VIRY.CZ

Dobrý den,

prosím o radu

Po restartu PC se mi bloknul Kaspersky a hlásí, že má porušenou databázi a i po update databáze se databáze zase poškodí.
Dokonce nemohu ani spustit RSIT !!!

Díky za odpověď

Podařilo se mi udělat log pomocí DDS:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464
Run by ACER at 13:45:41 on 2013-02-24
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.2036.743 [GMT 1:00]
.
AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bluetooth Suite\adminservice.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Program Files\Launch Manager\LMutilps32.exe
C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Iomega Storage Manager\pCloudd.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\Windows\Explorer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files\EgisTec IPS\PmmUpdate.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Acer\Android Manager\iSync.exe
C:\Program Files\Acer\Updater\iUpdate.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Carambis\Driver Updater\dupdater.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Iomega Storage Manager\IomegaStorageManager.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
uWinlogon: Shell = c:\program files\oceanis\systemsetting\WallPaperAgent.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\contentblocker\ie_content_blocker_plugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Windows 7 Starter Helper: {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - c:\program files\oceanis\systemsetting\StarterHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\urladvisor\klwtbbho.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [Google Update] "c:\users\acer\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Driver Updater] "c:\program files\carambis\driver updater\dupdater.exe" /minimized
uRun: [NokiaSuite.exe] c:\program files\nokia\nokia suite\NokiaSuite.exe -tray
uRun: [GoogleChromeAutoLaunch_65E5181ECE61BC684C401CB8CBBA7B70] "c:\users\acer\appdata\local\google\chrome\application\chrome.exe" --no-startup-window
uRun: [Zoner Photo Studio Autoupdate] c:\program files\zoner\photo studio 15\program32\ZPSTRAY.EXE
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SuiteTray] "c:\program files\egistec mywinlockersuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "c:\program files\egistec ips\PmmUpdate.exe"
mRun: [EgisUpdate] "c:\program files\egistec ips\EgisUpdate.exe" -d
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AtherosBtStack] "c:\program files\bluetooth suite\BtvStack.exe"
mRun: [AthBtTray] "c:\program files\bluetooth suite\AthBtTray.exe"
mRun: [iSyncData] c:\program files\acer\android manager\iSync.exe
mRun: [AndroidManager] c:\program files\acer\android manager\AML.exe
mRun: [iPatchData] c:\program files\acer\updater\iUpdate.exe
mRun: [Power Management] c:\program files\acer\acer epower management\ePowerTray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2013\avp.exe"
mRun: [HP Color LaserJet CM2320 MFP Series Fax] c:\program files\hp\hp color laserjet cm2320 mfp series\hppfaxprintersrv.exe "HP Color LaserJet CM2320 MFP Series Fax"
mRun: [HPUsageTracking] "c:\program files\hp\hp ut\bin\hppusg.exe" "c:\program files\hp\hp ut\"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: c:\users\acer\appdata\roaming\micros~1\windows\startm~1\programs\startup\iomega~1.lnk - c:\program files\iomega\registration\Register.exe
StartupFolder: c:\users\acer\appdata\roaming\micros~1\windows\startm~1\programs\startup\vezyob~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\iomega~1.lnk - c:\program files\iomega storage manager\IomegaStorageManager.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\acer\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\icq7.5\ICQ.exe
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\urladvisor\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0F6E47FE-7D6E-4D42-B6CA-33567A2568CD} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BF31E8D7-10AD-4CF4-80D0-07FE776ECD5C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BF31E8D7-10AD-4CF4-80D0-07FE776ECD5C}\243436F6E63757C647 : DHCPNameServer = 10.0.0.15 10.0.0.138
TCP: Interfaces\{BF31E8D7-10AD-4CF4-80D0-07FE776ECD5C}\D4953554 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{BF31E8D7-10AD-4CF4-80D0-07FE776ECD5C}\F607964747 : DHCPNameServer = 10.0.0.138
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-11-28 239168]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2012-8-2 24408]
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [2012-6-8 43608]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [2012-8-13 144344]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2011-3-24 19304]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2011-3-24 16744]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2011-3-24 62048]
R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2011-1-21 72864]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky anti-virus 2013\avp.exe -r --> c:\program files\kaspersky lab\kaspersky anti-virus 2013\avp.exe -r [?]
