"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.rgb"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.rgba"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.rle"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.rsb"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rw2"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rwl"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sd2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.sd2"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.sdv"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.sfil"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.sgi"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.smf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.smi"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.smil"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.sml"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.sr2"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.srf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.srw"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.swa"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.tga"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.thm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.tif"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.tiff"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.ttc"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.ttf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.ulw"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40po"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40pp"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40ppf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.vfw"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.wbm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.wbmp"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.wmf"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.xbm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.xif"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.xmp"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2189574246-2748877713-2644438562-1001)
"Progid"="ACDSee Pro 4.xpm"
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{981E022C-531A-0AEA-39E7-09DF358F1131}*]
"kaododlpdooaopiabacbhe"=hex:61,61,00,00
"faododlpcokg"=hex:66,61,6c,69,63,70,64,6e,62,6a,6e,66,00,81
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1016)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(928)
c:\windows\system32\guard32.dll
.
Celkový čas: 2013-01-23 23:48:58
ComboFix-quarantined-files.txt 2013-01-23 22:48
.
Před spuštěním: Volných bajtů: 12 582 178 816
Po spuštění: Volných bajtů: 12 529 967 104
.
- - End Of File - - 945F1525E05BB32D43C5FBE8270DB08D

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

File::
c:\windows\system32\drivers\avgtpx86.sys
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2189574246-2748877713-2644438562-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2189574246-2748877713-2644438562-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
C:\$AVG
c:\programdata\AVG2013
c:\programdata\MFAData
c:\users\Pitris\AppData\Local\MFAData
c:\users\Pitris\AppData\Local\Avg2013

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-

Driver::
ALSysIO
avgtp

DDS::
uInternet Settings,ProxyServer = http=;ftp=;https=;

RegLock::
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts]
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{981E022C-531A-0AEA-39E7-09DF358F1131}*]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Provedeno, zde je log:

