Prosím o kontrolu môjho notebooku je strašne lenivý. Vopred ďakujem
Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-05-23 15:20:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 27 GB (28%) free of 96 GB
Total RAM: 2048 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:20:48, on 23. 5. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3220468
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo2.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo2.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo2.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll c:\progra~3\browse~1\261249~1.132\{c16c1~1\browserprotect.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7982 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
"C:\Windows\system32\schtasks.exe" /create /tn "BrowserProtect" /ru "SYSTEM" /sc minute /mo 1 /tr "C:\Windows\system32\sc.exe start BrowserProtect" /st 00:00:00
"C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" /PROTECT
\??\C:\Windows\system32\conhost.exe "-391428928-2081064974-981460517-9255802852077178792906999755875171301170342089
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2442151506-1116486411-3893431267-50015_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2442151506-1116486411-3893431267-50015 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Administrator\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www1.delta-search.com/?affID=121 ... 2269F5B9C1"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 435&UM=&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\extensions\
ffxtlbr@delta.com
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{e3f6c2cc-d8db-498c-af6c-499fb211db97}
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\
babylon.xml
delta.xml
utorrentcontrolv2-customized-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-20 553376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-20 211360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo2.dll [2013-03-05 231168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo2.dll [2013-03-05 231168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-09-08 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-09-08 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-09-08 415256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe [2012-06-04 1466760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveZilla]
C:\Program Files (x86)\LiveZilla\LiveZilla.exe [2013-01-30 8678848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-02-28 18642024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop]
C:\Users\Administrator\AppData\Roaming\Yontoo\YontooDesktop.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]
C:\PROGRA~2\OPENOF~1.OR~\program\QUICKS~1.EXE [2012-08-13 1199104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^runctf.lnk]
C:\Users\ADMINI~1\wgsdgsdgdsgsd.dll,H1N1 []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-26 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.ACDV"=ACDV.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-05-23 15:15:52 ----D---- C:\Program Files\trend micro
2013-05-23 15:15:51 ----D---- C:\rsit
2013-05-23 14:49:09 ----SHD---- C:\$RECYCLE.BIN
2013-05-23 14:36:37 ----A---- C:\ComboFix.txt
2013-05-21 22:01:50 ----D---- C:\Program Files (x86)\Delta
2013-05-21 22:01:46 ----D---- C:\ProgramData\BrowserProtect
2013-05-21 22:01:32 ----D---- C:\Users\Administrator\AppData\Roaming\Delta
2013-05-21 21:50:59 ----A---- C:\Windows\system32\Lagarith.dll
2013-05-21 21:50:54 ----A---- C:\Windows\unins000.exe
2013-05-15 17:26:03 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-05-15 17:17:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-15 17:17:37 ----A---- C:\Windows\system32\mshtml.dll
2013-05-15 17:16:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-15 17:16:08 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-15 17:16:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-15 17:16:06 ----A---- C:\Windows\system32\iertutil.dll
2013-05-15 17:16:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-15 17:16:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-15 17:16:01 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-15 17:16:01 ----A---- C:\Windows\system32\ieui.dll
2013-05-15 17:16:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-15 17:15:58 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-15 17:15:58 ----A---- C:\Windows\system32\url.dll
2013-05-15 17:15:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-15 17:15:56 ----A---- C:\Windows\system32\urlmon.dll
2013-05-15 17:15:54 ----A---- C:\Windows\system32\jscript9.dll
2013-05-15 17:15:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-15 17:15:53 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-15 17:15:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-15 17:15:51 ----A---- C:\Windows\system32\wininet.dll
2013-05-15 17:15:48 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-15 17:15:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-15 17:15:46 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-15 17:15:46 ----A---- C:\Windows\system32\vbscript.dll
2013-05-15 17:15:45 ----A---- C:\Windows\system32\jscript.dll
2013-05-15 17:15:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-15 17:15:29 ----A---- C:\Windows\system32\ieframe.dll
2013-05-15 17:15:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-15 12:54:50 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 12:54:49 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 12:54:49 ----A---- C:\Windows\system32\cdd.dll
2013-05-15 12:54:11 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 12:54:07 ----A---- C:\Windows\system32\authui.dll
2013-05-15 12:54:06 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 12:54:05 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-15 12:54:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-15 12:54:03 ----A---- C:\Windows\system32\consent.exe
2013-05-15 12:54:02 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-15 12:54:01 ----A---- C:\Windows\system32\appinfo.dll
2013-05-15 12:53:19 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 12:53:19 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 12:53:13 ----A---- C:\Windows\system32\win32k.sys
2013-05-14 23:09:23 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2013-05-14 23:06:47 ----A---- C:\Windows\unvise32.exe
2013-05-14 22:59:32 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2013-05-14 22:51:57 ----D---- C:\ProgramData\Studio 15
2013-05-14 22:51:57 ----D---- C:\ProgramData\Pinnacle Studio Plus
2013-05-14 22:51:57 ----D---- C:\Program Files (x86)\Pinnacle
2013-05-14 22:47:16 ----D---- C:\ProgramData\Pinnacle
2013-05-14 21:56:36 ----D---- C:\ProgramData\CorelDRAW Graphics Suite X6.3 - Hotfix 1
2013-05-14 20:41:43 ----D---- C:\Program Files (x86)\WatermarkSubtitleCreator
2013-05-14 20:32:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-05-13 00:50:26 ----D---- C:\ProgramData\Studio14Trial
2013-05-12 23:44:17 ----D---- C:\Users\Administrator\AppData\Roaming\GeoVid
2013-05-12 23:41:28 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2013-05-12 23:41:27 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2013-05-12 23:41:27 ----A---- C:\Windows\SYSWOW64\mfc71u.dll
2013-05-12 23:41:27 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2013-05-12 23:41:27 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2013-05-12 23:41:27 ----A---- C:\Windows\SYSWOW64\atl71.dll
2013-05-12 23:41:26 ----A---- C:\Windows\SYSWOW64\dsetup.dll
2013-05-09 01:24:39 ----D---- C:\Program Files\Common Files\Corel
2013-05-09 01:23:52 ----D---- C:\ProgramData\Protexis
2013-05-09 01:21:35 ----D---- C:\ProgramData\CorelDRAW Graphics Suite X6.3
2013-05-05 22:05:19 ----D---- C:\Users\Administrator\AppData\Roaming\MOVAVI
2013-05-02 21:54:56 ----D---- C:\Users\Administrator\AppData\Roaming\.minecraft
2013-04-30 22:47:05 ----D---- C:\ProgramData\Logs
2013-04-24 13:52:14 ----A---- C:\Windows\system32\drivers\ntfs.sys
======List of files/folders modified in the last 1 month======
2013-05-23 15:20:47 ----D---- C:\Windows\temp
2013-05-23 15:20:09 ----D---- C:\Users\Administrator\AppData\Roaming\uTorrent
2013-05-23 15:20:04 ----D---- C:\Windows\inf
2013-05-23 15:20:03 ----D---- C:\Windows\debug
2013-05-23 15:20:03 ----D---- C:\Windows
2013-05-23 15:15:52 ----RD---- C:\Program Files
2013-05-23 14:36:43 ----D---- C:\Qoobox
2013-05-23 14:32:11 ----A---- C:\Windows\system.ini
2013-05-23 14:31:56 ----D---- C:\Windows\system32\drivers\etc
2013-05-23 14:27:16 ----D---- C:\ProgramData\TEMP
2013-05-23 14:26:54 ----D---- C:\Windows\SYSWOW64\drivers
2013-05-23 14:26:54 ----D---- C:\Windows\SysWOW64
2013-05-23 14:26:54 ----D---- C:\Windows\AppPatch
2013-05-23 14:26:52 ----D---- C:\Program Files (x86)\Common Files
2013-05-23 14:18:31 ----SHD---- C:\System Volume Information
2013-05-23 14:18:06 ----D---- C:\Windows\Prefetch
2013-05-23 14:16:39 ----D---- C:\Windows\system32\Tasks
2013-05-23 14:16:36 ----D---- C:\Windows\system32\drivers
2013-05-23 08:13:49 ----D---- C:\Windows\system32\config
2013-05-23 08:04:45 ----D---- C:\Windows\System32
2013-05-23 08:04:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-23 01:02:13 ----D---- C:\Users\Administrator\AppData\Roaming\Skype
2013-05-22 18:22:03 ----SHD---- C:\Windows\Installer
2013-05-22 18:21:58 ----D---- C:\ProgramData\Skype
2013-05-22 18:21:57 ----RD---- C:\Program Files (x86)\Skype
2013-05-21 22:01:50 ----RD---- C:\Program Files (x86)
2013-05-21 22:01:46 ----D---- C:\ProgramData
2013-05-21 22:01:00 ----D---- C:\Windows\Tasks
2013-05-21 21:51:00 ----D---- C:\Program Files (x86)\ezvid
2013-05-21 21:50:32 ----D---- C:\Users\Administrator\AppData\Roaming\OpenCandy
2013-05-16 00:39:29 ----D---- C:\Windows\rescache
2013-05-15 20:09:19 ----RSD---- C:\Windows\assembly
2013-05-15 20:09:19 ----D---- C:\Windows\Microsoft.NET
2013-05-15 19:49:40 ----D---- C:\Windows\winsxs
2013-05-15 19:47:00 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-05-15 19:47:00 ----D---- C:\Windows\system32\sk-SK
2013-05-15 19:46:56 ----D---- C:\Windows\SYSWOW64\migration
2013-05-15 19:46:56 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-15 19:46:54 ----D---- C:\Windows\system32\migration
2013-05-15 19:46:52 ----D---- C:\Program Files\Internet Explorer
2013-05-15 17:24:08 ----A---- C:\Windows\system32\MRT.exe
2013-05-15 17:17:58 ----D---- C:\Windows\system32\catroot2
2013-05-15 17:17:58 ----D---- C:\Windows\system32\catroot
2013-05-14 23:04:22 ----D---- C:\Windows\system32\DriverStore
2013-05-14 23:03:51 ----SD---- C:\Users\Administrator\AppData\Roaming\Microsoft
2013-05-14 22:56:43 ----RSD---- C:\Windows\Fonts
2013-05-14 20:32:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-14 11:38:56 ----A---- C:\Windows\SYSWOW64\BytescoutVideoMixerFilter.dll
2013-05-14 11:38:56 ----A---- C:\Windows\SYSWOW64\BytescoutScreenCapturingFilter.dll
2013-05-14 11:38:54 ----A---- C:\Windows\SYSWOW64\BytescoutScreenCapturing.dll
2013-05-09 01:24:39 ----D---- C:\Program Files\Common Files
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-30 08:01:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-03 283200]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-26 10611552]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-16 145408]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 143360]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-03-22 2787280]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 136176]
S2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-14 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-11 115608]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-11 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o kontrolu
Zdravím, smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo dole klikni na Search.
Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo dole klikni na Search.
Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.
Re: prosím o kontrolu
# AdwCleaner v2.301 - Log vytvorený 24/05/2013 o 21:49:42
# Aktualizované 16/05/2013 Xplode
# Operaený systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživateľ : Administrator - JOMKO-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Administrator\Desktop\adwcleaner.exe
# Voľba [Prehľada?]
***** [Služby] *****
***** [Súbory / Adresáre] *****
Adresár Nájdené : C:\Program Files (x86)\Conduit
Adresár Nájdené : C:\Program Files (x86)\TornTV.com
Adresár Nájdené : C:\ProgramData\Babylon
Adresár Nájdené : C:\ProgramData\Tarma Installer
Adresár Nájdené : C:\Users\Administrator\AppData\Local\Conduit
Adresár Nájdené : C:\Users\Administrator\AppData\Local\PackageAware
Adresár Nájdené : C:\Users\Administrator\AppData\LocalLow\Conduit
Adresár Nájdené : C:\Users\Administrator\AppData\LocalLow\PriceGong
Adresár Nájdené : C:\Users\Administrator\AppData\Roaming\Babylon
Adresár Nájdené : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\jetpack
Adresár Nájdené : C:\Users\Administrator\AppData\Roaming\OpenCandy
Súbor Nájdené : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Súbor Nájdené : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\Babylon.xml
Súbor Nájdené : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\BrowserProtect.xml
Súbor Nájdené : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\delta.xml
***** [Registre] *****
Kľúe Nájdené : HKCU\Software\1ClickDownload
Kľúe Nájdené : HKCU\Software\APN PIP
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\Conduit
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\PriceGong
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\SmartBar
Kľúe Nájdené : HKCU\Software\Conduit
Kľúe Nájdené : HKCU\Software\delta LTD
Kľúe Nájdené : HKCU\Software\PIP
Kľúe Nájdené : HKCU\Software\957dbdae06fbe48
Kľúe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Kľúe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Kľúe Nájdené : HKLM\Software\Babylon
Kľúe Nájdené : HKLM\Software\BabylonToolbar
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Prod.cap
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Kľúe Nájdené : HKLM\Software\Conduit
Kľúe Nájdené : HKLM\Software\DataMngr
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Kľúe Nájdené : HKLM\Software\PIP
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Kľúe Nájdené : HKU\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Kľúe Nájdené : HKU\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v9.0.8112.16483
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119294&tt=g ... 2269F5B9C1
-\\ Mozilla Firefox v21.0 (sk)
Súbor : C:\Users\Jomko\AppData\Roaming\Mozilla\Firefox\Profiles\xjgs6qc3.default\prefs.js
[OK] Súbor je eistý.
Súbor : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\prefs.js
Nájdené : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Nájdené : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=1[...]
Nájdené : user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl_v2 Customized Web Search");
Nájdené : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468[...]
Nájdené : user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
Nájdené : user_pref("extensions.delta.admin", false);
Nájdené : user_pref("extensions.delta.aflt", "babsst");
Nájdené : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Nájdené : user_pref("extensions.delta.autoRvrt", "false");
Nájdené : user_pref("extensions.delta.dfltLng", "en");
Nájdené : user_pref("extensions.delta.excTlbr", false);
Nájdené : user_pref("extensions.delta.ffxUnstlRst", true);
Nájdené : user_pref("extensions.delta.id", "ba53dcb9000000000000002269f5b9c1");
Nájdené : user_pref("extensions.delta.instlDay", "15849");
Nájdené : user_pref("extensions.delta.instlRef", "sst");
Nájdené : user_pref("extensions.delta.newTab", false);
Nájdené : user_pref("extensions.delta.prdct", "delta");
Nájdené : user_pref("extensions.delta.prtnrId", "delta");
Nájdené : user_pref("extensions.delta.rvrt", "false");
Nájdené : user_pref("extensions.delta.smplGrp", "none");
Nájdené : user_pref("extensions.delta.tlbrId", "base");
Nájdené : user_pref("extensions.delta.tlbrSrchUrl", "");
Nájdené : user_pref("extensions.delta.vrsn", "1.8.21.5");
Nájdené : user_pref("extensions.delta.vrsnTs", "1.8.21.58:51:50");
Nájdené : user_pref("extensions.delta.vrsni", "1.8.21.5");
Nájdené : user_pref("extensions.delta_i.babExt", "");
Nájdené : user_pref("extensions.delta_i.babTrack", "affID=119294&tt=gc_");
Nájdené : user_pref("extensions.delta_i.srcExt", "ss");
Nájdené : user_pref("smartBar.searchInNewTabOwner", "CT3220468");
Nájdené : user_pref("smartbar.machineId", "S9BRKF4TIBNSW3WFBSYX7UEJS8MSKPTJZXZNUECJQ8WFB28J2KIBV3Z90FT/N05A0SU[...]
-\\ Google Chrome v27.0.1453.94
Súbor : C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
Súbor : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nájdené [l.44] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Nájdené [l.47] : keyword = "delta-search.com",
Nájdené [l.51] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&a ... 2269F5B9C1",
Nájdené [l.2168] : homepage = "hxxp://www.delta-search.com/?affID=119294&tt=g ... 2269F5B9C1",
Nájdené [l.2686] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119294&tt=g ... 2269F5B9C1" ]
*************************
AdwCleaner[R1].txt - [8347 octets] - [24/05/2013 21:49:42]
########## EOF - C:\AdwCleaner[R1].txt - [8407 octets] ##########
# Aktualizované 16/05/2013 Xplode
# Operaený systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživateľ : Administrator - JOMKO-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Administrator\Desktop\adwcleaner.exe
