Problém s miniaplikacemi Win 7 32 bit

paveliknecas · Příspěvekod **paveliknecas** » 04 lis 2010 21:02

Dobrý den,
po prohledání pc antivirem mi naskočí miniaplikace ale jenom jako jednobarevné nebo nebarevné prostě jenom takové šmouhy, když tak dodám foto, prosil bych nějakou radu od zkušených posílám log z HiJackThisu:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:53:53, on 4.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\taskeng.exe
C:\windows\Pkybyc.exe
C:\windows\explorer.exe
C:\Program Files\Opera\opera.exe
D:\drivers and programs\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: mcShoutCastECommerceService - Unknown owner - C:\Program Files\mcShoutCast\mcShoutCastECommerceService.exe
O23 - Service: mcShoutCastLauraFM - Sörnt Poppe - C:\Program Files\mcShoutCast\ShoutCastLauraFMService.exe
O23 - Service: mcShoutCastProxy - Sörnt Poppe - C:\Program Files\mcShoutCast\ShoutCastProxyService.exe
O23 - Service: TunerFreeMCEService - MillieSoft - C:\Program Files\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe

--
End of file - 8323 bytes

Díky moc.

Reklama

Příspěvekod **memphisto** » 04 lis 2010 21:26

Vítej na fóru PC-HELP.CZ

v logu fixni:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

paveliknecas · Příspěvekod **paveliknecas** » 04 lis 2010 22:34

Zdar tak podle navodu me vyjelu tohle:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5046

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

4.11.2010 22:32:59
mbam-log-2010-11-04 (22-32-59).txt

Typ skenu: Rychlý sken
Skenované objekty: 150955
Uplynulý čas: 8 minuta(y), 11 sekunda(y)

Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče registru: 4
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
C:\Windows\Pkybyc.exe (Trojan.Downloader) -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\C8H1KKCTZV (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XBV6RD5SZF (Trojan.FakeAlert) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Windows\Pkybyc.exe (Trojan.Downloader) -> No action taken.
C:\Windows\Pkybya.exe (Trojan.Downloader) -> No action taken.
C:\Windows\Pkybyb.exe (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.

Příspěvekod **memphisto** » 04 lis 2010 22:42

- Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

paveliknecas · Příspěvekod **paveliknecas** » 05 lis 2010 17:57

Takze log z mbam :

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5046

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

5.11.2010 17:35:44
mbam-log-2010-11-05 (17-35-44).txt

Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 241282
Uplynulý čas: 1 hodina(y), 7 minuta(y), 7 sekunda(y)

Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče registru: 4
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 5

Infikované procesy v paměti:
C:\Windows\Pkybyc.exe (Trojan.Downloader) -> Failed to unload process.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\C8H1KKCTZV (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XBV6RD5SZF (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Windows\Pkybyc.exe (Trojan.Downloader) -> Delete on reboot.
C:\Qoobox\Quarantine\C\Windows\System32\sshnas21.dll.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Pkybya.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Pkybyb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

A log z ComboFixu:

ComboFix 10-11-03.04 - Pavel 05.11.2010 17:43:17.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2812.1657 [GMT 1:00]
Spuštěný z: d:\drivers and programs\programs\ComboFix.exe
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-10-05 do 2010-11-05 )))))))))))))))))))))))))))))))
.

2010-11-05 16:51 . 2010-11-05 16:51 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2010-11-05 16:51 . 2010-11-05 16:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-11-05 16:51 . 2010-11-05 16:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-04 21:22 . 2010-11-04 21:22 -------- d-----w- c:\users\Pavel\AppData\Roaming\Malwarebytes
2010-11-04 21:22 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-04 21:22 . 2010-11-04 21:22 -------- d-----w- c:\programdata\Malwarebytes
2010-11-04 21:22 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-04 21:22 . 2010-11-04 21:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-04 21:05 . 2010-11-04 21:05 -------- d-----w- c:\users\Pavel\DoctorWeb
2010-11-04 19:41 . 2010-11-05 16:51 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2010-11-04 18:06 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E7C34BC4-0B03-4691-B09C-855BDBFAB163}\mpengine.dll
2010-10-27 09:37 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-10-27 09:37 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll
2010-10-27 09:37 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax
2010-10-27 09:37 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2010-10-27 09:36 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-10-27 09:32 . 2010-10-27 09:46 -------- d-----w- C:\DOWNLOAD
2010-10-27 08:51 . 2010-10-27 08:52 -------- d-----w- c:\program files\Common Files\Adobe
2010-10-26 21:03 . 2010-10-26 21:04 -------- d-----w- c:\users\Pavel\AppData\Local\mcShoutCast
2010-10-26 15:48 . 2010-10-26 15:48 -------- d-----w- c:\users\Pavel\AppData\Local\Google
2010-10-24 15:50 . 2010-10-24 15:50 -------- d-----w- c:\programdata\MillieSoft
2010-10-24 15:50 . 2010-10-24 15:50 -------- d-----w- c:\program files\MillieSoft
2010-10-24 15:45 . 2010-10-24 15:45 -------- d-----w- c:\programdata\Push-A-Button
2010-10-24 14:50 . 2010-10-24 15:24 -------- d-----w- c:\users\Pavel\AppData\Local\Microsoft Games
2010-10-24 14:29 . 2010-10-24 15:00 -------- d-----w- c:\programdata\MediaBrowser
2010-10-24 14:23 . 2010-10-24 14:23 -------- d-----w- c:\users\Pavel\AppData\Roaming\Peter Souza IV
2010-10-24 14:17 . 2010-10-24 14:17 -------- d-----w- c:\program files\mcShoutCast
2010-10-24 14:17 . 2010-11-03 18:32 -------- d-----w- c:\programdata\mcShoutCast
2010-10-24 14:00 . 2010-10-24 14:00 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-10-24 13:59 . 2010-10-24 13:59 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-10-22 20:13 . 2010-10-22 20:13 -------- d-----w- c:\program files\FreeRapid-0.83u1
2010-10-21 20:03 . 2010-10-21 20:03 -------- d-----w- c:\users\Pavel\Tracing
2010-10-21 19:49 . 2010-10-21 19:49 -------- d-----w- c:\windows\cs
2010-10-21 19:49 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-21 19:42 . 2010-10-21 19:42 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\e4d1a5d1cb715812\InstallManager_WLE_WLE.exe
2010-10-21 19:42 . 2010-10-21 19:42 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\ac43e301cb715811\MeshBetaRemover.exe
2010-10-21 19:42 . 2010-10-21 19:42 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\747f8b81cb715810\DXSETUP.exe
2010-10-21 19:42 . 2010-10-21 19:42 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\747f8b81cb715810\dsetup32.dll
2010-10-21 19:42 . 2010-10-21 19:42 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\747f8b81cb715810\DSETUP.dll
2010-10-21 19:41 . 2010-10-21 19:41 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\35941ee1cb71580f\DSETUP.dll
2010-10-21 19:41 . 2010-10-21 19:41 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\35941ee1cb71580f\DXSETUP.exe
2010-10-21 19:41 . 2010-10-21 19:41 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\35941ee1cb71580f\dsetup32.dll
2010-10-21 19:41 . 2010-10-30 20:05 -------- d-----w- c:\users\Pavel\AppData\Local\Windows Live
2010-10-21 19:40 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-10-21 19:40 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2010-10-21 19:40 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-10-17 18:49 . 2010-10-17 18:49 -------- d-----w- c:\users\Public\CyberLink
2010-10-17 18:04 . 2010-10-17 18:04 -------- d-----w- c:\program files\Common Files\Skype
2010-10-17 18:04 . 2010-10-17 18:04 -------- d-----r- c:\program files\Skype
2010-10-13 20:09 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll
2010-10-13 20:09 . 2010-09-08 04:28 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-10-13 20:09 . 2010-09-08 04:31 673040 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2010-10-13 20:09 . 2010-09-08 04:27 859648 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2010-10-13 20:06 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-13 20:06 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 20:51 . 2010-08-25 20:28 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-07 23:21 . 2010-08-28 10:18 6146896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 12:03 . 2010-09-21 12:03 208768 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-07 15:12 . 2010-08-26 10:49 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-08-26 10:49 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-08-26 10:50 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-08-26 10:50 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-08-26 10:50 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-08-26 10:50 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-08-26 10:50 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-27 12:24 . 2010-08-27 12:24 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-27 12:24 . 2010-08-27 12:24 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-27 12:24 . 2010-08-27 12:24 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-27 12:24 . 2010-08-27 12:24 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-25 20:01 . 2010-08-25 20:01 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-21 05:32 . 2010-09-15 14:30 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-19 08:00 . 2010-08-27 11:57 5934416 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B5449FA-CBAF-4759-B0C0-2E33F00B42A7}\mpengine.dll
2010-08-12 08:00 . 2010-08-27 19:15 108032 ----a-w- c:\windows\system32\ff_vfw.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-10-06 2475336]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-10-06 09:31 2475336 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-10-06 2475336]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-10-06 2475336]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-05-16 13:43 1410400 ----a-w- c:\windows\System32\IcnOvrly.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-02 98304]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2010-03-10 496184]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-12-17 4114368]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6223808]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-10-05 2067808]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
2009-11-19 05:45 307768 ----a-w- c:\program files\CONEXANT\SAII\SAIICpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2009-05-19 22:16 222504 ----a-w- c:\program files\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GShortCut]
2008-12-03 22:15 218408 ----a-w- c:\program files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
2010-05-16 13:43 3122528 ----a-w- c:\program files\Lenovo\VeriFace\PManage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
2009-12-22 12:40 167008 ----a-w- c:\program files\Lenovo\YouCam\YouCamTray.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-15 38152]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-24 191008]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-26 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
S1 aswSP;aswSP; [x]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-08-27 216400]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-08-27 243024]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-03 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-27 308136]
S2 mcShoutCastECommerceService;mcShoutCastECommerceService;c:\program files\mcShoutCast\mcShoutCastECommerceService.exe [2010-06-19 8192]
S2 mcShoutCastLauraFM;mcShoutCastLauraFM;c:\program files\mcShoutCast\ShoutCastLauraFMService.exe [2010-06-19 7680]
S2 mcShoutCastProxy;mcShoutCastProxy;c:\program files\mcShoutCast\ShoutCastProxyService.exe [2010-06-19 62976]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S2 TunerFreeMCEService;TunerFreeMCEService;c:\program files\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe [2010-10-20 11264]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-03 5340160]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-03 152064]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 30392]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 171776]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
.
------- Doplňkový sken -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: ????3?? - c:\users\Pavel\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Pavel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\Pavel\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\Pavel\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.032"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.abr"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ani"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.apd"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.arw"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bay"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bmp"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bw"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cr2"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.crw"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cs1"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cur"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcr"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcx"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dib"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djv"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djvu"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dng"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.emf"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.eps"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.erf"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fff"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fpx"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.gif"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.hdr"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icl"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icn"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ico"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iff"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ilbm"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.int"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.inta"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iw4"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2c"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2k"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jbr"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jfif"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jif"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jp2"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpc"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpe"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpeg"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpg"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpk"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpx"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.kdc"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.lbm"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mef"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mos"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mrw"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.nef"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.nrw"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.orf"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbm"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbr"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcd"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pct"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcx"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pef"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pgm"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pic"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pict"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pix"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.png"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ppm"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psd"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psp"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspbrush"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspimage"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raf"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ras"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raw"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgb"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgba"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rle"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rsb"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rw2"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rwl"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sgi"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sr2"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.srf"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tga"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.thm"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tif"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tiff"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttc"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttf"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbm"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbmp"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wmf"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xbm"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xif"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xpm"