ComboFix 13-01-23.01 - Pitris 24.01.2013 10:47:52.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1146 [GMT 1:00]
Spuštěný z: c:\users\Pitris\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pitris\Desktop\CFScript.txt
AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: FortKnox Firewall *Disabled* {D706C250-E69C-F021-BA79-86E338E2273B}
SP: Norton AntiVirus *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\avgtpx86.sys"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2189574246-2748877713-2644438562-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2189574246-2748877713-2644438562-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\$AVG
c:\programdata\AVG2013
c:\programdata\AVG2013\avi\iavichjw.avm
c:\programdata\AVG2013\avi\incavi.avm
c:\programdata\MFAData
c:\programdata\MFAData\msistorg.dat
c:\programdata\MFAData\msistorg.dat.bkp
c:\programdata\MFAData\pack\AVGx86.msi
c:\programdata\MFAData\pack\COREx86.msi
c:\programdata\MFAData\pack\vc_red.msi
c:\programdata\MFAData\public_installation_log.xml
c:\programdata\MFAData\survey\cancel.htm
c:\users\Pitris\AppData\Local\Avg2013
c:\users\Pitris\AppData\Local\Avg2013\log\avgcfg.log
c:\users\Pitris\AppData\Local\Avg2013\log\avgcfg.log.lock
c:\users\Pitris\AppData\Local\Avg2013\log\avgui.log
c:\users\Pitris\AppData\Local\Avg2013\log\avgui.log.lock
c:\users\Pitris\AppData\Local\MFAData
c:\users\Pitris\AppData\Local\MFAData\logs\mfa-20130105-110014.log
c:\users\Pitris\AppData\Local\MFAData\logs\mfa-20130105-111335.log
c:\users\Pitris\AppData\Local\MFAData\logs\msi-20130105-110014.log
c:\windows\system32\drivers\avgtpx86.sys
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2189574246-2748877713-2644438562-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2189574246-2748877713-2644438562-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AVGTP
-------\Service_ALSysIO
-------\Service_avgtp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-24 do 2013-01-24 )))))))))))))))))))))))))))))))
.
.
2013-01-24 13:29 . 2013-01-24 13:29 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-22 12:53 . 2013-01-22 12:53 512 ----a-w- C:\PhysicalMBR.bin
2013-01-21 11:24 . 2013-01-21 11:24 15739912 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-01-09 14:22 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\system32\gameux.dll
2013-01-09 14:21 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 14:21 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-07 00:10 . 2013-01-07 00:10 -------- d-----w- c:\windows\system32\syncdb
2013-01-06 23:55 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-01-06 23:55 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll
2013-01-06 23:55 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-01-06 23:05 . 2009-11-15 17:24 57808 ----a-w- c:\windows\system32\drivers\fortknoxfw.sys
2013-01-06 23:05 . 2009-09-17 06:57 23120 ----a-w- c:\windows\system32\drivers\fortknoxfw_ndisim.sys
2013-01-05 13:12 . 2013-01-05 13:12 -------- d-----w- c:\users\Pitris\AppData\Local\Comodo
2013-01-05 13:12 . 2013-01-05 13:12 42760 ----a-w- c:\windows\system32\certsentry.dll
2013-01-05 13:11 . 2013-01-05 13:11 -------- d-----w- c:\programdata\Comodo Downloader
2013-01-05 12:01 . 2013-01-06 11:07 -------- d-----w- c:\windows\system32\drivers\NST
2013-01-05 12:01 . 2013-01-05 12:01 -------- d-----w- c:\program files\Norton Identity Safe
2013-01-05 12:01 . 2013-01-05 12:17 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-01-05 12:01 . 2013-01-05 12:01 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-01-05 12:00 . 2013-01-18 22:48 -------- d-----w- c:\windows\system32\drivers\NAV
2013-01-05 12:00 . 2013-01-05 12:00 -------- d-----w- c:\program files\Norton AntiVirus
2013-01-05 12:00 . 2013-01-05 12:02 -------- d-----w- c:\programdata\Norton
2013-01-05 12:00 . 2013-01-05 12:01 -------- d-----w- c:\program files\NortonInstaller
2013-01-05 11:00 . 2013-01-05 11:00 -------- d--h--w- c:\programdata\Common Files
2013-01-04 13:45 . 2013-01-04 14:01 -------- d-----w- c:\users\Pitris\AppData\Roaming\calibre
2013-01-04 13:44 . 2013-01-04 13:51 -------- d-----w- c:\program files\Calibre2
2013-01-01 23:04 . 2013-01-01 23:04 -------- d-----w- c:\users\Pitris\AppData\Roaming\Se Analyzer Tool SA
2013-01-01 17:16 . 2013-01-01 17:16 -------- d-----w- c:\users\Pitris\workspace
2013-01-01 17:14 . 2013-01-01 17:14 -------- d-----w- c:\users\Pitris\.eclipse
2013-01-01 16:53 . 2013-01-01 16:57 -------- d-----w- c:\program files\adt-bundle-windows
2013-01-01 16:48 . 2013-01-01 17:16 -------- d-----w- c:\users\Pitris\.android
2013-01-01 16:29 . 2013-01-01 16:29 -------- d-----w- c:\program files\Unlockroot
2012-12-29 13:29 . 2012-12-29 13:30 -------- d-----w- c:\users\Pitris\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-21 11:24 . 2012-04-10 11:05 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-21 11:24 . 2011-05-19 05:26 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-24 19:12 . 2012-12-24 19:11 167440 ----a-w- c:\users\Pitris\comcat5.dll
2012-12-16 14:13 . 2012-12-22 12:21 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 12:21 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-30 21:20 . 2010-10-07 12:52 47360 ----a-w- c:\users\Pitris\AppData\Roaming\pcouffin.sys
