Pomalé PC a rozbití asociace souborů Vyřešeno

[zaken]

Ano, přesně tento soubor myslím...
Je v něm problém?

[Reklama]

[jaro3]

Můžeš zkusit dát na Virus Total , ale myslím , že je to spíš chyba Combofixu. Pokud máš na CD tak zase nainstaluj , jinak má Combofix zálohu a syntaxí se dá vše vrátit...

[zaken]

a jak? Udělám to po novém fixu a Combo testu, ale až to bude vše ok.

[jaro3]

Jo , až potom scriptu to nainstaluj, pokusím se někoho kontaktovat ohledně toho souboru a nahlásit chybu CF.

[zaken]

ComboFix 10-05-14.06 - milos o 15.05.10 16:46:42.10.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2405 [GMT 2:00]
Spuštěný z: c:\documents and settings\milos\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\milos\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
--------------- FCopy ---------------

c:\windows\$NtServicePackUninstall$\tcpip.sys --> c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-15 do 2010-05-15 )))))))))))))))))))))))))))))))
.

2010-05-15 12:14 . 2010-05-15 12:14 -------- d-----w- C:\Versalsoft
2010-05-13 05:10 . 2010-05-13 05:10 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-05-12 16:27 . 2001-08-17 19:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2010-05-12 16:26 . 2001-08-17 19:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2010-05-12 16:25 . 2008-04-13 22:10 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2010-05-12 16:24 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2010-05-12 16:24 . 2001-08-17 19:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2010-05-12 16:24 . 2008-04-13 22:10 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2010-05-12 16:24 . 2001-08-17 19:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2010-05-12 16:22 . 2001-10-24 10:03 161728 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2010-05-12 16:22 . 2001-07-21 20:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-05-12 16:22 . 2001-10-24 10:24 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2010-05-12 16:22 . 2001-08-17 18:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2010-05-12 16:22 . 2001-08-17 18:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2010-05-12 16:22 . 2001-10-24 10:02 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2010-05-12 16:22 . 2001-10-24 10:02 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2010-05-12 16:22 . 2001-08-17 19:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2010-05-12 16:22 . 2008-04-13 22:15 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2010-05-12 16:22 . 2001-08-17 19:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2010-05-12 16:17 . 2001-10-24 10:25 9728 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-05-12 16:17 . 2001-08-17 18:19 3840 -c--a-w- c:\windows\system32\dllcache\rpfun.sys
2010-05-12 16:17 . 2008-04-14 05:47 79104 -c--a-w- c:\windows\system32\dllcache\rocket.sys
2010-05-12 16:17 . 2001-08-17 18:12 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-05-12 16:17 . 2001-10-24 10:24 86097 -c--a-w- c:\windows\system32\dllcache\reslog32.dll
2010-05-12 16:12 . 2008-04-13 22:14 28032 -c--a-w- c:\windows\system32\dllcache\perm3.sys
2010-05-12 16:11 . 2001-10-24 09:44 9472 -c--a-w- c:\windows\system32\dllcache\ntapm.sys
2010-05-12 16:10 . 2001-08-17 18:50 103296 -c--a-w- c:\windows\system32\dllcache\mtxvideo.sys
2010-05-12 16:10 . 2008-04-13 22:16 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2010-05-12 16:10 . 2001-08-17 19:48 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2010-05-12 16:10 . 2008-04-13 22:24 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2010-05-12 16:10 . 2001-08-17 20:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2010-05-12 16:10 . 2001-08-17 19:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2010-05-12 16:10 . 2008-04-13 22:16 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2010-05-12 16:10 . 2001-08-17 19:52 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys
2010-05-12 16:10 . 2008-04-13 22:16 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-05-12 16:10 . 2001-08-17 19:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2010-05-12 16:08 . 2008-04-13 22:10 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-05-12 16:07 . 2001-08-17 18:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2010-05-12 16:07 . 2001-10-24 10:24 90200 -c--a-w- c:\windows\system32\dllcache\io8ports.dll
2010-05-12 16:07 . 2001-08-17 19:50 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys
2010-05-12 16:07 . 2008-04-14 05:55 5504 -c--a-w- c:\windows\system32\dllcache\intelide.sys
2010-05-12 16:07 . 2001-10-24 09:42 13056 -c--a-w- c:\windows\system32\dllcache\inport.sys
2010-05-12 16:07 . 2001-08-17 19:52 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys
2010-05-12 16:05 . 2001-08-17 20:02 2688 -c--a-w- c:\windows\system32\dllcache\hidswvd.sys
2010-05-12 16:04 . 2008-04-13 20:05 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2010-05-12 16:03 . 2001-08-17 18:10 19996 -c--a-w- c:\windows\system32\dllcache\em556n4.sys
2010-05-12 16:02 . 2001-08-17 18:11 29696 -c--a-w- c:\windows\system32\dllcache\dm9pci5.sys
2010-05-12 16:01 . 2001-08-17 19:52 14720 -c--a-w- c:\windows\system32\dllcache\dac960nt.sys
2010-05-12 16:00 . 2008-04-13 22:06 10240 -c--a-w- c:\windows\system32\dllcache\compbatt.sys
2010-05-12 15:59 . 2001-10-24 09:51 49182 -c--a-w- c:\windows\system32\dllcache\cem56n5.sys
2010-05-12 15:58 . 2001-08-17 18:11 31529 -c--a-w- c:\windows\system32\dllcache\brzwlan.sys
2010-05-12 15:57 . 2001-08-17 18:49 23552 -c--a-w- c:\windows\system32\dllcache\atixbar.sys