# Voľba [Prehľada?]
***** [Služby] *****
***** [Súbory / Adresáre] *****
Adresár Nájdené : C:\Program Files (x86)\Conduit
Adresár Nájdené : C:\Program Files (x86)\TornTV.com
Adresár Nájdené : C:\ProgramData\Babylon
Adresár Nájdené : C:\ProgramData\Tarma Installer
Adresár Nájdené : C:\Users\Administrator\AppData\Local\Conduit
Adresár Nájdené : C:\Users\Administrator\AppData\Local\PackageAware
Adresár Nájdené : C:\Users\Administrator\AppData\LocalLow\Conduit
Adresár Nájdené : C:\Users\Administrator\AppData\LocalLow\PriceGong
Adresár Nájdené : C:\Users\Administrator\AppData\Roaming\Babylon
Adresár Nájdené : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\jetpack
Adresár Nájdené : C:\Users\Administrator\AppData\Roaming\OpenCandy
Súbor Nájdené : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Súbor Nájdené : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\Babylon.xml
Súbor Nájdené : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\BrowserProtect.xml
Súbor Nájdené : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\delta.xml
***** [Registre] *****
Kľúe Nájdené : HKCU\Software\1ClickDownload
Kľúe Nájdené : HKCU\Software\APN PIP
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\Conduit
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\PriceGong
Kľúe Nájdené : HKCU\Software\AppDataLow\Software\SmartBar
Kľúe Nájdené : HKCU\Software\Conduit
Kľúe Nájdené : HKCU\Software\delta LTD
Kľúe Nájdené : HKCU\Software\PIP
Kľúe Nájdené : HKCU\Software\957dbdae06fbe48
Kľúe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Kľúe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Kľúe Nájdené : HKLM\Software\Babylon
Kľúe Nájdené : HKLM\Software\BabylonToolbar
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Prod.cap
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Kľúe Nájdené : HKLM\Software\Conduit
Kľúe Nájdené : HKLM\Software\DataMngr
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Kľúe Nájdené : HKLM\Software\PIP
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Kľúe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Kľúe Nájdené : HKU\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Kľúe Nájdené : HKU\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v9.0.8112.16483
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119294&tt=g ... 2269F5B9C1
-\\ Mozilla Firefox v21.0 (sk)
Súbor : C:\Users\Jomko\AppData\Roaming\Mozilla\Firefox\Profiles\xjgs6qc3.default\prefs.js
[OK] Súbor je eistý.
Súbor : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\prefs.js
Nájdené : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Nájdené : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=1[...]
Nájdené : user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl_v2 Customized Web Search");
Nájdené : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468[...]
Nájdené : user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
Nájdené : user_pref("extensions.delta.admin", false);
Nájdené : user_pref("extensions.delta.aflt", "babsst");
Nájdené : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Nájdené : user_pref("extensions.delta.autoRvrt", "false");
Nájdené : user_pref("extensions.delta.dfltLng", "en");
Nájdené : user_pref("extensions.delta.excTlbr", false);
Nájdené : user_pref("extensions.delta.ffxUnstlRst", true);
Nájdené : user_pref("extensions.delta.id", "ba53dcb9000000000000002269f5b9c1");
Nájdené : user_pref("extensions.delta.instlDay", "15849");
Nájdené : user_pref("extensions.delta.instlRef", "sst");
Nájdené : user_pref("extensions.delta.newTab", false);
Nájdené : user_pref("extensions.delta.prdct", "delta");
Nájdené : user_pref("extensions.delta.prtnrId", "delta");
Nájdené : user_pref("extensions.delta.rvrt", "false");
Nájdené : user_pref("extensions.delta.smplGrp", "none");
Nájdené : user_pref("extensions.delta.tlbrId", "base");
Nájdené : user_pref("extensions.delta.tlbrSrchUrl", "");
Nájdené : user_pref("extensions.delta.vrsn", "1.8.21.5");
Nájdené : user_pref("extensions.delta.vrsnTs", "1.8.21.58:51:50");
Nájdené : user_pref("extensions.delta.vrsni", "1.8.21.5");
Nájdené : user_pref("extensions.delta_i.babExt", "");
Nájdené : user_pref("extensions.delta_i.babTrack", "affID=119294&tt=gc_");
Nájdené : user_pref("extensions.delta_i.srcExt", "ss");
Nájdené : user_pref("smartBar.searchInNewTabOwner", "CT3220468");
Nájdené : user_pref("smartbar.machineId", "S9BRKF4TIBNSW3WFBSYX7UEJS8MSKPTJZXZNUECJQ8WFB28J2KIBV3Z90FT/N05A0SU[...]
-\\ Google Chrome v27.0.1453.94
Súbor : C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
Súbor : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nájdené [l.44] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Nájdené [l.47] : keyword = "delta-search.com",
Nájdené [l.51] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&a ... 2269F5B9C1",
Nájdené [l.2168] : homepage = "hxxp://www.delta-search.com/?affID=119294&tt=g ... 2269F5B9C1",
Nájdené [l.2686] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119294&tt=g ... 2269F5B9C1" ]
*************************
AdwCleaner[R1].txt - [8347 octets] - [24/05/2013 21:49:42]
########## EOF - C:\AdwCleaner[R1].txt - [8407 octets] ##########
Re: prosím o kontrolu
Znovu spusť AdwCleaner ale tentokrát klikni na Delete,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té na Tebe opět vypadne log který mi sem zkopíruj.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té na Tebe opět vypadne log který mi sem zkopíruj.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: prosím o kontrolu
# AdwCleaner v2.301 - Log vytvorený 25/05/2013 o 22:33:21
# Aktualizované 16/05/2013 Xplode
# Operaený systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživateľ : Administrator - JOMKO-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Administrator\Desktop\adwcleaner.exe
# Voľba [Vymaza?]
***** [Služby] *****
***** [Súbory / Adresáre] *****
Adresár Vymazané : C:\Program Files (x86)\Conduit
Adresár Vymazané : C:\Program Files (x86)\TornTV.com
Adresár Vymazané : C:\ProgramData\Babylon
Adresár Vymazané : C:\ProgramData\Tarma Installer
Adresár Vymazané : C:\Users\Administrator\AppData\Local\Conduit
Adresár Vymazané : C:\Users\Administrator\AppData\Local\PackageAware
Adresár Vymazané : C:\Users\Administrator\AppData\LocalLow\Conduit
Adresár Vymazané : C:\Users\Administrator\AppData\LocalLow\PriceGong
Adresár Vymazané : C:\Users\Administrator\AppData\Roaming\Babylon
Adresár Vymazané : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\jetpack
Adresár Vymazané : C:\Users\Administrator\AppData\Roaming\OpenCandy
Súbor Vymazané : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Súbor Vymazané : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\Babylon.xml
Súbor Vymazané : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\BrowserProtect.xml
Súbor Vymazané : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\delta.xml
***** [Registre] *****
Kľúe Vymazané : HKCU\Software\1ClickDownload
Kľúe Vymazané : HKCU\Software\APN PIP
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\Conduit
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\PriceGong
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\SmartBar
Kľúe Vymazané : HKCU\Software\Conduit
Kľúe Vymazané : HKCU\Software\delta LTD
Kľúe Vymazané : HKCU\Software\PIP
Kľúe Vymazané : HKCU\Software\957dbdae06fbe48
Kľúe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Kľúe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Kľúe Vymazané : HKLM\Software\Babylon
Kľúe Vymazané : HKLM\Software\BabylonToolbar
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Prod.cap
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Kľúe Vymazané : HKLM\Software\Conduit
Kľúe Vymazané : HKLM\Software\DataMngr
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Kľúe Vymazané : HKLM\Software\PIP
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v9.0.8112.16483
Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119294&tt=g ... 2269F5B9C1 --> hxxp://www.google.com
-\\ Mozilla Firefox v21.0 (sk)
Súbor : C:\Users\Jomko\AppData\Roaming\Mozilla\Firefox\Profiles\xjgs6qc3.default\prefs.js
[OK] Súbor je eistý.
Súbor : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\prefs.js
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\user.js ... Vymazané !
Vymazané : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Vymazané : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=1[...]
Vymazané : user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl_v2 Customized Web Search");
Vymazané : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468[...]
Vymazané : user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
Vymazané : user_pref("extensions.delta.admin", false);
Vymazané : user_pref("extensions.delta.aflt", "babsst");
Vymazané : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Vymazané : user_pref("extensions.delta.autoRvrt", "false");
Vymazané : user_pref("extensions.delta.dfltLng", "en");
Vymazané : user_pref("extensions.delta.excTlbr", false);
Vymazané : user_pref("extensions.delta.ffxUnstlRst", true);
Vymazané : user_pref("extensions.delta.id", "ba53dcb9000000000000002269f5b9c1");
Vymazané : user_pref("extensions.delta.instlDay", "15849");
Vymazané : user_pref("extensions.delta.instlRef", "sst");
Vymazané : user_pref("extensions.delta.newTab", false);
Vymazané : user_pref("extensions.delta.prdct", "delta");
Vymazané : user_pref("extensions.delta.prtnrId", "delta");
Vymazané : user_pref("extensions.delta.rvrt", "false");
Vymazané : user_pref("extensions.delta.smplGrp", "none");
Vymazané : user_pref("extensions.delta.tlbrId", "base");
Vymazané : user_pref("extensions.delta.tlbrSrchUrl", "");
Vymazané : user_pref("extensions.delta.vrsn", "1.8.21.5");
Vymazané : user_pref("extensions.delta.vrsnTs", "1.8.21.58:51:50");
Vymazané : user_pref("extensions.delta.vrsni", "1.8.21.5");
Vymazané : user_pref("extensions.delta_i.babExt", "");
Vymazané : user_pref("extensions.delta_i.babTrack", "affID=119294&tt=gc_");
Vymazané : user_pref("extensions.delta_i.srcExt", "ss");
Vymazané : user_pref("smartBar.searchInNewTabOwner", "CT3220468");
Vymazané : user_pref("smartbar.machineId", "S9BRKF4TIBNSW3WFBSYX7UEJS8MSKPTJZXZNUECJQ8WFB28J2KIBV3Z90FT/N05A0SU[...]
-\\ Google Chrome v27.0.1453.94
Súbor : C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
Súbor : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazané [l.32] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Vymazané [l.35] : keyword = "delta-search.com",
Vymazané [l.39] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&a ... rc=SP_ss&m[...]
Vymazané [l.2106] : homepage = "hxxp://www.delta-search.com/?affID=119294&tt=g ... 02269F5B9C[...]
Vymazané [l.2636] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119294&tt=gc_&babsrc=HP_ss[...]
*************************
AdwCleaner[R1].txt - [8444 octets] - [24/05/2013 21:49:42]
AdwCleaner[S1].txt - [8291 octets] - [25/05/2013 22:33:21]
########## EOF - C:\AdwCleaner[S1].txt - [8351 octets] ##########
# Aktualizované 16/05/2013 Xplode
# Operaený systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživateľ : Administrator - JOMKO-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Administrator\Desktop\adwcleaner.exe
# Voľba [Vymaza?]
***** [Služby] *****
***** [Súbory / Adresáre] *****
Adresár Vymazané : C:\Program Files (x86)\Conduit
Adresár Vymazané : C:\Program Files (x86)\TornTV.com
Adresár Vymazané : C:\ProgramData\Babylon
Adresár Vymazané : C:\ProgramData\Tarma Installer
Adresár Vymazané : C:\Users\Administrator\AppData\Local\Conduit
Adresár Vymazané : C:\Users\Administrator\AppData\Local\PackageAware
Adresár Vymazané : C:\Users\Administrator\AppData\LocalLow\Conduit
Adresár Vymazané : C:\Users\Administrator\AppData\LocalLow\PriceGong
Adresár Vymazané : C:\Users\Administrator\AppData\Roaming\Babylon
Adresár Vymazané : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\jetpack
Adresár Vymazané : C:\Users\Administrator\AppData\Roaming\OpenCandy
Súbor Vymazané : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Súbor Vymazané : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\Babylon.xml
Súbor Vymazané : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\BrowserProtect.xml
Súbor Vymazané : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\searchplugins\delta.xml
***** [Registre] *****
Kľúe Vymazané : HKCU\Software\1ClickDownload
Kľúe Vymazané : HKCU\Software\APN PIP
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\Conduit
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\PriceGong
Kľúe Vymazané : HKCU\Software\AppDataLow\Software\SmartBar
Kľúe Vymazané : HKCU\Software\Conduit
Kľúe Vymazané : HKCU\Software\delta LTD
Kľúe Vymazané : HKCU\Software\PIP
Kľúe Vymazané : HKCU\Software\957dbdae06fbe48
Kľúe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Kľúe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Kľúe Vymazané : HKLM\Software\Babylon
Kľúe Vymazané : HKLM\Software\BabylonToolbar
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Prod.cap
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Kľúe Vymazané : HKLM\Software\Conduit
Kľúe Vymazané : HKLM\Software\DataMngr
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Kľúe Vymazané : HKLM\Software\PIP
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Kľúe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v9.0.8112.16483
Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119294&tt=g ... 2269F5B9C1 --> hxxp://www.google.com
-\\ Mozilla Firefox v21.0 (sk)
Súbor : C:\Users\Jomko\AppData\Roaming\Mozilla\Firefox\Profiles\xjgs6qc3.default\prefs.js
[OK] Súbor je eistý.
Súbor : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\prefs.js
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\user.js ... Vymazané !
Vymazané : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Vymazané : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=1[...]
Vymazané : user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl_v2 Customized Web Search");
Vymazané : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468[...]
Vymazané : user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
Vymazané : user_pref("extensions.delta.admin", false);
Vymazané : user_pref("extensions.delta.aflt", "babsst");
Vymazané : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Vymazané : user_pref("extensions.delta.autoRvrt", "false");
Vymazané : user_pref("extensions.delta.dfltLng", "en");
Vymazané : user_pref("extensions.delta.excTlbr", false);
Vymazané : user_pref("extensions.delta.ffxUnstlRst", true);
Vymazané : user_pref("extensions.delta.id", "ba53dcb9000000000000002269f5b9c1");
Vymazané : user_pref("extensions.delta.instlDay", "15849");
Vymazané : user_pref("extensions.delta.instlRef", "sst");
Vymazané : user_pref("extensions.delta.newTab", false);
Vymazané : user_pref("extensions.delta.prdct", "delta");
Vymazané : user_pref("extensions.delta.prtnrId", "delta");
Vymazané : user_pref("extensions.delta.rvrt", "false");
Vymazané : user_pref("extensions.delta.smplGrp", "none");
Vymazané : user_pref("extensions.delta.tlbrId", "base");
Vymazané : user_pref("extensions.delta.tlbrSrchUrl", "");
Vymazané : user_pref("extensions.delta.vrsn", "1.8.21.5");
Vymazané : user_pref("extensions.delta.vrsnTs", "1.8.21.58:51:50");
Vymazané : user_pref("extensions.delta.vrsni", "1.8.21.5");
Vymazané : user_pref("extensions.delta_i.babExt", "");
Vymazané : user_pref("extensions.delta_i.babTrack", "affID=119294&tt=gc_");
Vymazané : user_pref("extensions.delta_i.srcExt", "ss");
Vymazané : user_pref("smartBar.searchInNewTabOwner", "CT3220468");
Vymazané : user_pref("smartbar.machineId", "S9BRKF4TIBNSW3WFBSYX7UEJS8MSKPTJZXZNUECJQ8WFB28J2KIBV3Z90FT/N05A0SU[...]
-\\ Google Chrome v27.0.1453.94
Súbor : C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
Súbor : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazané [l.32] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Vymazané [l.35] : keyword = "delta-search.com",
Vymazané [l.39] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&a ... rc=SP_ss&m[...]
Vymazané [l.2106] : homepage = "hxxp://www.delta-search.com/?affID=119294&tt=g ... 02269F5B9C[...]
Vymazané [l.2636] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119294&tt=gc_&babsrc=HP_ss[...]
*************************
AdwCleaner[R1].txt - [8444 octets] - [24/05/2013 21:49:42]
AdwCleaner[S1].txt - [8291 octets] - [25/05/2013 22:33:21]
########## EOF - C:\AdwCleaner[S1].txt - [8351 octets] ##########
Re: prosím o kontrolu
ComboFix 13-05-25.02 - Administrator . 05. 2013 22:54:58.3.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.2048.1084 [GMT 2:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-04-25 to 2013-05-25 )))))))))))))))))))))))))))))))
.
.
2013-05-25 21:04 . 2013-05-25 21:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-05-25 21:04 . 2013-05-25 21:04 -------- d-----w- c:\users\Jomko\AppData\Local\temp
2013-05-25 21:04 . 2013-05-25 21:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-25 20:44 . 2013-05-25 20:52 -------- d-----w- C:\32788R22FWJFW
2013-05-24 20:20 . 2013-05-09 08:59 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-24 20:20 . 2013-05-09 08:59 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-24 20:20 . 2013-05-09 08:59 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-24 20:20 . 2013-03-13 17:01 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-05-24 19:38 . 2013-05-24 19:38 -------- d-----w- c:\users\Administrator\AppData\Local\ElevatedDiagnostics
2013-05-24 06:51 . 2013-05-24 06:51 -------- d-----w- c:\users\Administrator\AppData\Roaming\GoforFiles
2013-05-24 06:12 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE5FC250-5725-482A-89C2-590778F3276D}\mpengine.dll
2013-05-23 14:42 . 2012-05-08 16:34 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-05-23 14:39 . 2010-11-26 16:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-05-23 14:39 . 2013-05-24 06:09 -------- d-----w- c:\users\Administrator\AppData\Roaming\IObit
2013-05-23 14:37 . 2013-05-23 14:40 -------- d-----w- c:\programdata\IObit
2013-05-23 14:37 . 2013-05-24 06:08 -------- d-----w- c:\program files (x86)\IObit
2013-05-23 14:36 . 2013-05-23 14:36 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-05-23 13:39 . 2013-05-23 14:30 -------- d-----w- c:\program files (x86)\Zrychlenie PC
2013-05-23 13:15 . 2013-05-23 13:20 -------- d-----w- c:\program files\trend micro
2013-05-23 13:15 . 2013-05-23 13:16 -------- d-----w- C:\rsit
2013-05-21 19:50 . 2013-04-07 16:09 148992 ----a-w- c:\windows\system32\Lagarith.dll
2013-05-21 19:50 . 2013-05-21 19:46 753873 ----a-w- c:\windows\unins000.exe
2013-05-15 15:26 . 2013-05-15 15:26 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-05-15 15:17 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-15 15:17 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 15:17 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-15 15:15 . 2013-04-05 00:58 237056 ----a-w- c:\windows\system32\url.dll
2013-05-15 10:54 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 10:54 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 10:54 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 10:54 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-15 10:54 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-15 10:54 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-15 10:54 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-15 10:54 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-15 10:54 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 10:53 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 10:53 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 10:53 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-14 21:09 . 2013-05-14 21:09 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2013-05-14 21:06 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2013-05-14 21:03 . 2013-05-14 21:03 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2013-05-14 20:59 . 2013-05-14 21:24 -------- d-----w- c:\users\Administrator\AppData\Local\Pinnacle
2013-05-14 20:59 . 2013-05-14 20:59 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate
2013-05-14 20:52 . 2013-05-14 20:52 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2013-05-14 20:51 . 2013-05-14 21:06 -------- d-----w- c:\program files (x86)\Pinnacle
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\programdata\Studio 15
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2013-05-14 20:47 . 2013-05-14 20:58 -------- d-----w- c:\programdata\Pinnacle
2013-05-14 19:56 . 2013-05-14 19:59 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X6.3 - Hotfix 1
2013-05-14 18:41 . 2013-05-24 19:05 -------- d-----w- c:\program files (x86)\WatermarkSubtitleCreator
2013-05-14 18:32 . 2013-05-14 18:32 9195912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-12 22:50 . 2013-05-14 20:22 -------- d-----w- c:\programdata\Studio14Trial
2013-05-12 21:44 . 2013-05-14 20:09 -------- d-----w- c:\users\Administrator\AppData\Roaming\GeoVid
2013-05-12 21:41 . 2013-05-12 21:41 -------- d-----w- c:\program files (x86)\Common Files\GeoVid
2013-05-12 21:41 . 2007-06-28 16:55 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2013-05-12 21:41 . 2003-02-21 13:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-05-12 21:41 . 2004-08-18 13:00 1712128 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-05-12 21:41 . 2003-03-19 06:19 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-05-12 21:41 . 2003-03-19 06:12 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2013-05-12 21:41 . 2003-03-19 05:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-05-12 21:41 . 2003-03-19 04:05 89088 ----a-w- c:\windows\SysWow64\atl71.dll
2013-05-12 21:41 . 2005-06-07 13:11 60416 ----a-w- c:\windows\SysWow64\dsetup.dll
2013-05-08 23:24 . 2013-05-08 23:24 -------- d-----w- c:\program files\Common Files\Corel
2013-05-08 23:23 . 2013-05-08 23:23 -------- d-----w- c:\programdata\Protexis
2013-05-08 23:23 . 2013-05-08 23:23 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2013-05-08 23:21 . 2013-05-09 00:58 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X6.3
2013-05-05 20:05 . 2013-05-05 22:18 -------- d-----w- c:\users\Administrator\AppData\Roaming\MOVAVI
2013-05-02 19:54 . 2013-05-23 18:36 -------- d-----w- c:\users\Administrator\AppData\Roaming\.minecraft
2013-04-30 20:47 . 2013-04-30 20:47 -------- d-----w- c:\programdata\Logs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 15:24 . 2012-12-07 18:17 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-14 18:32 . 2012-12-06 23:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 18:32 . 2012-12-06 23:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 09:38 . 2013-04-11 21:19 265976 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2013-05-14 09:38 . 2013-04-11 21:19 175864 ----a-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2013-05-14 09:38 . 2013-04-11 21:19 438008 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
2013-05-09 08:59 . 2013-03-17 09:26 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-17 09:26 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-12-02 15:52 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2012-12-02 15:52 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2012-12-02 15:52 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2012-12-02 15:52 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2012-12-02 15:52 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2012-12-02 15:52 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2012-12-02 15:50 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2012-12-02 15:52 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2012-12-02 15:57 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-20 15:06 . 2013-04-20 15:06 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-20 15:06 . 2013-04-20 15:06 311200 ----a-w- c:\windows\system32\javaws.exe
2013-04-20 15:06 . 2013-04-20 15:06 188832 ----a-w- c:\windows\system32\javaw.exe
2013-04-20 15:06 . 2013-04-20 15:06 188320 ----a-w- c:\windows\system32\java.exe
2013-04-20 15:06 . 2013-04-20 15:06 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-20 15:06 . 2013-04-20 15:06 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-13 05:49 . 2013-05-15 10:54 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 10:54 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 10:54 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 10:54 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 10:54 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 10:54 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 11:52 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-07 16:09 . 2013-04-11 21:19 216064 ----a-w- c:\windows\SysWow64\Lagarith.dll
2013-04-04 03:35 . 2013-04-19 06:08 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-19 06:04 . 2013-04-10 16:31 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 16:31 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 16:31 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 16:31 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 16:31 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 16:31 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-08 18:47 . 2012-12-27 08:40 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-08 18:47 . 2012-12-27 08:40 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2012-05-09 4464472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-11 1255736]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2013-03-13 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-05-09 270824]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys [2013-05-09 131232]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-03 283200]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2013-05-09 137960]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 2467664]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
S3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 143360]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-04-28 33184]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-04-28 21872]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-24 18:15 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-06 18:32]
.
2013-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 15:52]
.
2013-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 15:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\
FF - ExtSQL: 2013-03-25 22:18; {e3f6c2cc-d8db-498c-af6c-499fb211db97}; c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,3b,1b,44,3a,48,
93,18,ff,d5,04,b5,26,95,3f,01,cb,c9,1c
"{7473B6BD-4691-4744-A82B-7854EB3D70B6}"=hex:51,66,7a,6c,4c,1d,3b,1b,ad,aa,65,
69,a4,14,2e,0b,b1,20,3c,14,ea,7f,34,ac
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,c9,
05,98,ba,e9,0e,bc,9d,be,17,8d,6c,f9,d9
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,8b,02,
6b,c5,84,46,0a,af,e0,90,9a,f0,9b,69,59
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,44,96,
b3,69,7c,be,02,96,70,b5,b7,84,58,00,8d
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,de,
c6,70,f6,31,0f,a5,7f,d8,65,c0,87,cc,b3
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,3b,
50,8b,3b,10,0b,89,fe,b9,9b,04,77,3d,6f
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:5a,38,de,95,d8,1d,ce,01
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,46,e4,1e,92,1c,30,44,8c,13,0f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,46,e4,1e,92,1c,30,44,8c,13,0f,\
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.032"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.abr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ani"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.arw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.avi"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bay"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cr2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.crw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cs1"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cur"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dib"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djv"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djvu"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dng"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.emf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.eps"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.erf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fpx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.gif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.hdr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icl"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icn"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ilbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.int"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.inta"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iw4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2c"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2k"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jbr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jfif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jp2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpeg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpk"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.kdc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.lbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mos"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mp3"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mp4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mpg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mrw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.nef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.orf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcd"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pct"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pgm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pic"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pict"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pix"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.png"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ppm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.properties\UserChoice]
@Denied: (2) (Administrator)
"Progid"="properties_auto_file"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psd"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspbrush"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspimage"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ras"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgb"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgba"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rle"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rsb"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rw2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sgi"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sr2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.srf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tga"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.thm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tiff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25po"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25pp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25ppf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wmf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.wmv"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xpm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.yml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
@Denied: (2) (Administrator)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-25 23:08:22
ComboFix-quarantined-files.txt 2013-05-25 21:08
ComboFix2.txt 2013-05-23 12:36
.
Pre-Run: 32 700 772 352 bytes free
Post-Run: 32 525 643 776 bytes free
.
- - End Of File - - 6E3186FD9B0152F69EA1940854CCAC3A
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.2048.1084 [GMT 2:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-04-25 to 2013-05-25 )))))))))))))))))))))))))))))))
.