2012-11-14 02:09 . 2012-12-12 11:05 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 11:05 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 11:05 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 11:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 11:05 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 11:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 10:56 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11 . 2012-12-12 10:56 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-01-10 22:06 . 2011-10-28 09:25 904192 ----a-w- c:\program files\SRDownloader.exe
2011-05-25 14:07 . 2011-05-25 14:24 4771328 ----a-w- c:\program files\PortableFotoSketcher.exe
2011-02-01 23:23 . 2011-02-01 23:25 1197568 ----a-w- c:\program files\Easy Pro ShutDown.exe
2012-01-29 16:10 . 2011-03-23 15:07 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Workshelf"="c:\program files\Winstep\workshelf.exe" [2010-10-13 15274112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FortKnoxPersonalFirewall"="c:\program files\NETGATE\FortKnox Personal Firewall\FortKnoxGUI.exe" [2012-12-11 1810312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"NeXuS-Ultimate"=c:\program files\Winstep\Nexus-Ultimate.exe autostart
"Facebook Update"="c:\users\Pitris\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"USBToolTip"=c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\Drivers\spyemrg_access.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1402000.013\SYMDS.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1402000.013\SYMEFA.SYS [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130116.013\BHDrvx86.sys [x]
S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAV\1402000.013\ccSetx86.sys [x]
S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NST\7DD01000.020\ccSetx86.sys [x]
S1 cmdGuard;cmdGuard;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;cmdHlp;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 fortknox_drv;fortknox_drv;c:\windows\system32\drivers\fortknoxfw.sys [x]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130122.001\IDSvix86.sys [x]
S1 krnl_akl;krnl_akl;c:\windows\system32\drivers\krnl_akl.sys [x]
S1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1402000.013\Ironx86.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAV\1402000.013\SYMNETS.SYS [x]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 fortknox;FortKnox Personal Firewall;c:\program files\NETGATE\FortKnox Personal Firewall\FortKnox.exe [x]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe [x]
S2 NCO;Norton Identity Safe;c:\program files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [x]
S2 SpyEmrgSrv;Spy Emergency Engine Service;c:\program files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [x]
S2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files\Winstep\WsxService [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 Fkndisf;FortKnox Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\fortknoxfw_ndisim.sys [x]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\Drivers\spyemrg_guard.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [x]
S3 usbsmi;USB2.0 UVC WebCam;c:\windows\system32\DRIVERS\SMIksdrv.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Download ALL with IDA - c:\program files\IDA\idaieall.htm
IE: Download remotely with IDA - c:\program files\IDA\remdown.htm
IE: Download with IDA - c:\program files\IDA\idaie.htm
IE: LG Air Sync (R-Click) - Save as Mobile Image - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - c:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.1.1 192.168.0.1
FF - ProfilePath - c:\users\Pitris\AppData\Roaming\Mozilla\Firefox\Profiles\1pxrzpo6.PItrisek\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2012-12-09 16:55; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\Pitris\AppData\Roaming\Mozilla\Firefox\Profiles\1pxrzpo6.PItrisek\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF - ExtSQL: 2012-12-09 16:55; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Pitris\AppData\Roaming\Mozilla\Firefox\Profiles\1pxrzpo6.PItrisek\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - ExtSQL: 2013-01-05 13:01; {F04D2D30-776C-4d02-8627-8E4385ECA58D}; c:\programdata\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.0.32\coFFPlgn
FF - ExtSQL: 2013-01-05 13:02; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPlgn
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe\" /s \"NCO\" /m \"c:\program files\Norton Identity Safe\Engine\2013.1.0.32\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winstep Xtreme Service]
"ImagePath"="c:\program files\Winstep\WsxService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2189574246-2748877713-2644438562-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{981E022C-531A-0AEA-39E7-09DF358F1131}*]
"kaododlpdooaopiabacbhe"=hex:61,61,00,00
"faododlpcokg"=hex:66,61,6c,69,63,70,64,6e,62,6a,6e,66,00,81
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(6008)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Photodex\ProShow Producer\ScsiAccess.exe
c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
c:\program files\Winstep\WsxService.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2013-01-24 14:38:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-24 13:38
ComboFix2.txt 2013-01-23 22:48
.
Před spuštěním: Volných bajtů: 12 883 566 592
Po spuštění: Volných bajtů: 12 439 646 208
.
- - End Of File - - B809FA405A904D93A64FAA0D8BBE7A9A

Fajn, jak se chova PC

Zdravím, je to o něco lepší, zatím se tak neseká. Uvidíme časem. Díky moc za pomoc.

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC