Prosím o zazipování toho souboru a uploadnutí ho na www.leteckaposta.cz
Plus prosím jeho jméno a kde se nachází.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
ANGELA C
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: ANGELA C
inactive
Re: ANGELA C
už mohu zapnout antivir??a nevíte jak vypnout to okno s tím upozorněnín o angelu
Re: ANGELA C
já už ho smazala vyhodila z koše,ten keygen už nemám,ale vím že to stáhlo strašně málo lidí z rapid share
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: ANGELA C
A jdeme dál.
~~~
Stáhněte tento soubor a rozbalte ho přímo na disk C: [jeho cesta bude C:\hal.dll].
Tohle je pro případ, kdyby se něco nepovedlo, a Angela onen hal.dll smazala, v tom případě tenhle soubor vyexpandujeme (ale tím se teď nezabývejte).
~~~
Vložte sem log z ComboFix.
Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.
~~~
Stáhněte tento soubor a rozbalte ho přímo na disk C: [jeho cesta bude C:\hal.dll].
Tohle je pro případ, kdyby se něco nepovedlo, a Angela onen hal.dll smazala, v tom případě tenhle soubor vyexpandujeme (ale tím se teď nezabývejte).
~~~
Vložte sem log z ComboFix.
Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.
inactive
Re: ANGELA C
pc se restartoval sam a ted je autoscan,pisu to z mobilu,je to tak dnbre
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: ANGELA C
muzete mi poslat vas mobil,
Re: ANGELA C
ComboFix 10-01-29.08 - Cigi 30.01.2010 13:55:28.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3038.2099 [GMT 1:00]
Spuštěný z: c:\users\Cigi\Downloads\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1813677218-14873745-675912311-500
c:\$recycle.bin\S-1-5-21-2217309622-1872826166-2939454170-500
c:\$recycle.bin\S-1-5-21-2924584658-1892591438-1660323148-500
c:\progra~1\GOOGLE~2\17GOog~1.dll
c:\program files\GooglePlusVideos
c:\program files\GooglePlusVideos\17.GooglePlusVideos.dll
c:\program files\GooglePlusVideos\DeploymentHelper.exe
c:\program files\GooglePlusVideos\FFExt\chrome.manifest
c:\program files\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
c:\program files\GooglePlusVideos\FFExt\chrome\content\script-injector.js
c:\program files\GooglePlusVideos\FFExt\install.rdf
c:\program files\GooglePlusVideos\GooglePlusVideosLicense.txt
c:\program files\GooglePlusVideos\GVConfig.ini
c:\program files\GooglePlusVideos\MFC42U.DLL
c:\program files\GooglePlusVideos\Uninstall.bat
c:\users\Cigi\AppData\Roaming\inst.exe
c:\windows\Fonts\MyriadPro-Regular.otf
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-28 do 2010-01-30 )))))))))))))))))))))))))))))))
.
2010-01-30 12:09 . 2010-01-30 12:09 -------- d-----w- c:\users\Cigi\AppData\Roaming\Malwarebytes
2010-01-30 12:09 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-30 12:09 . 2010-01-30 12:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-30 12:09 . 2010-01-30 12:09 -------- d-----w- c:\programdata\Malwarebytes
2010-01-30 12:09 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-30 11:29 . 2010-01-30 11:29 -------- d-----w- C:\rsit
2010-01-21 21:12 . 2010-01-29 21:10 -------- d-----w- C:\Stahování Rapid
2010-01-21 17:06 . 2010-01-21 17:06 -------- d-----w- c:\users\Cigi\AppData\Roaming\VitySoft
2010-01-15 13:36 . 2010-01-15 13:36 -------- d-----w- c:\program files\DVDFab 6
2010-01-13 10:18 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 10:18 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-30 12:52 . 2008-07-11 18:51 694120 ----a-w- c:\windows\system32\perfh005.dat
2010-01-30 12:52 . 2008-07-11 18:51 156794 ----a-w- c:\windows\system32\perfc005.dat
2010-01-29 21:43 . 2009-03-19 16:53 -------- d-----w- c:\users\Cigi\AppData\Roaming\uTorrent
2010-01-21 17:40 . 2009-07-09 10:18 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-21 17:03 . 2009-03-18 15:35 -------- d-----w- c:\users\Cigi\AppData\Roaming\Skype
2010-01-21 17:03 . 2009-03-19 16:03 -------- d-----w- c:\users\Cigi\AppData\Roaming\skypePM
2010-01-18 10:32 . 2008-07-11 22:29 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-16 16:45 . 2009-03-29 13:11 -------- d-----w- c:\program files\ICQ6.5
2010-01-15 13:36 . 2009-05-24 05:59 -------- d-----w- c:\users\Cigi\AppData\Roaming\Vso
2010-01-15 13:36 . 2009-05-24 05:59 47360 ----a-w- c:\users\Cigi\AppData\Roaming\pcouffin.sys
2010-01-15 13:36 . 2009-05-24 05:59 47360 ----a-w- c:\users\Cigi\AppData\Roaming\pcouffin.sys
2010-01-14 10:12 . 2009-10-03 00:13 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-13 19:05 . 2008-01-02 04:36 -------- d-----w- c:\programdata\Microsoft Help
2010-01-13 19:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-07 11:09 . 2009-12-02 16:39 -------- d-----w- c:\program files\Opera
2010-01-02 06:38 . 2010-01-22 13:03 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 13:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-22 13:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-22 13:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-29 12:24 . 2009-12-29 12:23 -------- d-----w- c:\program files\QuickTime