R2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2011-3-24 352336]
R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer epower management\ePowerSvc.exe [2011-5-7 739944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2011-3-24 13336]
R2 IconMan_R;IconMan_R;c:\program files\realtek\realtek pcie card reader\RIconMan.exe [2011-3-24 1751656]
R2 Live Updater Service;Live Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2011-3-24 244624]
R2 MSSQL$ABBEPCADCZ;SQL Server (ABBEPCADCZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2010-12-10 29293408]
R2 PCloudd;PCloudd;c:\program files\iomega storage manager\pCloudd.exe [2011-8-6 207360]
R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2011-3-24 260640]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-1-21 24736]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [2012-5-25 25944]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2012-7-25 25944]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2011-3-24 250984]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-3-24 327784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-3 160944]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2011-1-21 34976]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-3-2 183560]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-1-21 258720]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-1-21 175776]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2011-1-21 49312]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-1-21 141088]
S3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2011-1-21 241824]
S3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\common files\egistec\services\EgisTicketService.exe [2010-9-28 172912]
S3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfxfax.sys [2013-2-20 20504]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-6-11 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2012-6-11 8576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-2-4 14848]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-2-4 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-2-4 27136]
S3 vNICdrv;Iomega Virtual Miniport;c:\windows\system32\drivers\vNICdrv.sys [2011-8-6 17488]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-23 51040]
.
=============== Created Last 30 ================
.
2013-02-24 12:34:37 -------- d-----w- c:\program files\trend micro
2013-02-24 11:36:35 -------- d-----w- c:\program files\iPod
2013-02-24 11:36:25 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-24 11:36:24 -------- d-----w- c:\program files\iTunes
2013-02-22 14:22:20 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c8994745-b738-4f47-beb1-ab6ce5b85061}\mpengine.dll
2013-02-22 10:13:28 -------- d-----w- c:\users\acer\appdata\local\Research In Motion
2013-02-22 10:13:24 -------- d-----w- c:\users\acer\appdata\roaming\Research In Motion
2013-02-22 10:11:10 35328 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2013-02-22 10:07:53 -------- d-----w- c:\programdata\Research In Motion
2013-02-22 10:07:39 -------- d-----w- c:\program files\common files\XCPCSync.OEM
2013-02-22 10:07:39 -------- d-----w- c:\program files\common files\Research In Motion
2013-02-22 10:07:37 -------- d-----w- c:\program files\Research In Motion
2013-02-20 12:19:21 -------- d-----w- c:\users\acer\appdata\local\{A1F0D974-932B-4435-B344-2BCAB328F532}
2013-02-20 09:56:51 9451 ------w- c:\windows\system32\hppfaxprintermonui5.dll
2013-02-20 09:56:51 13929 ------w- c:\windows\system32\hppfaxprintermon5.dll
2013-02-20 09:56:49 608 --sha-w- c:\windows\system32\winzvprt5.sys
2013-02-20 09:53:33 281600 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpcpp093.DLL
2013-02-20 09:53:33 161280 ----a-w- c:\windows\system32\hpcpn093.dll
2013-02-20 09:53:32 59928 ----a-w- c:\windows\system32\fxcompchannel.dll
2013-02-20 09:46:48 -------- d-----w- c:\program files\HP
2013-02-20 09:41:08 -------- d-----w- c:\program files\common files\SWF Studio
2013-02-20 09:40:31 26136 ----a-w- c:\windows\system32\drivers\hpfxgen.sys
2013-02-20 09:40:31 20504 ----a-w- c:\windows\system32\drivers\hpfxfax.sys
2013-02-20 09:40:30 17432 ----a-w- c:\windows\system32\drivers\hpfxbulk.sys
2013-02-20 09:40:28 770048 ----a-w- c:\windows\system32\hpptsp05.dll
2013-02-20 09:40:28 761856 ----a-w- c:\windows\system32\hpxp2320.dll
2013-02-20 09:40:28 331776 ----a-w- c:\windows\system32\hppcpr12.dll
2013-02-20 09:40:28 188416 ----a-w- c:\windows\system32\hppcew12.dll
2013-02-20 09:40:27 59928 ----a-w- c:\windows\system32\fxfaxchannel.dll
2013-02-20 09:40:27 450560 ----a-w- c:\windows\system32\hppasc12.dll
2013-02-20 09:40:27 188416 ----a-w- c:\windows\system32\hppafx12.dll
2013-02-20 09:38:25 -------- d-----w- C:\CM_2320_Full_Solution_Win7_3_1_EMEA2
2013-02-16 21:13:24 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-16 21:13:21 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-16 21:13:21 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-16 21:13:19 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-16 21:13:18 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-16 21:12:53 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-07 16:06:25 -------- d-----w- c:\users\acer\appdata\roaming\Zoner
2013-02-07 16:06:23 -------- d-----w- c:\users\acer\appdata\local\Zoner
2013-02-07 16:06:22 -------- d-----w- c:\programdata\Zoner
2013-02-06 15:56:44 -------- d-----w- c:\users\acer\appdata\roaming\calibre
2013-02-06 15:50:45 -------- d-----w- c:\program files\Calibre2
2013-02-04 10:07:54 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-02-04 10:07:52 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-02-04 10:07:52 247808 ----a-w- c:\windows\system32\schannel.dll
2013-02-04 10:07:52 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-02-04 10:07:52 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-30 09:30:19 -------- d-----w- c:\users\acer\appdata\local\{250BCA82-86D5-4060-BB3C-1421CBFE56F9}