.
2013-05-25 21:04 . 2013-05-25 21:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-05-25 21:04 . 2013-05-25 21:04 -------- d-----w- c:\users\Jomko\AppData\Local\temp
2013-05-25 21:04 . 2013-05-25 21:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-25 20:44 . 2013-05-25 20:52 -------- d-----w- C:\32788R22FWJFW
2013-05-24 20:20 . 2013-05-09 08:59 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-24 20:20 . 2013-05-09 08:59 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-24 20:20 . 2013-05-09 08:59 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-24 20:20 . 2013-03-13 17:01 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-05-24 19:38 . 2013-05-24 19:38 -------- d-----w- c:\users\Administrator\AppData\Local\ElevatedDiagnostics
2013-05-24 06:51 . 2013-05-24 06:51 -------- d-----w- c:\users\Administrator\AppData\Roaming\GoforFiles
2013-05-24 06:12 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE5FC250-5725-482A-89C2-590778F3276D}\mpengine.dll
2013-05-23 14:42 . 2012-05-08 16:34 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-05-23 14:39 . 2010-11-26 16:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-05-23 14:39 . 2013-05-24 06:09 -------- d-----w- c:\users\Administrator\AppData\Roaming\IObit
2013-05-23 14:37 . 2013-05-23 14:40 -------- d-----w- c:\programdata\IObit
2013-05-23 14:37 . 2013-05-24 06:08 -------- d-----w- c:\program files (x86)\IObit
2013-05-23 14:36 . 2013-05-23 14:36 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-05-23 13:39 . 2013-05-23 14:30 -------- d-----w- c:\program files (x86)\Zrychlenie PC
2013-05-23 13:15 . 2013-05-23 13:20 -------- d-----w- c:\program files\trend micro
2013-05-23 13:15 . 2013-05-23 13:16 -------- d-----w- C:\rsit
2013-05-21 19:50 . 2013-04-07 16:09 148992 ----a-w- c:\windows\system32\Lagarith.dll
2013-05-21 19:50 . 2013-05-21 19:46 753873 ----a-w- c:\windows\unins000.exe
2013-05-15 15:26 . 2013-05-15 15:26 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-05-15 15:17 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-15 15:17 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 15:17 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-15 15:15 . 2013-04-05 00:58 237056 ----a-w- c:\windows\system32\url.dll
2013-05-15 10:54 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 10:54 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 10:54 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 10:54 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-15 10:54 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-15 10:54 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-15 10:54 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-15 10:54 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-15 10:54 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 10:53 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 10:53 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 10:53 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-14 21:09 . 2013-05-14 21:09 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2013-05-14 21:06 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2013-05-14 21:03 . 2013-05-14 21:03 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2013-05-14 20:59 . 2013-05-14 21:24 -------- d-----w- c:\users\Administrator\AppData\Local\Pinnacle
2013-05-14 20:59 . 2013-05-14 20:59 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate
2013-05-14 20:52 . 2013-05-14 20:52 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2013-05-14 20:51 . 2013-05-14 21:06 -------- d-----w- c:\program files (x86)\Pinnacle
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\programdata\Studio 15
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2013-05-14 20:47 . 2013-05-14 20:58 -------- d-----w- c:\programdata\Pinnacle
2013-05-14 19:56 . 2013-05-14 19:59 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X6.3 - Hotfix 1
2013-05-14 18:41 . 2013-05-24 19:05 -------- d-----w- c:\program files (x86)\WatermarkSubtitleCreator
2013-05-14 18:32 . 2013-05-14 18:32 9195912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-12 22:50 . 2013-05-14 20:22 -------- d-----w- c:\programdata\Studio14Trial
2013-05-12 21:44 . 2013-05-14 20:09 -------- d-----w- c:\users\Administrator\AppData\Roaming\GeoVid
2013-05-12 21:41 . 2013-05-12 21:41 -------- d-----w- c:\program files (x86)\Common Files\GeoVid
2013-05-12 21:41 . 2007-06-28 16:55 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2013-05-12 21:41 . 2003-02-21 13:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-05-12 21:41 . 2004-08-18 13:00 1712128 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-05-12 21:41 . 2003-03-19 06:19 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-05-12 21:41 . 2003-03-19 06:12 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2013-05-12 21:41 . 2003-03-19 05:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-05-12 21:41 . 2003-03-19 04:05 89088 ----a-w- c:\windows\SysWow64\atl71.dll
2013-05-12 21:41 . 2005-06-07 13:11 60416 ----a-w- c:\windows\SysWow64\dsetup.dll
2013-05-08 23:24 . 2013-05-08 23:24 -------- d-----w- c:\program files\Common Files\Corel
2013-05-08 23:23 . 2013-05-08 23:23 -------- d-----w- c:\programdata\Protexis
2013-05-08 23:23 . 2013-05-08 23:23 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2013-05-08 23:21 . 2013-05-09 00:58 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X6.3
2013-05-05 20:05 . 2013-05-05 22:18 -------- d-----w- c:\users\Administrator\AppData\Roaming\MOVAVI
2013-05-02 19:54 . 2013-05-23 18:36 -------- d-----w- c:\users\Administrator\AppData\Roaming\.minecraft
2013-04-30 20:47 . 2013-04-30 20:47 -------- d-----w- c:\programdata\Logs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 15:24 . 2012-12-07 18:17 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-14 18:32 . 2012-12-06 23:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 18:32 . 2012-12-06 23:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 09:38 . 2013-04-11 21:19 265976 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2013-05-14 09:38 . 2013-04-11 21:19 175864 ----a-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2013-05-14 09:38 . 2013-04-11 21:19 438008 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
2013-05-09 08:59 . 2013-03-17 09:26 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-17 09:26 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-12-02 15:52 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2012-12-02 15:52 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2012-12-02 15:52 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2012-12-02 15:52 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2012-12-02 15:52 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2012-12-02 15:52 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2012-12-02 15:50 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2012-12-02 15:52 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2012-12-02 15:57 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-20 15:06 . 2013-04-20 15:06 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-20 15:06 . 2013-04-20 15:06 311200 ----a-w- c:\windows\system32\javaws.exe
2013-04-20 15:06 . 2013-04-20 15:06 188832 ----a-w- c:\windows\system32\javaw.exe
2013-04-20 15:06 . 2013-04-20 15:06 188320 ----a-w- c:\windows\system32\java.exe
2013-04-20 15:06 . 2013-04-20 15:06 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-20 15:06 . 2013-04-20 15:06 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-13 05:49 . 2013-05-15 10:54 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 10:54 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 10:54 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 10:54 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 10:54 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 10:54 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 11:52 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-07 16:09 . 2013-04-11 21:19 216064 ----a-w- c:\windows\SysWow64\Lagarith.dll
2013-04-04 03:35 . 2013-04-19 06:08 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-19 06:04 . 2013-04-10 16:31 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 16:31 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 16:31 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 16:31 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 16:31 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 16:31 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-08 18:47 . 2012-12-27 08:40 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-08 18:47 . 2012-12-27 08:40 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2012-05-09 4464472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-11 1255736]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2013-03-13 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-05-09 270824]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys [2013-05-09 131232]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-03 283200]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2013-05-09 137960]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 2467664]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
S3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 143360]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-04-28 33184]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-04-28 21872]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-24 18:15 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-06 18:32]
.
2013-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 15:52]
.
2013-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 15:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\
FF - ExtSQL: 2013-03-25 22:18; {e3f6c2cc-d8db-498c-af6c-499fb211db97}; c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,3b,1b,44,3a,48,
93,18,ff,d5,04,b5,26,95,3f,01,cb,c9,1c
"{7473B6BD-4691-4744-A82B-7854EB3D70B6}"=hex:51,66,7a,6c,4c,1d,3b,1b,ad,aa,65,
69,a4,14,2e,0b,b1,20,3c,14,ea,7f,34,ac
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,c9,
05,98,ba,e9,0e,bc,9d,be,17,8d,6c,f9,d9
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,8b,02,
6b,c5,84,46,0a,af,e0,90,9a,f0,9b,69,59
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,44,96,
b3,69,7c,be,02,96,70,b5,b7,84,58,00,8d
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,de,
c6,70,f6,31,0f,a5,7f,d8,65,c0,87,cc,b3
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,3b,
50,8b,3b,10,0b,89,fe,b9,9b,04,77,3d,6f
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:5a,38,de,95,d8,1d,ce,01
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,46,e4,1e,92,1c,30,44,8c,13,0f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,46,e4,1e,92,1c,30,44,8c,13,0f,\
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.032"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.abr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ani"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.arw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.avi"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bay"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cr2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.crw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cs1"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cur"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dib"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djv"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djvu"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dng"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.emf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.eps"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.erf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fpx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.gif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.hdr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icl"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icn"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ilbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.int"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.inta"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iw4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2c"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2k"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jbr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jfif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jp2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpeg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpk"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.kdc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.lbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mos"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mp3"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mp4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mpg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mrw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.nef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.orf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcd"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pct"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pgm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pic"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pict"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pix"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.png"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ppm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.properties\UserChoice]
@Denied: (2) (Administrator)
"Progid"="properties_auto_file"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psd"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspbrush"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspimage"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ras"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgb"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgba"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rle"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rsb"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rw2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sgi"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sr2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.srf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tga"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.thm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tiff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25po"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25pp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25ppf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wmf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.wmv"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xpm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.yml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
@Denied: (2) (Administrator)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-25 23:08:22
ComboFix-quarantined-files.txt 2013-05-25 21:08
ComboFix2.txt 2013-05-23 12:36
.