2009-12-29 12:23 . 2009-12-29 12:23 -------- d-----w- c:\programdata\Apple Computer
2009-12-27 21:32 . 2009-07-12 16:55 -------- d-----w- c:\users\Cigi\AppData\Roaming\LangSoft
2009-12-27 21:28 . 2009-07-12 16:58 798771 ----a-w- c:\programdata\LangSoft\WebIE.dll
2009-12-27 21:28 . 2009-07-12 16:56 -------- d-----w- c:\programdata\LangSoft
2009-12-27 21:28 . 2009-07-12 16:58 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2009-12-27 21:28 . 2009-07-12 16:58 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2009-12-17 20:28 . 2009-12-17 20:28 -------- d-----w- c:\program files\Common Files\Apple
2009-12-17 20:27 . 2009-12-17 20:27 -------- d-----w- c:\program files\Apple Software Update
2009-12-17 20:27 . 2009-12-17 20:27 -------- d-----w- c:\programdata\Apple
2009-12-17 19:32 . 2009-12-17 19:32 -------- d-----w- c:\program files\WinAVI Video Converter
2009-12-17 18:15 . 2009-12-17 18:03 81920 ----a-w- c:\users\Cigi\AppData\Roaming\ezpinst.exe
2009-12-17 18:15 . 2009-12-17 18:03 81920 ----a-w- c:\users\Cigi\AppData\Roaming\ezpinst.exe
2009-12-17 17:52 . 2009-12-17 12:48 -------- d-----w- c:\users\Cigi\AppData\Roaming\Broad Intelligence
2009-12-17 11:03 . 2009-12-17 10:58 -------- d-----w- c:\program files\Dzuso
2009-12-13 19:36 . 2009-03-27 14:23 -------- d-----w- c:\users\Cigi\AppData\Roaming\PC Suite
2009-12-13 19:34 . 2009-12-13 19:15 -------- d-----w- c:\users\Cigi\AppData\Roaming\Nseries
2009-12-13 19:11 . 2009-01-03 21:40 113056 ----a-w- c:\users\Cigi\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-13 19:11 . 2009-12-13 19:11 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-12-13 19:11 . 2009-12-13 19:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-12-13 19:06 . 2009-03-27 14:23 -------- d-----w- c:\users\Cigi\AppData\Roaming\Nokia
2009-12-13 19:04 . 2009-12-13 18:50 -------- d-----w- c:\program files\Nokia
2009-12-13 19:04 . 2009-12-13 18:55 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-13 19:00 . 2009-12-13 19:00 51534 ----a-w- c:\windows\inf\Nokia Music\0009\tmpC28F.tmp
2009-12-13 19:00 . 2009-12-13 19:00 51534 ----a-w- c:\windows\inf\Nokia Music\0005\tmpC28F.tmp
2009-12-13 19:00 . 2009-12-13 19:00 51534 ----a-w- c:\windows\inf\Nokia Music\0000\tmpC28F.tmp
2009-12-13 19:00 . 2009-12-13 19:00 1593 ----a-w- c:\windows\inf\Nokia Music\tmpC290.tmp
2009-12-13 18:58 . 2009-12-13 18:58 -------- d-----w- c:\programdata\NokiaMusic
2009-12-13 18:57 . 2009-12-13 18:56 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-12-12 15:03 . 2009-03-16 16:05 -------- d-----w- c:\users\Cigi\AppData\Roaming\Zoner
2009-12-12 15:01 . 2009-03-16 16:05 -------- d-----w- c:\program files\Zoner
2009-12-10 18:06 . 2009-05-24 16:27 -------- d-----w- c:\programdata\vsosdk
2009-12-10 17:58 . 2009-03-16 16:01 -------- d-----w- c:\users\Cigi\AppData\Roaming\GHISLER
2009-12-10 17:58 . 2009-12-10 14:40 -------- d-----w- c:\programdata\Nero
2009-12-10 17:57 . 2009-12-10 14:40 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-10 17:29 . 2009-12-10 17:29 -------- d-----w- c:\users\Cigi\AppData\Roaming\Nero
2009-12-10 17:27 . 2009-12-10 14:40 -------- d-----w- c:\program files\Nero
2009-12-10 17:26 . 2009-12-10 17:26 -------- d-----w- c:\program files\Common Files\Nero
2009-12-10 14:50 . 2009-04-02 16:17 -------- d-----w- c:\programdata\DVD Shrink
2009-12-10 13:33 . 2009-12-10 13:33 -------- d-----w- c:\program files\Trend Micro
2009-12-05 11:49 . 2008-07-11 20:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-01 17:06 . 2009-12-01 17:06 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-12-01 17:06 . 2009-12-01 17:06 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-12-01 17:06 . 2009-12-01 17:05 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-12-01 17:05 . 2009-12-01 17:05 -------- d-----w- c:\programdata\TuneUp Software
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-24 16:39 . 2009-11-30 19:51 1093064 ----a-w- c:\users\Cigi\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxwods.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2009-11-17 05:36 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-09 12:31 . 2009-12-10 08:21 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-10 08:21 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-10 08:21 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-14 19:00 . 2009-11-14 19:00 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-04-07 18:52 . 2009-04-07 18:52 28672 ----a-w- c:\program files\mozilla firefox\components\GooglePlusVideosXPCOM.dll
2008-10-19 09:58 . 2008-10-19 09:58 49152 ----a-w- c:\program files\mozilla firefox\components\SiteVacuumXPCOM.dll
2009-05-05 18:42 . 2009-05-05 18:37 24 --sha-w- c:\windows\SFEAF2E3D.tmp
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}"= "c:\program files\My-Tool\tbMy-0.dll" [2008-06-24 1568792]