2013-01-27 12:37:58 -------- d-----w- c:\users\acer\appdata\local\{FA09B94D-CC17-49DA-913B-035FB509936E}
2013-01-26 19:15:36 -------- d-----w- C:\FFOutput
.
==================== Find3M ====================
.
2013-02-23 13:45:00 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-23 13:45:00 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-15 15:56:10 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-15 15:56:07 473520 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-28 09:12:13 43608 ----a-w- c:\windows\system32\drivers\kltdi.sys
2012-12-28 09:12:13 25944 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2012-12-28 09:12:13 25944 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 12:50:38 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-12-13 12:50:38 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 13:48:01,16 ===============

Zdravím!
Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Log z ComboFixu:

ComboFix 13-02-24.01 - ACER 24.02.2013 20:16:33.1.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.2036.940 [GMT 1:00]
Spuštěný z: c:\users\ACER\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\FullRemove.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-24 do 2013-02-24 )))))))))))))))))))))))))))))))
.
.
2013-02-24 19:51 . 2013-02-24 19:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-24 19:03 . 2013-02-24 19:03 -------- d-----w- c:\program files\Common Files\Java
2013-02-24 19:01 . 2013-02-24 19:01 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-24 12:46 . 2013-02-24 19:04 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C8994745-B738-4F47-BEB1-AB6CE5B85061}\offreg.dll
2013-02-24 12:34 . 2013-02-24 12:53 -------- d-----w- c:\program files\trend micro
2013-02-24 12:34 . 2013-02-24 12:34 -------- d-----w- C:\rsit
2013-02-24 11:36 . 2013-02-24 11:36 -------- d-----w- c:\program files\iPod
2013-02-24 11:36 . 2013-02-24 11:38 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-24 11:36 . 2013-02-24 11:38 -------- d-----w- c:\program files\iTunes
2013-02-22 14:22 . 2013-02-08 00:45 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C8994745-B738-4F47-BEB1-AB6CE5B85061}\mpengine.dll
2013-02-22 10:13 . 2013-02-22 10:13 -------- d-----w- c:\users\ACER\AppData\Local\Research In Motion
2013-02-22 10:13 . 2013-02-22 10:17 -------- d-----w- c:\users\ACER\AppData\Roaming\Research In Motion
2013-02-22 10:11 . 2011-07-20 13:13 35328 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2013-02-22 10:07 . 2013-02-22 10:07 -------- d-----w- c:\programdata\Research In Motion
2013-02-22 10:07 . 2013-02-22 10:07 -------- d-----w- c:\program files\Common Files\Research In Motion
2013-02-22 10:07 . 2013-02-22 10:07 -------- d-----w- c:\program files\Common Files\XCPCSync.OEM
2013-02-22 10:07 . 2013-02-22 10:07 -------- d-----w- c:\program files\Research In Motion
2013-02-20 09:56 . 2009-09-22 19:44 9451 ------w- c:\windows\system32\hppfaxprintermonui5.dll
2013-02-20 09:56 . 2009-09-22 19:44 13929 ------w- c:\windows\system32\hppfaxprintermon5.dll
2013-02-20 09:56 . 2013-02-20 09:56 608 --sha-w- c:\windows\system32\winzvprt5.sys
2013-02-20 09:53 . 2013-02-22 16:52 -------- d-----w- c:\programdata\Hewlett-Packard
2013-02-20 09:53 . 2009-10-14 12:13 281600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpcpp093.DLL
2013-02-20 09:53 . 2009-10-14 12:13 161280 ----a-w- c:\windows\system32\hpcpn093.dll
2013-02-20 09:53 . 2007-07-16 14:29 59928 ----a-w- c:\windows\system32\fxcompchannel.dll
2013-02-20 09:46 . 2013-02-20 09:59 -------- d-----w- c:\program files\HP
2013-02-20 09:43 . 2013-02-22 16:52 -------- d-----w- c:\programdata\HP
2013-02-20 09:41 . 2013-02-20 09:41 -------- d-----w- c:\program files\Common Files\SWF Studio
2013-02-20 09:40 . 2007-07-16 21:29 20504 ----a-w- c:\windows\system32\drivers\hpfxfax.sys
2013-02-20 09:40 . 2007-07-16 21:29 26136 ----a-w- c:\windows\system32\drivers\hpfxgen.sys
2013-02-20 09:40 . 2007-07-16 21:29 17432 ----a-w- c:\windows\system32\drivers\hpfxbulk.sys
2013-02-20 09:40 . 2009-09-28 19:37 770048 ----a-w- c:\windows\system32\hpptsp05.dll
2013-02-20 09:40 . 2009-08-26 22:14 761856 ----a-w- c:\windows\system32\hpxp2320.dll
2013-02-20 09:40 . 2008-09-30 15:52 331776 ----a-w- c:\windows\system32\hppcpr12.dll
2013-02-20 09:40 . 2008-09-30 15:52 188416 ----a-w- c:\windows\system32\hppcew12.dll
2013-02-20 09:40 . 2008-09-30 15:52 450560 ----a-w- c:\windows\system32\hppasc12.dll
2013-02-20 09:40 . 2008-09-30 15:52 188416 ----a-w- c:\windows\system32\hppafx12.dll
2013-02-20 09:40 . 2007-07-16 21:29 59928 ----a-w- c:\windows\system32\fxfaxchannel.dll
2013-02-20 09:38 . 2013-02-20 10:18 -------- d-----w- C:\CM_2320_Full_Solution_Win7_3_1_EMEA2
2013-02-16 21:13 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-16 21:13 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-16 21:13 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-16 21:13 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-16 21:13 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-16 21:12 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-07 16:06 . 2013-02-07 16:27 -------- d-----w- c:\users\ACER\AppData\Roaming\Zoner
2013-02-07 16:06 . 2013-02-07 16:06 -------- d-----w- c:\users\ACER\AppData\Local\Zoner
2013-02-07 16:06 . 2013-02-07 16:06 -------- d-----w- c:\programdata\Zoner
2013-02-06 15:56 . 2013-02-06 16:25 -------- d-----w- c:\users\ACER\AppData\Roaming\calibre
2013-02-06 15:50 . 2013-02-06 15:51 -------- d-----w- c:\program files\Calibre2
2013-02-04 10:07 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-02-04 10:07 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-02-04 10:07 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-02-04 10:07 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-02-04 10:07 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-26 19:15 . 2013-01-26 21:07 -------- d-----w- C:\FFOutput