2010-05-12 15:56 . 2001-08-17 20:07 101888 -c--a-w- c:\windows\system32\dllcache\adpu160m.sys
2010-05-12 15:55 . 2001-10-24 10:24 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-05-12 14:57 . 2010-05-12 14:57 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-05-04 16:02 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-26 15:35 . 2010-04-26 15:35 -------- d-----w- c:\program files\HP
2010-04-26 15:22 . 2004-03-25 22:30 40960 ----a-w- c:\windows\system32\d4channel.dll
2010-04-26 15:22 . 2003-07-02 18:15 61440 ----a-w- c:\windows\system32\PMLJNI.dll
2010-04-26 15:20 . 2010-04-26 15:24 -------- d-----w- c:\program files\Hewlett-Packard
2010-04-18 16:45 . 2010-04-18 16:45 -------- d-----w- c:\windows\system32\AGEIA
2010-04-18 16:45 . 2010-04-18 16:45 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-18 16:32 . 2010-04-18 16:32 14336 ----a-w- c:\windows\system32\drivers\EIO64_xp.sys
2010-04-16 16:22 . 2010-04-16 16:22 -------- d-----w- C:\VideoSec
2010-04-16 13:23 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-04-16 13:23 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-15 12:37 . 2008-09-11 18:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-15 11:29 . 2008-09-11 18:23 -------- d-----w- c:\program files\ASUS
2010-05-13 06:15 . 2008-09-24 12:37 -------- d-----w- c:\program files\Google
2010-05-12 14:47 . 2001-10-25 12:00 91804 ----a-w- c:\windows\system32\perfc005.dat
2010-05-12 14:47 . 2001-10-25 12:00 461122 ----a-w- c:\windows\system32\perfh005.dat
2010-05-04 16:02 . 2010-04-04 08:21 -------- d-----w- c:\program files\Java
2010-04-29 13:39 . 2009-05-04 09:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-05-04 09:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-26 15:23 . 2009-07-30 17:12 -------- d--h--w- c:\program files\Zero G Registry
2010-04-18 16:44 . 2008-09-18 16:11 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-16 13:25 . 2008-09-11 18:09 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-09 14:57 . 2008-09-13 15:37 -------- d---a-w- c:\program files\BANKA GECB
2010-04-04 11:06 . 2008-09-12 09:36 -------- d-----w- c:\program files\Creative
2010-04-04 08:22 . 2008-09-11 18:18 -------- d-----w- c:\program files\Common Files\Java
2010-03-16 06:51 . 2008-09-12 06:02 600680 ----a-w- c:\windows\system32\nvudisp.exe
2010-03-12 09:26 . 2008-09-11 18:06 600680 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-03-10 06:17 . 2004-08-17 14:49 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:18 . 2004-08-17 14:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-08-03 22:15 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 12:09 . 2004-08-17 14:45 2192128 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2004-08-17 15:45 2068992 ----a-w- c:\windows\system32\ntkrnlpa.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="d:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2010-01-26 160592]
"MirandaIM"="d:\program files\Miranda\miranda32.exe" [2007-04-23 549445]
"ASUS SmartDoctor"="c:\program files\ASUS\SmartDoctor\SmartDoctor.exe" [2009-10-23 1200128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2009-07-30 380928]
"mouseElf"="d:\progra~1\KYE\GENIUS~1\mouseElf.exe" [2002-05-20 151552]
"CHotkey"="mHotkey.exe" [2002-08-02 473600]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-03-19 2029640]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"StatusClient 2.6"="c:\program files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe" [2004-02-27 61440]
"TomcatStartup 2.5"="c:\program files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2004-05-20 188416]
"Launch Ai Booster"="c:\program files\ASUS\Ai Booster\OverClk.exe" [2005-08-04 3627008]
"ASUS Probe"="c:\program files\ASUS\Asus Probe\AsusProb.exe" [2002-12-06 617984]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\milos\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Webshots.lnk - d:\program files\Webshots\WebshotsTray.exe [2008-9-11 196608]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Color Calibration.lnk]
backup=c:\windows\pss\Color Calibration.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^MagicTune 3.6.lnk]
backup=c:\windows\pss\MagicTune 3.6.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^MagicTune3.6.lnk]
backup=c:\windows\pss\MagicTune3.6.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- d:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
2004-12-06 10:06 532480 ----a-w- c:\program files\NVIDIA Corporation\nTune\nTune.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Miranda\\miranda32.exe"=
"c:\\Game\\SIERRA\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Total Commander\\TOTALCMD.EXE"=
"c:\\Game\\SIERRA\\Ventrilo\\Ventrilo.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Winamp\\winamp.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Game\\SIERRA\\Half-Life\\hl.exe"=
"c:\\Game\\SIERRA\\Half-Life\\hltv.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Mozilla Firefox\\firefox.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [19.3.09 11:44 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [19.3.09 11:44 731840]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;d:\inisoft - evi firma odpady\Firebird\Firebird_2_1\bin\fbguard.exe [26.6.09 20:27 81920]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;d:\inisoft - evi firma odpady\Firebird\Firebird_2_1\bin\fbserver.exe [26.6.09 20:27 2723840]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7.9.09 20:33 133104]
S3 P1001VID;Creative WebCam (WDM);c:\windows\system32\drivers\P1001Vid.sys [12.9.08 11:34 395224]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 18:32]