[HKEY_CLASSES_ROOT\clsid\{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
2008-06-24 00:30 1568792 ----a-w- c:\program files\My-Tool\tbMy-0.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 10:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}]
2009-03-24 02:45 192512 ----a-w- c:\program files\RecFree.com\RecFreeToolbar\1.0.27.0\escort.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0508F8F1-08E3-43EE-AAA8-09AD09803084}"= "c:\program files\RecFree.com\RecFreeToolbar\1.0.27.0\escorTlbr.dll" [2009-03-24 172032]
"{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}"= "c:\program files\My-Tool\tbMy-0.dll" [2008-06-24 1568792]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]
[HKEY_CLASSES_ROOT\clsid\{0508f8f1-08e3-43ee-aaa8-09ad09803084}]
[HKEY_CLASSES_ROOT\escorTlbr.DskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\escorTlbr.DskBnd]
[HKEY_CLASSES_ROOT\clsid\{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{0E6D7A5D-B560-4D1C-9713-18DD1ADE6011}"= "c:\program files\My-Tool\tbMy-0.dll" [2008-06-24 1568792]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]
[HKEY_CLASSES_ROOT\clsid\{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-06-28 262144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"uTorrent"="c:\program files\uTorrent\utorrent.exe" [2009-12-13 289584]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-01-02 24576]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-14 30192]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2008-05-29 212992]
"SiteVacuum"="c:\program files\EasySearch\SiteVacuumClient.exe" [2009-04-08 454733]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6295552]
"Skytel"="Skytel.exe" [2008-07-03 1826816]
"TO2WCM_McciTrayApp"="c:\program files\TO2WCM\McciTrayApp.exe" [2008-01-30 1473536]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2008-10-17 2323680]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Nokia Ovi Suite.lnk - c:\program files\Nokia\Ovi\Suite\RunLauncher.exe [2008-11-11 946176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-07-07 19:28 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" silent
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"uTorrent"="c:\program files\uTorrent\uTorrent.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"RtHDVCpl"=RtHDVCpl.exe
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):d8,b9,15,34,d2,fa,c9,01
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 7:21 468224]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [30.5.2008 0:22 208896]
R2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2.1.2008 6:15 299008]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [18.4.2007 5:09 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [11.7.2008 21:21 104992]
R2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [11.7.2008 23:32 411488]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [20.6.2008 17:56 415744]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [28.5.2009 21:41 4233728]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [11.7.2008 19:41 9344]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [19.4.2009 6:45 717296]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [15.6.2009 14:43 234888]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:23 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2.1.2008 5:57 30192]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2.1.2008 6:12 103712]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2.1.2008 6:12 353568]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2.1.2008 6:12 62752]
S3 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [21.4.2007 13:54 52080]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2.1.2008 6:08 337184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2.1.2008 6:08 83232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-01-30 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
2010-01-30 c:\windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Cigi\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxwods.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Mozilla Firefox\components\GooglePlusVideosXPCOM.dll
FF - component: c:\program files\Mozilla Firefox\components\SiteVacuumXPCOM.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-30 14:17