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-24 19:01 . 2012-11-02 05:56 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-24 19:01 . 2012-03-14 19:36 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-23 13:45 . 2012-06-04 14:51 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-23 13:45 . 2011-06-17 19:13 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-17 00:28 . 2011-06-07 17:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-28 09:12 . 2012-07-25 13:53 25944 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2012-12-28 09:12 . 2012-06-08 10:38 43608 ----a-w- c:\windows\system32\drivers\kltdi.sys
2012-12-28 09:12 . 2012-05-25 18:38 25944 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2012-12-16 14:13 . 2012-12-22 02:03 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:03 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 12:50 . 2012-12-13 12:50 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-12-13 12:50 . 2012-12-13 12:50 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-12-07 12:26 . 2013-01-09 03:34 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 03:34 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 03:34 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 03:34 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 03:34 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 03:34 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 03:34 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 03:34 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 03:34 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 03:34 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 03:34 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 03:34 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 03:34 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 03:34 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 03:34 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-09 03:34 51712 ----a-w- c:\windows\system32\esrb.rs
2012-11-30 04:47 . 2013-01-09 03:37 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55 . 2013-01-09 03:37 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38 . 2013-01-09 03:37 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 03:37 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-11-28 59280]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Driver Updater"="c:\program files\Carambis\Driver Updater\dupdater.exe" [2011-09-27 4871264]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-10-13 1088424]
"GoogleChromeAutoLaunch_65E5181ECE61BC684C401CB8CBBA7B70"="c:\users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-02-21 1274320]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2012-12-04 773728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-02-11 10025576]
"SuiteTray"="c:\program files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-11 150552]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2011-03-14 1081424]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-10-08 1934632]
"AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2011-01-21 490656]
"AthBtTray"="c:\program files\Bluetooth Suite\AthBtTray.exe" [2011-01-21 302240]
"iSyncData"="c:\program files\Acer\Android Manager\iSync.exe" [2011-04-14 408128]
"AndroidManager"="c:\program files\Acer\Android Manager\AML.exe" [2011-04-14 508992]
"iPatchData"="c:\program files\Acer\Updater\iUpdate.exe" [2011-04-14 492096]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-02-23 715368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2012-12-28 356376]
"HP Color LaserJet CM2320 MFP Series Fax"="c:\program files\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" [2009-09-22 2453504]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
c:\users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Iomega Product Registration.lnk - c:\program files\Iomega\Registration\Register.exe [2004-2-4 16175104]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2011-3-24 704104]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Iomega Storage Manager.lnk - c:\program files\Iomega Storage Manager\IomegaStorageManager.exe [2011-8-6 2158160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 First;First; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfxfax.sys [x]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 vNICdrv;Iomega Virtual Miniport;c:\windows\system32\DRIVERS\vNICdrv.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 MSSQL$ABBEPCADCZ;SQL Server (ABBEPCADCZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 PCloudd;PCloudd;c:\program files\Iomega Storage Manager\pCloudd.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
GPSvcGroup REG_MULTI_SZ GPSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 13:45]
.
2013-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-07 20:55]
.
2013-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-07 20:55]
.
2013-02-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2714139009-1136244200-1673485399-1000Core.job
- c:\users\ACER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-12 22:00]
.
2013-02-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2714139009-1136244200-1673485399-1000UA.job
- c:\users\ACER\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-12 22:00]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://acer.msn.com
