Re: http://red.installer.xyz
Napsal: 25 srp 2015 22:07
ComboFix 15-08-24.01 - Leoš 25.08.2015 20:36:11.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.2137 [GMT 2:00]
Spuštěný z: c:\users\Leoš\Desktop\ComboFix.exe
AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-07-25 do 2015-08-25 )))))))))))))))))))))))))))))))
.
.
2015-08-25 20:59 . 2015-08-25 20:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-25 17:18 . 2015-08-25 17:18 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E81FE286-AC08-4552-9187-8D4E0DFC24F8}\offreg.1928.dll
2015-08-25 15:06 . 2015-07-31 09:37 9234960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E81FE286-AC08-4552-9187-8D4E0DFC24F8}\mpengine.dll
2015-08-24 20:24 . 2015-08-24 20:07 24064 ----a-w- c:\windows\zoek-delete.exe
2015-08-24 20:24 . 2015-08-25 20:59 -------- d-----w- c:\users\Leoš\AppData\Local\Temp
2015-08-24 20:05 . 2015-08-24 20:21 -------- d-----w- C:\zoek_backup
2015-08-24 19:48 . 2015-08-13 10:44 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-23 20:26 . 2015-08-24 19:02 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-23 20:25 . 2015-08-23 20:26 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-08-23 20:25 . 2015-08-23 20:25 -------- d-----w- c:\programdata\Malwarebytes
2015-08-23 20:25 . 2015-06-18 06:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-08-23 20:25 . 2015-06-18 06:41 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-23 20:25 . 2015-06-18 06:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-08-23 14:46 . 2015-08-23 14:50 -------- d-----w- C:\AdwCleaner
2015-08-23 10:44 . 2015-08-23 15:32 -------- d-----w- C:\FRST
2015-08-23 10:26 . 2015-08-23 20:08 -------- d-----w- c:\program files\trend micro
2015-08-23 10:26 . 2015-08-23 10:26 -------- d-----w- C:\rsit
2015-08-15 21:19 . 2015-08-15 21:19 -------- d-----w- C:\$Windows.~WS
2015-08-15 11:23 . 2015-08-15 12:48 -------- d-----w- c:\program files\WinToUSB
2015-08-12 09:29 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:08 . 2015-07-15 17:59 3934656 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-08-12 09:07 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll
2015-08-12 09:07 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll
2015-08-12 09:07 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll
2015-08-12 09:07 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe
2015-08-12 09:07 . 2015-07-30 17:57 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-08-12 09:07 . 2015-07-30 16:49 299520 ----a-w- c:\windows\system32\atmfd.dll
2015-08-12 09:07 . 2015-07-30 17:57 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-08-12 09:07 . 2015-07-30 16:52 2384384 ----a-w- c:\windows\system32\win32k.sys
2015-08-12 09:07 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2015-08-12 09:07 . 2015-07-30 17:57 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-08-12 09:07 . 2015-07-30 17:57 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-08-12 09:07 . 2015-07-30 17:57 26624 ----a-w- c:\windows\system32\lpk.dll
2015-08-12 09:07 . 2015-07-30 17:57 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-08-12 09:06 . 2015-05-09 18:09 715200 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 09:05 . 2015-07-15 02:55 44032 ----a-w- c:\windows\system32\basesrv.dll
2015-08-12 09:04 . 2015-07-15 02:55 1241088 ----a-w- c:\windows\system32\msxml3.dll
2015-08-12 09:04 . 2015-07-15 02:55 1390592 ----a-w- c:\windows\system32\msxml6.dll
2015-08-12 09:04 . 2015-07-15 02:51 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-12 09:04 . 2015-07-15 02:51 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-04 14:43 . 2015-08-04 14:43 -------- d-----w- c:\program files\Common Files\AV
2015-07-27 23:40 . 2015-07-27 23:40 -------- d-----w- c:\users\Leoš\AppData\Local\CEF
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-11 19:31 . 2012-07-25 18:54 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-08-11 19:31 . 2012-07-25 18:54 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-17 14:36 . 2014-08-06 08:50 96352 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-07-15 18:46 . 2015-08-12 09:08 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\mountmgr.sys.mui
2015-07-15 17:55 . 2015-08-12 09:08 248832 ----a-w- c:\windows\system32\schannel.dll
2015-07-04 17:48 . 2015-07-17 14:54 1414656 ----a-w- c:\windows\system32\ole32.dll
2015-06-23 11:27 . 2012-07-25 19:02 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-06-17 17:39 . 2015-07-17 14:56 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-06-16 23:01 . 2015-06-16 23:01 1202856 ----a-w- c:\windows\system32\FM20.DLL
2015-06-15 21:47 . 2015-07-17 14:54 101824 ----a-w- c:\windows\system32\consent.exe
2015-06-15 21:43 . 2015-07-17 14:54 2364416 ----a-w- c:\windows\system32\msi.dll
2015-06-15 21:43 . 2015-07-17 14:54 337408 ----a-w- c:\windows\system32\msihnd.dll
2015-06-15 21:43 . 2015-07-17 14:54 1805824 ----a-w- c:\windows\system32\authui.dll
2015-06-15 21:43 . 2015-07-17 14:54 47104 ----a-w- c:\windows\system32\appinfo.dll
2015-06-15 21:42 . 2015-07-17 14:54 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-06-15 21:37 . 2015-07-17 14:54 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-06-09 19:35 . 2015-07-17 14:50 2745856 ----a-w- c:\windows\system32\rdpcorets.dll
2015-06-09 19:35 . 2015-07-17 14:50 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-06-01 23:47 . 2015-07-17 14:53 210432 ----a-w- c:\windows\system32\cewmdm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" [2015-07-12 563416]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 3117344]
"XMouseButtonControl"="c:\program files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" [2015-08-10 820208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-11-06 10:46 3673728 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2015-07-12 13:05 563416 ----a-w- c:\program files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2013-09-25 282112]