[HKEY_USERS\S-1-5-21-3296939975-2849632258-3979644625-1003\Software\SecuROM\License information*]
"datasecu"=hex:eb,7e,00,ee,f4,24,5a,f0,76,d9,8a,84,24,76,7b,63,3e,09,c6,5d,18,
e2,4c,e8,6e,76,cd,6f,e2,2b,7c,71,7e,74,4e,11,0d,bf,66,4d,11,8a,e9,81,1a,56,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(5208)
c:\windows\system32\IcnOvrly.dll
.
Celkový čas: 2010-11-05 17:53:38
ComboFix-quarantined-files.txt 2010-11-05 16:53
ComboFix2.txt 2010-11-04 19:41
ComboFix3.txt 2010-08-27 13:36

Před spuštěním: Volných bajtů: 35 266 887 680
Po spuštění: Volných bajtů: 34 991 738 880

- - End Of File - - 0583DBCB18518EC44159BA0D1AFBBA48

Příspěvekod **memphisto** » 05 lis 2010 18:46

Máš tam AVG a AVAST. Který používáš a chceš nechat? Ten druhý odmažeme skriptem

paveliknecas · Příspěvekod **paveliknecas** » 05 lis 2010 19:00

Asi Avast

paveliknecas · Příspěvekod **paveliknecas** » 05 lis 2010 19:02

Avast nechat

Příspěvekod **memphisto** » 05 lis 2010 19:16

Chápu

Za chvíli sem dám ten skript

paveliknecas · Příspěvekod **paveliknecas** » 05 lis 2010 19:19

jak to vsechno vis jak delat ja sice neco malo umim s pc ale tohle je uz na me slizitejsi.

Příspěvekod **memphisto** » 05 lis 2010 20:32

Jo, taky se tomu někdy divím. Ono je to o tom dávat pozor a učit se od zkušenější. Samozřejmě ne vše vyřeším sám a musím se radit se zkušenějšími :wink:

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Folder::
c:\program files\AVG

File::
c:\windows\system32\avgrsstx.dll
c:\windows\system32\drivers\avgtdix.sys
c:\windows\system32\drivers\avgldx86.sys
c:\windows\system32\drivers\avgmfx86.sys
c:\windows\System32\IcnOvrly.dll
c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe
c:\program files\AVG\AVG9\avgwdsvc.exe

Driver::
AVG Security Toolbar Service
AvgLdx86
avg9wd
avgtdix
avgmfx86

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"=-
[-HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"=-
[-HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"=- 
[-HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[-HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"=-
"EnableUIADesktopToggle"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
"AppInit_DLLs"=""

DDS::
IE: ????3?????? - c:\users\Pavel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

paveliknecas · Příspěvekod **paveliknecas** » 05 lis 2010 21:40

Zdar Combo se nezastavil ale nezkopiroval jsem to jsem protoze je obsahove velmi velky tento log, proto jsem to dal na ulozto

http://www.uloz.to/6459997/combo-txt

kdyby to chtelo heslo tak 1234

Doufam ze to takhle staci.

Problém s miniaplikacemi Win 7 32 bit Vyřešeno

Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Re: Problém s miniaplikacemi Win 7 32 bit

Kdo je online