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\ACER\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.032"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.abr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.amr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ani"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.apd"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.arw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bay"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.bmp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bwf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.cel"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CR2\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.cr2"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.crw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.cs1"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.cur"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.dcr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.dcx"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.dib"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.djv"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.djvu"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.dng"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.emf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.eps"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.erf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.fff"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.flc"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.fli"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.fpx"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.gif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.hdr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.icl"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.icn"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.iff"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ilbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.int"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.inta"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.iw4"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.j2c"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.j2k"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jbr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jfif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jp2"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpc"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpe"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpg"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpk"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpx"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.kar"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.kdc"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.lbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m15"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m1a"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m2a"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m75"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.mef"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.mos"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.mpv"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.mrw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.nef"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.nrw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.orf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pbr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pcd"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pct"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pcx"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pef"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pgm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pic"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pics"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pict"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pix"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.png"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.ppm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.psd"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.psp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pspbrush"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.qcp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.qtpf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.raf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ras"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.raw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rgb"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rgba"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rle"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rsb"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rw2"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rwl"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sdv"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sfil"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sgi"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.smf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.smil"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sml"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.sr2"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.srf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.srw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.swa"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tga"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.thm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tiff"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ttc"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ttf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ulw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40po"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40pp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40ppf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.vfw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wmf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xmp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xpm"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1892)
c:\program files\Acer\Acer ePower Management\SysHook.dll
.