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.032"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.abr"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ani"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.arw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bay"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.bmp"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.cr2"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.crw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cs1"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cur"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcx"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.dib"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djv"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djvu"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.dng"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.emf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.eps"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.erf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.fff"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fpx"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.gif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.hdr"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icl"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icn"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iff"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ilbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.int"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.inta"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iw4"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2c"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.j2k"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jbr"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jfif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jp2"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jpc"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jpe"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jpeg"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jpg"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpk"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpx"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.kdc"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.lbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.mef"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mos"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.mrw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.nef"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.orf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbr"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pcd"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pct"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pcx"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pef"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pgm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pic"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pict"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pix"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.png"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.ppm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.psd"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.psp"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspbrush"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pspimage"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.raf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ras"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.raw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgb"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgba"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.rle"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rsb"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.rw2"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sgi"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.sr2"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.srf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.tga"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.thm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.tif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.tiff"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttc"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.wbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.wbmp"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.wmf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xpm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FBA074ED-E571-4764-1FF6-2E3DFA2F2708}*]
@Allowed: (Read) (RestrictedCode)
"oageeeokhlffnnhdncbmopkmmiecnk"=hex:61,69,61,6e,61,69,70,62,69,64,65,67,66,6b,
62,6b,68,64,65,64,6f,62,65,6e,6c,6d,65,70,63,65,6e,63,62,63,67,62,67,68,6d,\
"iabeocdbfcficggnml"=hex:6a,61,66,63,6e,6a,65,6d,6b,70,65,65,66,6d,70,65,61,67,
6c,67,00,03
"hadeaidlffdmnbam"=hex:6a,61,66,63,6e,6a,65,6d,6b,70,65,65,66,6d,70,65,61,67,
6c,67,00,00
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\SecuROM\License information*]
"datasecu"=hex:ed,3b,e1,0e,76,16,1b,08,c3,6f,5f,5c,6d,5d,5f,88,22,8a,05,70,21,
a9,d1,5e,ec,bc,95,3f,48,55,bb,23,c8,a8,2f,5c,3f,aa,24,1a,d1,13,c2,4a,dd,20,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b4
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-01-30 14:20:20