R3 cpuz135;cpuz135;c:\users\LEO~1\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-11-09 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2012-11-09 8576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-22 181784]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-25 1343400]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2012-08-14 11520]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 50624]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-26 242240]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 169080]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 33656]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 217088]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-01-29 291840]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-02-05 233472]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2013-02-05 37344]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Obsah adresáře 'Naplánované úlohy'
.
2015-08-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-25 19:31]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.google.cz/?gws_rd=ssl
TCP: DhcpNameServer = 88.146.192.1 8.8.8.8
FF - ProfilePath - c:\users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-MyFreeCodec - c:\program files\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.032"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.abr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.acdc"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.ani"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.apd"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.arw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.bay"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.bmp"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.cr2"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.crw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.cs1"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.cur"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.dcr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.dcx"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.dib"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.djv"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.djvu"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.dng"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.emf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.eps"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.erf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.fff"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.gif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.hdr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.icl"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.icn"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.iw4"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.j2c"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.j2k"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.jbr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.jfif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.jif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jp2"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpc"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpe"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpg"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.jpk"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.jpx"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.kdc"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.mef"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.mos"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.mrw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.nef"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.nrw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.orf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.pbr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.pct"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pcx"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pef"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.pic"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.pict"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.png"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.psd"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.psp"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.pspbrush"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.raf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.raw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rle"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rw2"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rwl"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.sr2"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.srf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.srw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tga"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.thm"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tiff"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.ttc"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.ttf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wbm"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.webp"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wmf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.xif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-08-25 23:01:40
ComboFix-quarantined-files.txt 2015-08-25 21:01
.
Před spuštěním: Volných bajtů: 198 145 085 440
Po spuštění: Volných bajtů: 197 759 967 232
.
- - End Of File - - 663953D69D9B418E97AA32A754A954DC
A36C5E4F47E84449FF07ED3517B43A31
Při vkládání logu se stránka zase objevila ale tentokrát se mě ptala na nezabezpečené připojení což jsem odmítl.