Celkový čas: 2013-02-24 20:56:28
ComboFix-quarantined-files.txt 2013-02-24 19:56
.
Před spuštěním: Volných bajtů: 124 745 248 768
Po spuštění: Volných bajtů: 125 080 305 664
.
- - End Of File - - E87037750B4D2987ED39458A3006BF98

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2714139009-1136244200-1673485399-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2714139009-1136244200-1673485399-1000UA.job

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Provedeno
Toto je aktuální log z ComboFixu:

ComboFix 13-02-24.01 - ACER 24.02.2013 21:56:17.2.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.2036.998 [GMT 1:00]
Spuštěný z: c:\users\ACER\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\ACER\Desktop\CFScript.txt
AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2714139009-1136244200-1673485399-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2714139009-1136244200-1673485399-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2714139009-1136244200-1673485399-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2714139009-1136244200-1673485399-1000UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-24 do 2013-02-24 )))))))))))))))))))))))))))))))
.
.
2013-02-24 21:30 . 2013-02-24 21:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-24 19:03 . 2013-02-24 19:03 -------- d-----w- c:\program files\Common Files\Java
2013-02-24 19:01 . 2013-02-24 19:01 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-24 12:34 . 2013-02-24 12:53 -------- d-----w- c:\program files\trend micro
2013-02-24 12:34 . 2013-02-24 12:34 -------- d-----w- C:\rsit
2013-02-24 11:36 . 2013-02-24 11:36 -------- d-----w- c:\program files\iPod
2013-02-24 11:36 . 2013-02-24 11:38 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-24 11:36 . 2013-02-24 11:38 -------- d-----w- c:\program files\iTunes
2013-02-22 10:13 . 2013-02-22 10:13 -------- d-----w- c:\users\ACER\AppData\Local\Research In Motion
2013-02-22 10:13 . 2013-02-22 10:17 -------- d-----w- c:\users\ACER\AppData\Roaming\Research In Motion
2013-02-22 10:11 . 2011-07-20 13:13 35328 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2013-02-22 10:07 . 2013-02-22 10:07 -------- d-----w- c:\programdata\Research In Motion
2013-02-22 10:07 . 2013-02-22 10:07 -------- d-----w- c:\program files\Common Files\Research In Motion
2013-02-22 10:07 . 2013-02-22 10:07 -------- d-----w- c:\program files\Common Files\XCPCSync.OEM
2013-02-22 10:07 . 2013-02-22 10:07 -------- d-----w- c:\program files\Research In Motion
2013-02-20 09:56 . 2009-09-22 19:44 9451 ------w- c:\windows\system32\hppfaxprintermonui5.dll
2013-02-20 09:56 . 2009-09-22 19:44 13929 ------w- c:\windows\system32\hppfaxprintermon5.dll
2013-02-20 09:56 . 2013-02-20 09:56 608 --sha-w- c:\windows\system32\winzvprt5.sys
2013-02-20 09:53 . 2013-02-22 16:52 -------- d-----w- c:\programdata\Hewlett-Packard
2013-02-20 09:53 . 2009-10-14 12:13 281600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpcpp093.DLL
2013-02-20 09:53 . 2009-10-14 12:13 161280 ----a-w- c:\windows\system32\hpcpn093.dll
2013-02-20 09:53 . 2007-07-16 14:29 59928 ----a-w- c:\windows\system32\fxcompchannel.dll
2013-02-20 09:46 . 2013-02-20 09:59 -------- d-----w- c:\program files\HP
2013-02-20 09:43 . 2013-02-22 16:52 -------- d-----w- c:\programdata\HP
2013-02-20 09:41 . 2013-02-20 09:41 -------- d-----w- c:\program files\Common Files\SWF Studio
2013-02-20 09:40 . 2007-07-16 21:29 20504 ----a-w- c:\windows\system32\drivers\hpfxfax.sys
2013-02-20 09:40 . 2007-07-16 21:29 26136 ----a-w- c:\windows\system32\drivers\hpfxgen.sys
2013-02-20 09:40 . 2007-07-16 21:29 17432 ----a-w- c:\windows\system32\drivers\hpfxbulk.sys
2013-02-20 09:40 . 2009-09-28 19:37 770048 ----a-w- c:\windows\system32\hpptsp05.dll
2013-02-20 09:40 . 2009-08-26 22:14 761856 ----a-w- c:\windows\system32\hpxp2320.dll
2013-02-20 09:40 . 2008-09-30 15:52 331776 ----a-w- c:\windows\system32\hppcpr12.dll
2013-02-20 09:40 . 2008-09-30 15:52 188416 ----a-w- c:\windows\system32\hppcew12.dll
2013-02-20 09:40 . 2008-09-30 15:52 450560 ----a-w- c:\windows\system32\hppasc12.dll
2013-02-20 09:40 . 2008-09-30 15:52 188416 ----a-w- c:\windows\system32\hppafx12.dll
2013-02-20 09:40 . 2007-07-16 21:29 59928 ----a-w- c:\windows\system32\fxfaxchannel.dll
2013-02-20 09:38 . 2013-02-20 10:18 -------- d-----w- C:\CM_2320_Full_Solution_Win7_3_1_EMEA2
2013-02-16 21:13 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-16 21:13 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-16 21:13 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-16 21:13 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-16 21:13 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-16 21:12 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-07 16:06 . 2013-02-07 16:27 -------- d-----w- c:\users\ACER\AppData\Roaming\Zoner
2013-02-07 16:06 . 2013-02-07 16:06 -------- d-----w- c:\users\ACER\AppData\Local\Zoner
2013-02-07 16:06 . 2013-02-07 16:06 -------- d-----w- c:\programdata\Zoner
2013-02-06 15:56 . 2013-02-06 16:25 -------- d-----w- c:\users\ACER\AppData\Roaming\calibre
2013-02-06 15:50 . 2013-02-06 15:51 -------- d-----w- c:\program files\Calibre2
2013-02-04 10:07 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-02-04 10:07 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-02-04 10:07 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-02-04 10:07 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-02-04 10:07 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-26 19:15 . 2013-01-26 21:07 -------- d-----w- C:\FFOutput
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-24 21:31 . 2013-02-24 21:30 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C8994745-B738-4F47-BEB1-AB6CE5B85061}\offreg.dll
2013-02-24 19:01 . 2012-11-02 05:56 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-24 19:01 . 2012-03-14 19:36 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-23 13:45 . 2012-06-04 14:51 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-23 13:45 . 2011-06-17 19:13 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-08 00:45 . 2013-02-22 14:22 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C8994745-B738-4F47-BEB1-AB6CE5B85061}\mpengine.dll