ComboFix-quarantined-files.txt 2010-01-30 13:20
Před spuštěním: Volných bajtů: 100 521 074 688
Po spuštění: Volných bajtů: 100 444 839 936
- - End Of File - - 75BE1AC0311ACF98ACACD6EB4BB6FD7D
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3038.2099 [GMT 1:00]
Spuštěný z: c:\users\Cigi\Downloads\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1813677218-14873745-675912311-500
c:\$recycle.bin\S-1-5-21-2217309622-1872826166-2939454170-500
c:\$recycle.bin\S-1-5-21-2924584658-1892591438-1660323148-500
c:\progra~1\GOOGLE~2\17GOog~1.dll
c:\program files\GooglePlusVideos
c:\program files\GooglePlusVideos\17.GooglePlusVideos.dll
c:\program files\GooglePlusVideos\DeploymentHelper.exe
c:\program files\GooglePlusVideos\FFExt\chrome.manifest
c:\program files\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
c:\program files\GooglePlusVideos\FFExt\chrome\content\script-injector.js
c:\program files\GooglePlusVideos\FFExt\install.rdf
c:\program files\GooglePlusVideos\GooglePlusVideosLicense.txt
c:\program files\GooglePlusVideos\GVConfig.ini
c:\program files\GooglePlusVideos\MFC42U.DLL
c:\program files\GooglePlusVideos\Uninstall.bat
c:\users\Cigi\AppData\Roaming\inst.exe
c:\windows\Fonts\MyriadPro-Regular.otf
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-28 do 2010-01-30 )))))))))))))))))))))))))))))))
.
2010-01-30 12:09 . 2010-01-30 12:09 -------- d-----w- c:\users\Cigi\AppData\Roaming\Malwarebytes
2010-01-30 12:09 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-30 12:09 . 2010-01-30 12:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-30 12:09 . 2010-01-30 12:09 -------- d-----w- c:\programdata\Malwarebytes
2010-01-30 12:09 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-30 11:29 . 2010-01-30 11:29 -------- d-----w- C:\rsit
2010-01-21 21:12 . 2010-01-29 21:10 -------- d-----w- C:\Stahování Rapid
2010-01-21 17:06 . 2010-01-21 17:06 -------- d-----w- c:\users\Cigi\AppData\Roaming\VitySoft
2010-01-15 13:36 . 2010-01-15 13:36 -------- d-----w- c:\program files\DVDFab 6
2010-01-13 10:18 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 10:18 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-30 12:52 . 2008-07-11 18:51 694120 ----a-w- c:\windows\system32\perfh005.dat
2010-01-30 12:52 . 2008-07-11 18:51 156794 ----a-w- c:\windows\system32\perfc005.dat
2010-01-29 21:43 . 2009-03-19 16:53 -------- d-----w- c:\users\Cigi\AppData\Roaming\uTorrent
2010-01-21 17:40 . 2009-07-09 10:18 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-21 17:03 . 2009-03-18 15:35 -------- d-----w- c:\users\Cigi\AppData\Roaming\Skype
2010-01-21 17:03 . 2009-03-19 16:03 -------- d-----w- c:\users\Cigi\AppData\Roaming\skypePM
2010-01-18 10:32 . 2008-07-11 22:29 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-16 16:45 . 2009-03-29 13:11 -------- d-----w- c:\program files\ICQ6.5
2010-01-15 13:36 . 2009-05-24 05:59 -------- d-----w- c:\users\Cigi\AppData\Roaming\Vso
2010-01-15 13:36 . 2009-05-24 05:59 47360 ----a-w- c:\users\Cigi\AppData\Roaming\pcouffin.sys
2010-01-15 13:36 . 2009-05-24 05:59 47360 ----a-w- c:\users\Cigi\AppData\Roaming\pcouffin.sys
2010-01-14 10:12 . 2009-10-03 00:13 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-13 19:05 . 2008-01-02 04:36 -------- d-----w- c:\programdata\Microsoft Help
2010-01-13 19:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-07 11:09 . 2009-12-02 16:39 -------- d-----w- c:\program files\Opera
2010-01-02 06:38 . 2010-01-22 13:03 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 13:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-22 13:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-22 13:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-29 12:24 . 2009-12-29 12:23 -------- d-----w- c:\program files\QuickTime
2009-12-29 12:23 . 2009-12-29 12:23 -------- d-----w- c:\programdata\Apple Computer
2009-12-27 21:32 . 2009-07-12 16:55 -------- d-----w- c:\users\Cigi\AppData\Roaming\LangSoft
2009-12-27 21:28 . 2009-07-12 16:58 798771 ----a-w- c:\programdata\LangSoft\WebIE.dll
2009-12-27 21:28 . 2009-07-12 16:56 -------- d-----w- c:\programdata\LangSoft
2009-12-27 21:28 . 2009-07-12 16:58 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2009-12-27 21:28 . 2009-07-12 16:58 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2009-12-17 20:28 . 2009-12-17 20:28 -------- d-----w- c:\program files\Common Files\Apple
2009-12-17 20:27 . 2009-12-17 20:27 -------- d-----w- c:\program files\Apple Software Update
2009-12-17 20:27 . 2009-12-17 20:27 -------- d-----w- c:\programdata\Apple
2009-12-17 19:32 . 2009-12-17 19:32 -------- d-----w- c:\program files\WinAVI Video Converter
2009-12-17 18:15 . 2009-12-17 18:03 81920 ----a-w- c:\users\Cigi\AppData\Roaming\ezpinst.exe
2009-12-17 18:15 . 2009-12-17 18:03 81920 ----a-w- c:\users\Cigi\AppData\Roaming\ezpinst.exe
2009-12-17 17:52 . 2009-12-17 12:48 -------- d-----w- c:\users\Cigi\AppData\Roaming\Broad Intelligence