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.2137 [GMT 2:00]
Spuštěný z: c:\users\Leoš\Desktop\ComboFix.exe
AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-07-25 do 2015-08-25 )))))))))))))))))))))))))))))))
.
.
2015-08-25 20:59 . 2015-08-25 20:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-25 17:18 . 2015-08-25 17:18 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E81FE286-AC08-4552-9187-8D4E0DFC24F8}\offreg.1928.dll
2015-08-25 15:06 . 2015-07-31 09:37 9234960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E81FE286-AC08-4552-9187-8D4E0DFC24F8}\mpengine.dll
2015-08-24 20:24 . 2015-08-24 20:07 24064 ----a-w- c:\windows\zoek-delete.exe
2015-08-24 20:24 . 2015-08-25 20:59 -------- d-----w- c:\users\Leoš\AppData\Local\Temp
2015-08-24 20:05 . 2015-08-24 20:21 -------- d-----w- C:\zoek_backup
2015-08-24 19:48 . 2015-08-13 10:44 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-23 20:26 . 2015-08-24 19:02 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-23 20:25 . 2015-08-23 20:26 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-08-23 20:25 . 2015-08-23 20:25 -------- d-----w- c:\programdata\Malwarebytes
2015-08-23 20:25 . 2015-06-18 06:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-08-23 20:25 . 2015-06-18 06:41 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-23 20:25 . 2015-06-18 06:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-08-23 14:46 . 2015-08-23 14:50 -------- d-----w- C:\AdwCleaner
2015-08-23 10:44 . 2015-08-23 15:32 -------- d-----w- C:\FRST
2015-08-23 10:26 . 2015-08-23 20:08 -------- d-----w- c:\program files\trend micro
2015-08-23 10:26 . 2015-08-23 10:26 -------- d-----w- C:\rsit
2015-08-15 21:19 . 2015-08-15 21:19 -------- d-----w- C:\$Windows.~WS
2015-08-15 11:23 . 2015-08-15 12:48 -------- d-----w- c:\program files\WinToUSB
2015-08-12 09:29 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:08 . 2015-07-15 17:59 3934656 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-08-12 09:07 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll
2015-08-12 09:07 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll
2015-08-12 09:07 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll
2015-08-12 09:07 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe
2015-08-12 09:07 . 2015-07-30 17:57 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-08-12 09:07 . 2015-07-30 16:49 299520 ----a-w- c:\windows\system32\atmfd.dll
2015-08-12 09:07 . 2015-07-30 17:57 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-08-12 09:07 . 2015-07-30 16:52 2384384 ----a-w- c:\windows\system32\win32k.sys
2015-08-12 09:07 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2015-08-12 09:07 . 2015-07-30 17:57 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-08-12 09:07 . 2015-07-30 17:57 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-08-12 09:07 . 2015-07-30 17:57 26624 ----a-w- c:\windows\system32\lpk.dll
2015-08-12 09:07 . 2015-07-30 17:57 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-08-12 09:06 . 2015-05-09 18:09 715200 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 09:05 . 2015-07-15 02:55 44032 ----a-w- c:\windows\system32\basesrv.dll
2015-08-12 09:04 . 2015-07-15 02:55 1241088 ----a-w- c:\windows\system32\msxml3.dll
2015-08-12 09:04 . 2015-07-15 02:55 1390592 ----a-w- c:\windows\system32\msxml6.dll
2015-08-12 09:04 . 2015-07-15 02:51 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-12 09:04 . 2015-07-15 02:51 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-04 14:43 . 2015-08-04 14:43 -------- d-----w- c:\program files\Common Files\AV
2015-07-27 23:40 . 2015-07-27 23:40 -------- d-----w- c:\users\Leoš\AppData\Local\CEF
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-11 19:31 . 2012-07-25 18:54 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-08-11 19:31 . 2012-07-25 18:54 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-17 14:36 . 2014-08-06 08:50 96352 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-07-15 18:46 . 2015-08-12 09:08 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\mountmgr.sys.mui
2015-07-15 17:55 . 2015-08-12 09:08 248832 ----a-w- c:\windows\system32\schannel.dll
2015-07-04 17:48 . 2015-07-17 14:54 1414656 ----a-w- c:\windows\system32\ole32.dll
2015-06-23 11:27 . 2012-07-25 19:02 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-06-17 17:39 . 2015-07-17 14:56 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-06-16 23:01 . 2015-06-16 23:01 1202856 ----a-w- c:\windows\system32\FM20.DLL
2015-06-15 21:47 . 2015-07-17 14:54 101824 ----a-w- c:\windows\system32\consent.exe
2015-06-15 21:43 . 2015-07-17 14:54 2364416 ----a-w- c:\windows\system32\msi.dll
2015-06-15 21:43 . 2015-07-17 14:54 337408 ----a-w- c:\windows\system32\msihnd.dll
2015-06-15 21:43 . 2015-07-17 14:54 1805824 ----a-w- c:\windows\system32\authui.dll
2015-06-15 21:43 . 2015-07-17 14:54 47104 ----a-w- c:\windows\system32\appinfo.dll
2015-06-15 21:42 . 2015-07-17 14:54 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-06-15 21:37 . 2015-07-17 14:54 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-06-09 19:35 . 2015-07-17 14:50 2745856 ----a-w- c:\windows\system32\rdpcorets.dll
2015-06-09 19:35 . 2015-07-17 14:50 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-06-01 23:47 . 2015-07-17 14:53 210432 ----a-w- c:\windows\system32\cewmdm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" [2015-07-12 563416]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 3117344]
"XMouseButtonControl"="c:\program files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" [2015-08-10 820208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-11-06 10:46 3673728 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2015-07-12 13:05 563416 ----a-w- c:\program files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2013-09-25 282112]