2013-01-17 00:28 . 2011-06-07 17:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-28 09:12 . 2012-07-25 13:53 25944 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2012-12-28 09:12 . 2012-06-08 10:38 43608 ----a-w- c:\windows\system32\drivers\kltdi.sys
2012-12-28 09:12 . 2012-05-25 18:38 25944 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2012-12-16 14:13 . 2012-12-22 02:03 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:03 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 12:50 . 2012-12-13 12:50 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-12-13 12:50 . 2012-12-13 12:50 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-12-07 12:26 . 2013-01-09 03:34 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 03:34 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 03:34 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 03:34 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 03:34 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 03:34 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 03:34 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 03:34 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 03:34 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 03:34 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 03:34 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 03:34 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 03:34 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 03:34 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 03:34 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-09 03:34 51712 ----a-w- c:\windows\system32\esrb.rs
2012-11-30 04:47 . 2013-01-09 03:37 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55 . 2013-01-09 03:37 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38 . 2013-01-09 03:37 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 03:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 03:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 03:37 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-11-28 59280]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Driver Updater"="c:\program files\Carambis\Driver Updater\dupdater.exe" [2011-09-27 4871264]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-10-13 1088424]
"GoogleChromeAutoLaunch_65E5181ECE61BC684C401CB8CBBA7B70"="c:\users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-02-21 1274320]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2012-12-04 773728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-02-11 10025576]
"SuiteTray"="c:\program files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-11 150552]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2011-03-14 1081424]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-10-08 1934632]
"AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2011-01-21 490656]
"AthBtTray"="c:\program files\Bluetooth Suite\AthBtTray.exe" [2011-01-21 302240]
"iSyncData"="c:\program files\Acer\Android Manager\iSync.exe" [2011-04-14 408128]
"AndroidManager"="c:\program files\Acer\Android Manager\AML.exe" [2011-04-14 508992]
"iPatchData"="c:\program files\Acer\Updater\iUpdate.exe" [2011-04-14 492096]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-02-23 715368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2012-12-28 356376]
"HP Color LaserJet CM2320 MFP Series Fax"="c:\program files\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" [2009-09-22 2453504]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
c:\users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Iomega Product Registration.lnk - c:\program files\Iomega\Registration\Register.exe [2004-2-4 16175104]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2011-3-24 704104]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Iomega Storage Manager.lnk - c:\program files\Iomega Storage Manager\IomegaStorageManager.exe [2011-8-6 2158160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 First;First; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfxfax.sys [x]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 vNICdrv;Iomega Virtual Miniport;c:\windows\system32\DRIVERS\vNICdrv.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 MSSQL$ABBEPCADCZ;SQL Server (ABBEPCADCZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 PCloudd;PCloudd;c:\program files\Iomega Storage Manager\pCloudd.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
GPSvcGroup REG_MULTI_SZ GPSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 13:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://acer.msn.com
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\ACER\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.032"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.abr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.amr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ani"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.apd"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.arw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bay"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.bmp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bwf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.cel"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CR2\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.cr2"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.crw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.cs1"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.cur"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.dcr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.dcx"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.dib"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.djv"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.djvu"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.dng"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.emf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.eps"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