2009-12-17 11:03 . 2009-12-17 10:58 -------- d-----w- c:\program files\Dzuso
2009-12-13 19:36 . 2009-03-27 14:23 -------- d-----w- c:\users\Cigi\AppData\Roaming\PC Suite
2009-12-13 19:34 . 2009-12-13 19:15 -------- d-----w- c:\users\Cigi\AppData\Roaming\Nseries
2009-12-13 19:11 . 2009-01-03 21:40 113056 ----a-w- c:\users\Cigi\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-13 19:11 . 2009-12-13 19:11 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-12-13 19:11 . 2009-12-13 19:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-12-13 19:06 . 2009-03-27 14:23 -------- d-----w- c:\users\Cigi\AppData\Roaming\Nokia
2009-12-13 19:04 . 2009-12-13 18:50 -------- d-----w- c:\program files\Nokia
2009-12-13 19:04 . 2009-12-13 18:55 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-13 19:00 . 2009-12-13 19:00 51534 ----a-w- c:\windows\inf\Nokia Music\0009\tmpC28F.tmp
2009-12-13 19:00 . 2009-12-13 19:00 51534 ----a-w- c:\windows\inf\Nokia Music\0005\tmpC28F.tmp
2009-12-13 19:00 . 2009-12-13 19:00 51534 ----a-w- c:\windows\inf\Nokia Music\0000\tmpC28F.tmp
2009-12-13 19:00 . 2009-12-13 19:00 1593 ----a-w- c:\windows\inf\Nokia Music\tmpC290.tmp
2009-12-13 18:58 . 2009-12-13 18:58 -------- d-----w- c:\programdata\NokiaMusic
2009-12-13 18:57 . 2009-12-13 18:56 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-12-12 15:03 . 2009-03-16 16:05 -------- d-----w- c:\users\Cigi\AppData\Roaming\Zoner
2009-12-12 15:01 . 2009-03-16 16:05 -------- d-----w- c:\program files\Zoner
2009-12-10 18:06 . 2009-05-24 16:27 -------- d-----w- c:\programdata\vsosdk
2009-12-10 17:58 . 2009-03-16 16:01 -------- d-----w- c:\users\Cigi\AppData\Roaming\GHISLER
2009-12-10 17:58 . 2009-12-10 14:40 -------- d-----w- c:\programdata\Nero
2009-12-10 17:57 . 2009-12-10 14:40 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-10 17:29 . 2009-12-10 17:29 -------- d-----w- c:\users\Cigi\AppData\Roaming\Nero
2009-12-10 17:27 . 2009-12-10 14:40 -------- d-----w- c:\program files\Nero
2009-12-10 17:26 . 2009-12-10 17:26 -------- d-----w- c:\program files\Common Files\Nero
2009-12-10 14:50 . 2009-04-02 16:17 -------- d-----w- c:\programdata\DVD Shrink
2009-12-10 13:33 . 2009-12-10 13:33 -------- d-----w- c:\program files\Trend Micro
2009-12-05 11:49 . 2008-07-11 20:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-01 17:06 . 2009-12-01 17:06 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-12-01 17:06 . 2009-12-01 17:06 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-12-01 17:06 . 2009-12-01 17:05 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-12-01 17:05 . 2009-12-01 17:05 -------- d-----w- c:\programdata\TuneUp Software
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-24 16:39 . 2009-11-30 19:51 1093064 ----a-w- c:\users\Cigi\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxwods.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2009-11-17 05:36 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-09 12:31 . 2009-12-10 08:21 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-10 08:21 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-10 08:21 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-14 19:00 . 2009-11-14 19:00 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-04-07 18:52 . 2009-04-07 18:52 28672 ----a-w- c:\program files\mozilla firefox\components\GooglePlusVideosXPCOM.dll
2008-10-19 09:58 . 2008-10-19 09:58 49152 ----a-w- c:\program files\mozilla firefox\components\SiteVacuumXPCOM.dll
2009-05-05 18:42 . 2009-05-05 18:37 24 --sha-w- c:\windows\SFEAF2E3D.tmp
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}"= "c:\program files\My-Tool\tbMy-0.dll" [2008-06-24 1568792]
[HKEY_CLASSES_ROOT\clsid\{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
2008-06-24 00:30 1568792 ----a-w- c:\program files\My-Tool\tbMy-0.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 10:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}]
2009-03-24 02:45 192512 ----a-w- c:\program files\RecFree.com\RecFreeToolbar\1.0.27.0\escort.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0508F8F1-08E3-43EE-AAA8-09AD09803084}"= "c:\program files\RecFree.com\RecFreeToolbar\1.0.27.0\escorTlbr.dll" [2009-03-24 172032]
"{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}"= "c:\program files\My-Tool\tbMy-0.dll" [2008-06-24 1568792]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]
[HKEY_CLASSES_ROOT\clsid\{0508f8f1-08e3-43ee-aaa8-09ad09803084}]
[HKEY_CLASSES_ROOT\escorTlbr.DskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\escorTlbr.DskBnd]
[HKEY_CLASSES_ROOT\clsid\{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{0E6D7A5D-B560-4D1C-9713-18DD1ADE6011}"= "c:\program files\My-Tool\tbMy-0.dll" [2008-06-24 1568792]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]