2010-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 18:32]

2010-05-13 c:\windows\Tasks\User_Feed_Synchronization-{EB126A07-8809-4CEE-82B5-9461BA0360EF}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

2009-01-07 c:\windows\Tasks\Úklid 1 kliknutím.job
- d:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2006-12-19 13:13]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp:
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přizpůsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\windows\system32\imon.dll
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
FF - ProfilePath - c:\documents and settings\milos\Data aplikací\Mozilla\Firefox\Profiles\8ivyduzy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\documents and settings\milos\Data aplikací\Mozilla\Firefox\Profiles\8ivyduzy.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: c:\program files\Siber Systems\AI RoboForm\Firefox\components\rfproxy_31.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: d:\program files\VideoLAN\VLC\npvlc.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-15 16:50
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-73586283-515967899-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-73586283-515967899-839522115-1003\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (S-1-5-21-73586283-515967899-839522115-1003)
@Allowed: (Read) (S-1-5-21-73586283-515967899-839522115-1003)
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(1024)
c:\windows\system32\imon.dll
c:\windows\system32\nvappfilter.dll

- - - - - - - > 'explorer.exe'(4496)
c:\progra~1\WINDOW~2\wmpband.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-05-15 16:51:51
ComboFix-quarantined-files.txt 2010-05-15 14:51
ComboFix2.txt 2010-05-15 14:10
ComboFix3.txt 2010-05-15 11:16

Před spuštěním: Volných bajtů: 13 630 607 360
Po spuštění: Volných bajtů: 13 620 219 904

- - End Of File - - 38E671BE2DC450861DE473BF630A1604


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:00:52, on 15.5.10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
D:\Inisoft - Evi Firma odpady\Firebird\Firebird_2_1\bin\fbguard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\Inisoft - Evi Firma odpady\Firebird\Firebird_2_1\bin\fbserver.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
D:\PROGRA~1\KYE\GENIUS~1\mouseElf.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\Program Files\Miranda\miranda32.exe
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
D:\Program Files\Webshots\WebshotsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [mouseElf] D:\PROGRA~1\KYE\GENIUS~1\mouseElf.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Program Files\ASUS\Ai Booster\OverClk.exe"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Asus Probe\AsusProb.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [MirandaIM] "D:\Program Files\Miranda\miranda32.exe" "D:\Program Files\Miranda\Profile\Zaken"
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Webshots.lnk = D:\Program Files\Webshots\WebshotsTray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přizpůsobit Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nástrojová lišta - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Uložit formuláře - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formulář - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Uložit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Uložit formuláře - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Nástrojová lišta - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5483.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1159192781
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - D:\Inisoft - Evi Firma odpady\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - D:\Inisoft - Evi Firma odpady\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 13089 bytes

[zaken]

a ještě stále dotaz: Proč se mi rozily asociace souborů? Tedy např pro JPG, JPEG, ... Otevírá se to v prohlížeči obrázků a faxů...
a ps, k čemu mi je O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

Vypni rez.ochrany a firewall.

Spusť F-Secure Online Scanner

Tento skener je možno použít jen v prohlížeči Internet Explorer (není již podmínkou)! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .


Můžeš to přeci vrátit -klikni pravým na foto a dej Otevřít v programu-zvolit výchozí program.
Jak k tomu došlo netuším.

O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file) zbytečný , prázdný klíč.

[zaken]

"ůžeš to přeci vrátit -klikni pravým na foto a dej Otevřít v programu-zvolit výchozí program." to je právě to, co nejde. Mám nasazené acdsee a ani po přehození spouštění na jiný programa návrat zase k acdsee neumožní jeho použití po kliknutí na soubou. Opět je fo MS prohlížeč faxů...

[jaro3]

Něco děláš špatně , máš tam dole to zatržíko , to tam musí být.

[zaken]

Mám, ... a vždy zatržené...

[jaro3]

Já už si nepamatuji , jak je to přesně u XP , ale myslím :
Nástroje-možnosti složky- tam by měla být asociace souborů podle koncovky
najedeš na jpeg a pak zvolíš program
u visty a win7 je to jinak..

[zaken]

i toto mám v pořádku, Chtěl jsem Ti sem dát i obrázky monitoru, abych tě přesvědčil, ale nejde mi to..
V asociaci souborů mi to píše že to je pro OPEN na Acdsee, ale realita je prostě jiná. Mrkwosoft Grrr