Pre-Run: 32 700 772 352 bytes free
Post-Run: 32 525 643 776 bytes free
.
- - End Of File - - 6E3186FD9B0152F69EA1940854CCAC3A
Re: prosím o kontrolu
Přes Odebrat programy odinstaluj vše od IObitu
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: prosím o kontrolu
Win sa nereštartoval a po skončení Combofix to vyhodilo tento log[/color]
ComboFix 13-05-25.02 - Administrator . 05. 2013 19:02:26.4.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.2048.1145 [GMT 2:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\users\Administrator\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Files Created from 2013-04-26 to 2013-05-26 )))))))))))))))))))))))))))))))
.
.
2013-05-26 17:09 . 2013-05-26 17:09 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-05-26 17:09 . 2013-05-26 17:09 -------- d-----w- c:\users\Jomko\AppData\Local\temp
2013-05-26 17:09 . 2013-05-26 17:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-26 16:48 . 2013-05-26 16:58 -------- d-----w- c:\program files (x86)\SlySoft
2013-05-26 16:45 . 2013-05-26 16:45 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE5FC250-5725-482A-89C2-590778F3276D}\offreg.dll
2013-05-25 22:02 . 2013-05-25 22:02 -------- d-----w- c:\users\Administrator\AppData\Roaming\Apple Computer
2013-05-24 20:20 . 2013-05-09 08:59 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-24 20:20 . 2013-05-09 08:59 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-24 20:20 . 2013-05-09 08:59 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-24 20:20 . 2013-03-13 17:01 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-05-24 19:38 . 2013-05-24 19:38 -------- d-----w- c:\users\Administrator\AppData\Local\ElevatedDiagnostics
2013-05-24 06:51 . 2013-05-24 06:51 -------- d-----w- c:\users\Administrator\AppData\Roaming\GoforFiles
2013-05-24 06:12 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE5FC250-5725-482A-89C2-590778F3276D}\mpengine.dll
2013-05-23 14:39 . 2013-05-24 06:09 -------- d-----w- c:\users\Administrator\AppData\Roaming\IObit
2013-05-23 14:37 . 2013-05-23 14:40 -------- d-----w- c:\programdata\IObit
2013-05-23 14:37 . 2013-05-24 06:08 -------- d-----w- c:\program files (x86)\IObit
2013-05-23 14:36 . 2013-05-23 14:36 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-05-23 13:39 . 2013-05-23 14:30 -------- d-----w- c:\program files (x86)\Zrychlenie PC
2013-05-23 13:15 . 2013-05-23 13:20 -------- d-----w- c:\program files\trend micro
2013-05-23 13:15 . 2013-05-23 13:16 -------- d-----w- C:\rsit
2013-05-21 19:50 . 2013-04-07 16:09 148992 ----a-w- c:\windows\system32\Lagarith.dll
2013-05-21 19:50 . 2013-05-21 19:46 753873 ----a-w- c:\windows\unins000.exe
2013-05-15 15:26 . 2013-05-15 15:26 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-05-15 15:17 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-15 15:17 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 15:17 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-15 15:15 . 2013-04-05 00:58 237056 ----a-w- c:\windows\system32\url.dll
2013-05-15 10:54 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 10:54 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 10:54 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 10:54 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-15 10:54 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-15 10:54 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-15 10:54 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-15 10:54 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-15 10:54 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 10:53 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 10:53 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 10:53 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-14 21:09 . 2013-05-14 21:09 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2013-05-14 21:06 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2013-05-14 21:03 . 2013-05-14 21:03 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2013-05-14 20:59 . 2013-05-14 21:24 -------- d-----w- c:\users\Administrator\AppData\Local\Pinnacle
2013-05-14 20:59 . 2013-05-14 20:59 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate
2013-05-14 20:52 . 2013-05-14 20:52 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2013-05-14 20:51 . 2013-05-14 21:06 -------- d-----w- c:\program files (x86)\Pinnacle
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\programdata\Studio 15
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2013-05-14 20:47 . 2013-05-14 20:58 -------- d-----w- c:\programdata\Pinnacle
2013-05-14 19:56 . 2013-05-14 19:59 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X6.3 - Hotfix 1
2013-05-14 18:41 . 2013-05-24 19:05 -------- d-----w- c:\program files (x86)\WatermarkSubtitleCreator
2013-05-14 18:32 . 2013-05-14 18:32 9195912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-12 22:50 . 2013-05-14 20:22 -------- d-----w- c:\programdata\Studio14Trial
2013-05-12 21:44 . 2013-05-14 20:09 -------- d-----w- c:\users\Administrator\AppData\Roaming\GeoVid
2013-05-12 21:41 . 2013-05-12 21:41 -------- d-----w- c:\program files (x86)\Common Files\GeoVid
2013-05-12 21:41 . 2007-06-28 16:55 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2013-05-12 21:41 . 2003-02-21 13:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-05-12 21:41 . 2004-08-18 13:00 1712128 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-05-12 21:41 . 2003-03-19 06:19 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-05-12 21:41 . 2003-03-19 06:12 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2013-05-12 21:41 . 2003-03-19 05:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-05-12 21:41 . 2003-03-19 04:05 89088 ----a-w- c:\windows\SysWow64\atl71.dll
2013-05-12 21:41 . 2005-06-07 13:11 60416 ----a-w- c:\windows\SysWow64\dsetup.dll
2013-05-08 23:24 . 2013-05-08 23:24 -------- d-----w- c:\program files\Common Files\Corel
2013-05-08 23:23 . 2013-05-08 23:23 -------- d-----w- c:\programdata\Protexis
2013-05-08 23:23 . 2013-05-08 23:23 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2013-05-08 23:21 . 2013-05-09 00:58 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X6.3
2013-05-05 20:05 . 2013-05-05 22:18 -------- d-----w- c:\users\Administrator\AppData\Roaming\MOVAVI
2013-05-02 19:54 . 2013-05-26 13:18 -------- d-----w- c:\users\Administrator\AppData\Roaming\.minecraft
2013-04-30 20:47 . 2013-04-30 20:47 -------- d-----w- c:\programdata\Logs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 15:24 . 2012-12-07 18:17 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-14 18:32 . 2012-12-06 23:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 18:32 . 2012-12-06 23:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 09:38 . 2013-04-11 21:19 265976 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2013-05-14 09:38 . 2013-04-11 21:19 175864 ----a-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2013-05-14 09:38 . 2013-04-11 21:19 438008 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
2013-05-09 08:59 . 2013-03-17 09:26 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-17 09:26 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-12-02 15:52 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2012-12-02 15:52 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2012-12-02 15:52 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2012-12-02 15:52 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2012-12-02 15:52 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2012-12-02 15:52 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2012-12-02 15:50 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2012-12-02 15:52 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2012-12-02 15:57 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-20 15:06 . 2013-04-20 15:06 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-20 15:06 . 2013-04-20 15:06 311200 ----a-w- c:\windows\system32\javaws.exe
2013-04-20 15:06 . 2013-04-20 15:06 188832 ----a-w- c:\windows\system32\javaw.exe
2013-04-20 15:06 . 2013-04-20 15:06 188320 ----a-w- c:\windows\system32\java.exe
2013-04-20 15:06 . 2013-04-20 15:06 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-20 15:06 . 2013-04-20 15:06 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-13 05:49 . 2013-05-15 10:54 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 10:54 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 10:54 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 10:54 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 10:54 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 10:54 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 11:52 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-07 16:09 . 2013-04-11 21:19 216064 ----a-w- c:\windows\SysWow64\Lagarith.dll
2013-04-04 03:35 . 2013-04-19 06:08 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-19 06:04 . 2013-04-10 16:31 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 16:31 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 16:31 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 16:31 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 16:31 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 16:31 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-08 18:47 . 2012-12-27 08:40 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-08 18:47 . 2012-12-27 08:40 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 229888]
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 12800]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-14 256904]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 491088]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 339536]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2011-03-11 107904]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 194128]
R3 AppID;AppID Driver;c:\windows\system32\drivers\appid.sys [2010-11-20 61440]
R3 AppIDSvc;Application Identity;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 97856]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [2009-06-10 468480]
R3 BDESVC;BitLocker Drive Encryption Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-06-10 18432]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-06-10 8704]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 286720]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-06-10 47104]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-06-10 14976]
R3 BrUsbSer;Brother MFC USB Serial WDM Driver;c:\windows\System32\Drivers\BrUsbSer.sys [2009-06-10 14720]
R3 BTHPORT;Bluetooth Port Driver;c:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
R3 CertPropSvc;Šírenie certifikátu;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-07-14 45568]
R3 defragsvc;Defragmentácia disku;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [2009-06-10 3286016]
R3 EFS;Encrypting File System (EFS);c:\windows\System32\lsass.exe [2011-11-17 31232]
R3 ehRecvr;Windows Media Center Receiver Service;c:\windows\ehome\ehRecvr.exe [2010-11-20 696832]
R3 ehSched;Windows Media Center Scheduler Service;c:\windows\ehome\ehsched.exe [2009-07-14 127488]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2011-03-11 27008]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2013-03-13 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-05-09 270824]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 CLFS;Common Log (CLFS);c:\windows\System32\CLFS.sys [2009-07-14 367696]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2012-06-02 458704]
S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys [2013-05-09 131232]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 45056]
S1 CSC;Offline Files Driver;c:\windows\system32\drivers\csc.sys [2010-11-20 514560]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 102400]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 40448]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-03 283200]
S2 adfs;adfs; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2013-05-09 137960]
S2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 CscService;Offline Files;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Diagnostic Policy Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 Appinfo;Application Information;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [2009-06-10 270848]
S3 bowser;Browser Support Driver;c:\windows\system32\DRIVERS\bowser.sys [2011-02-23 90624]
S3 BthEnum;Bluetooth Request Block Driver;c:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network);c:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 bthserv;Bluetooth Support Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 BTHUSB;Bluetooth Radio USB Driver;c:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 CompositeBus;Composite Bus Enumerator Driver;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 38912]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2013-04-10 983400]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - ElbyCDIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-24 18:15 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-06 18:32]
.