[HKEY_CLASSES_ROOT\clsid\{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-06-28 262144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"uTorrent"="c:\program files\uTorrent\utorrent.exe" [2009-12-13 289584]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-01-02 24576]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-14 30192]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2008-05-29 212992]
"SiteVacuum"="c:\program files\EasySearch\SiteVacuumClient.exe" [2009-04-08 454733]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6295552]
"Skytel"="Skytel.exe" [2008-07-03 1826816]
"TO2WCM_McciTrayApp"="c:\program files\TO2WCM\McciTrayApp.exe" [2008-01-30 1473536]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2008-10-17 2323680]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Nokia Ovi Suite.lnk - c:\program files\Nokia\Ovi\Suite\RunLauncher.exe [2008-11-11 946176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-07-07 19:28 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" silent
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"uTorrent"="c:\program files\uTorrent\uTorrent.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"RtHDVCpl"=RtHDVCpl.exe
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):d8,b9,15,34,d2,fa,c9,01
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 7:21 468224]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [30.5.2008 0:22 208896]
R2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2.1.2008 6:15 299008]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [18.4.2007 5:09 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [11.7.2008 21:21 104992]
R2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [11.7.2008 23:32 411488]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [20.6.2008 17:56 415744]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [28.5.2009 21:41 4233728]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [11.7.2008 19:41 9344]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [19.4.2009 6:45 717296]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [15.6.2009 14:43 234888]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:23 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2.1.2008 5:57 30192]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2.1.2008 6:12 103712]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2.1.2008 6:12 353568]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2.1.2008 6:12 62752]
S3 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [21.4.2007 13:54 52080]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2.1.2008 6:08 337184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2.1.2008 6:08 83232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-01-30 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
2010-01-30 c:\windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Cigi\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxwods.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Mozilla Firefox\components\GooglePlusVideosXPCOM.dll
FF - component: c:\program files\Mozilla Firefox\components\SiteVacuumXPCOM.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-30 14:17
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.032"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.abr"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ani"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.arw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bay"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.bmp"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.cr2"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.crw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cs1"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cur"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcx"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.dib"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djv"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djvu"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.dng"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.emf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.eps"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.erf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.fff"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fpx"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.gif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.hdr"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icl"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icn"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iff"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ilbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.int"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.inta"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iw4"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2c"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.j2k"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jbr"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