R3 cpuz135;cpuz135;c:\users\LEO~1\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-11-09 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2012-11-09 8576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-22 181784]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-25 1343400]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2012-08-14 11520]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 50624]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-26 242240]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 169080]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 33656]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 217088]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-01-29 291840]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-02-05 233472]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2013-02-05 37344]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Obsah adresáře 'Naplánované úlohy'
.
2015-08-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-25 19:31]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.google.cz/?gws_rd=ssl
TCP: DhcpNameServer = 88.146.192.1 8.8.8.8
FF - ProfilePath - c:\users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-MyFreeCodec - c:\program files\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.032"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.abr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.acdc"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.ani"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.apd"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.arw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.bay"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.bmp"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.cr2"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.crw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.cs1"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.cur"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.dcr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.dcx"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.dib"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.djv"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.djvu"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.dng"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.emf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.eps"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.erf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.fff"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.gif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.hdr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.icl"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.icn"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.iw4"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.j2c"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.j2k"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.jbr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.jfif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.jif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jp2"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpc"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpe"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpg"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.jpk"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.jpx"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.kdc"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.mef"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.mos"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.mrw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.nef"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.nrw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.orf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.pbr"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.pct"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pcx"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pef"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.pic"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.pict"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.png"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.psd"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.psp"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.pspbrush"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.raf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.raw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rle"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rw2"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rwl"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.sr2"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.srf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.srw"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tga"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.thm"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tiff"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.ttc"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.ttf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wbm"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 8.webp"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wmf"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
@Denied: (2) (LocalSystem)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2379045658-3380367555-357286776-1001)
"Progid"="ACDSee Pro 8.xif"
.
[HKEY_USERS\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-08-25 23:01:40
ComboFix-quarantined-files.txt 2015-08-25 21:01
.
Před spuštěním: Volných bajtů: 198 145 085 440
Po spuštění: Volných bajtů: 197 759 967 232
.
- - End Of File - - 663953D69D9B418E97AA32A754A954DC
A36C5E4F47E84449FF07ED3517B43A31
Při vkládání logu se stránka zase objevila ale tentokrát se mě ptala na nezabezpečené připojení což jsem odmítl.