.erf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.fff"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.flc"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.fli"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.fpx"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.gif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.hdr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.icl"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.icn"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.iff"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ilbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.int"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.inta"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.iw4"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.j2c"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.j2k"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jbr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jfif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jp2"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpc"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpe"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.jpg"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpk"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpx"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.kar"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.kdc"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.lbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m15"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m1a"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m2a"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m75"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.mef"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.mos"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.mpv"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.mrw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.nef"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.nrw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.orf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pbr"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pcd"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pct"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pcx"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pef"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pgm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pic"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pics"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pict"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pix"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.png"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.ppm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.psd"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.psp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pspbrush"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.qcp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.qtpf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.raf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ras"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.raw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rgb"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rgba"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rle"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rsb"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rw2"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.rwl"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sdv"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sfil"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sgi"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.smf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.smil"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sml"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.sr2"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.srf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.srw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.swa"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tga"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.thm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.tiff"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ttc"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ttf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ulw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40po"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40pp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40ppf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.vfw"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-2714139009-1136244200-1673485399-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS150.Document.wmf"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xbm"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xif"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xmp"
.
[HKEY_USERS\S-1-5-21-2714139009-1136244200-1673485399-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xpm"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2144)
c:\program files\Bluetooth Suite\AthCopyHook.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Launch Manager\LMworker.exe
c:\program files\Launch Manager\LMutilps32.exe
c:\windows\system32\conhost.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxext.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\windows\system32\wermgr.exe
.
**************************************************************************
.
Celkový čas: 2013-02-24 22:44:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-24 21:44
ComboFix2.txt 2013-02-24 19:56
.
Před spuštěním: Volných bajtů: 125 169 188 864
Po spuštění: Volných bajtů: 125 089 202 176
.
- - End Of File - - D3A6C8B1FC1A5FD864ADCC5521368DD2

Log je již OK. Nastala nějaká změna?

Díky,

po posledním restartu PC s vše tváří, že je vpořádku.

Nemáte zač!