jfif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jp2"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jpc"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jpe"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jpeg"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.jpg"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpk"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpx"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.kdc"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.lbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.mef"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mos"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.mrw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.nef"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.orf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbr"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pcd"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pct"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pcx"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pef"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pgm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pic"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pict"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pix"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.png"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.ppm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.psd"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.psp"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspbrush"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pspimage"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.raf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ras"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.raw"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgb"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgba"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.rle"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rsb"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.rw2"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sgi"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.sr2"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.srf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.tga"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.thm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.tif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.tiff"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttc"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.wbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.wbmp"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-1813677218-14873745-675912311-1003)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.wmf"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xbm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xif"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xpm"
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FBA074ED-E571-4764-1FF6-2E3DFA2F2708}*]
@Allowed: (Read) (RestrictedCode)
"oageeeokhlffnnhdncbmopkmmiecnk"=hex:61,69,61,6e,61,69,70,62,69,64,65,67,66,6b,
62,6b,68,64,65,64,6f,62,65,6e,6c,6d,65,70,63,65,6e,63,62,63,67,62,67,68,6d,\
"iabeocdbfcficggnml"=hex:6a,61,66,63,6e,6a,65,6d,6b,70,65,65,66,6d,70,65,61,67,
6c,67,00,03
"hadeaidlffdmnbam"=hex:6a,61,66,63,6e,6a,65,6d,6b,70,65,65,66,6d,70,65,61,67,
6c,67,00,00
[HKEY_USERS\S-1-5-21-1813677218-14873745-675912311-1003\Software\SecuROM\License information*]
"datasecu"=hex:ed,3b,e1,0e,76,16,1b,08,c3,6f,5f,5c,6d,5d,5f,88,22,8a,05,70,21,
a9,d1,5e,ec,bc,95,3f,48,55,bb,23,c8,a8,2f,5c,3f,aa,24,1a,d1,13,c2,4a,dd,20,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b4
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-01-30 14:20:20
ComboFix-quarantined-files.txt 2010-01-30 13:20
Před spuštěním: Volných bajtů: 100 521 074 688
Po spuštění: Volných bajtů: 100 444 839 936
- - End Of File - - 75BE1AC0311ACF98ACACD6EB4BB6FD7D
Re: ANGELA C
Tak si myslím že jsem to zatím zvládla a ted co bude dál,pomůžete mě ještě.Ivča
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: ANGELA C
Jasně, na PC byl táta, omlouvám se. Jak se chová PC? Hláška už nevyskakuje (o Angele)?
inactive
Re: ANGELA C
mám starch ho vypnout zapnout,mám to zkusit???
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: ANGELA C
ESET SMART SECURITY
Internet
Aplikace běžící na tomoto PC se pokouší komunikovat se vzdáleným počítačen.Přejete si tuto komunikaci povolit
Nevíte co stím,at otevřu jakýkoliv prohlížeč,tak to napíše
Internet
Aplikace běžící na tomoto PC se pokouší komunikovat se vzdáleným počítačen.Přejete si tuto komunikaci povolit
Nevíte co stím,at otevřu jakýkoliv prohlížeč,tak to napíše
Re: ANGELA C
ano po combofix to chvilku trvalo než normálně a běží
Přispějete na provoz fóra?