2013-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 15:52]
.
2013-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 15:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,3b,1b,44,3a,48,
93,18,ff,d5,04,b5,26,95,3f,01,cb,c9,1c
"{7473B6BD-4691-4744-A82B-7854EB3D70B6}"=hex:51,66,7a,6c,4c,1d,3b,1b,ad,aa,65,
69,a4,14,2e,0b,b1,20,3c,14,ea,7f,34,ac
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,c9,
05,98,ba,e9,0e,bc,9d,be,17,8d,6c,f9,d9
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,8b,02,
6b,c5,84,46,0a,af,e0,90,9a,f0,9b,69,59
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,44,96,
b3,69,7c,be,02,96,70,b5,b7,84,58,00,8d
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,de,
c6,70,f6,31,0f,a5,7f,d8,65,c0,87,cc,b3
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,3b,
50,8b,3b,10,0b,89,fe,b9,9b,04,77,3d,6f
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:5a,38,de,95,d8,1d,ce,01
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,46,e4,1e,92,1c,30,44,8c,13,0f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,46,e4,1e,92,1c,30,44,8c,13,0f,\
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.032"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.abr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ani"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.arw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.avi"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bay"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cr2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.crw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cs1"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cur"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dib"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djv"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djvu"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dng"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.emf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.eps"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.erf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fpx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.gif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.hdr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icl"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icn"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ilbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.int"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.inta"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iw4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2c"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2k"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jbr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jfif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jp2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpeg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpk"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.kdc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.lbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mos"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mp3"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mp4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mpg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mrw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.nef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.orf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcd"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pct"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pgm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pic"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pict"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pix"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.png"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ppm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.properties\UserChoice]
@Denied: (2) (Administrator)
"Progid"="properties_auto_file"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psd"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspbrush"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspimage"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ras"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgb"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgba"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rle"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rsb"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rw2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sgi"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sr2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.srf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tga"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.thm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tiff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25po"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25pp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25ppf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wmf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.wmv"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xpm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.yml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
@Denied: (2) (Administrator)
.
Completion time: 2013-05-26 19:12:46
ComboFix-quarantined-files.txt 2013-05-26 17:12
ComboFix2.txt 2013-05-25 21:08
ComboFix3.txt 2013-05-23 12:36
.
Pre-Run: 31 905 071 104 bytes free
Post-Run: 31 889 543 168 bytes free
.
- - End Of File - - 5E9D9D0ECAFF560F7F91D0F030A6D25A
ComboFix 13-05-25.02 - Administrator . 05. 2013 19:02:26.4.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.2048.1145 [GMT 2:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\users\Administrator\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Files Created from 2013-04-26 to 2013-05-26 )))))))))))))))))))))))))))))))
.
.
2013-05-26 17:09 . 2013-05-26 17:09 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-05-26 17:09 . 2013-05-26 17:09 -------- d-----w- c:\users\Jomko\AppData\Local\temp
2013-05-26 17:09 . 2013-05-26 17:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-26 16:48 . 2013-05-26 16:58 -------- d-----w- c:\program files (x86)\SlySoft
2013-05-26 16:45 . 2013-05-26 16:45 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE5FC250-5725-482A-89C2-590778F3276D}\offreg.dll
2013-05-25 22:02 . 2013-05-25 22:02 -------- d-----w- c:\users\Administrator\AppData\Roaming\Apple Computer
2013-05-24 20:20 . 2013-05-09 08:59 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-24 20:20 . 2013-05-09 08:59 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-24 20:20 . 2013-05-09 08:59 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-24 20:20 . 2013-03-13 17:01 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-05-24 19:38 . 2013-05-24 19:38 -------- d-----w- c:\users\Administrator\AppData\Local\ElevatedDiagnostics
2013-05-24 06:51 . 2013-05-24 06:51 -------- d-----w- c:\users\Administrator\AppData\Roaming\GoforFiles
2013-05-24 06:12 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE5FC250-5725-482A-89C2-590778F3276D}\mpengine.dll
2013-05-23 14:39 . 2013-05-24 06:09 -------- d-----w- c:\users\Administrator\AppData\Roaming\IObit
2013-05-23 14:37 . 2013-05-23 14:40 -------- d-----w- c:\programdata\IObit
2013-05-23 14:37 . 2013-05-24 06:08 -------- d-----w- c:\program files (x86)\IObit
2013-05-23 14:36 . 2013-05-23 14:36 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-05-23 13:39 . 2013-05-23 14:30 -------- d-----w- c:\program files (x86)\Zrychlenie PC
2013-05-23 13:15 . 2013-05-23 13:20 -------- d-----w- c:\program files\trend micro
2013-05-23 13:15 . 2013-05-23 13:16 -------- d-----w- C:\rsit
2013-05-21 19:50 . 2013-04-07 16:09 148992 ----a-w- c:\windows\system32\Lagarith.dll
2013-05-21 19:50 . 2013-05-21 19:46 753873 ----a-w- c:\windows\unins000.exe
2013-05-15 15:26 . 2013-05-15 15:26 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-05-15 15:17 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-15 15:17 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 15:17 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-15 15:15 . 2013-04-05 00:58 237056 ----a-w- c:\windows\system32\url.dll
2013-05-15 10:54 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 10:54 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 10:54 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 10:54 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-15 10:54 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-15 10:54 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-15 10:54 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-15 10:54 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-15 10:54 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 10:53 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 10:53 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 10:53 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-14 21:09 . 2013-05-14 21:09 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2013-05-14 21:06 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2013-05-14 21:03 . 2013-05-14 21:03 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2013-05-14 20:59 . 2013-05-14 21:24 -------- d-----w- c:\users\Administrator\AppData\Local\Pinnacle
2013-05-14 20:59 . 2013-05-14 20:59 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate
2013-05-14 20:52 . 2013-05-14 20:52 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2013-05-14 20:51 . 2013-05-14 21:06 -------- d-----w- c:\program files (x86)\Pinnacle
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\programdata\Studio 15
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2013-05-14 20:51 . 2013-05-14 20:51 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2013-05-14 20:47 . 2013-05-14 20:58 -------- d-----w- c:\programdata\Pinnacle
2013-05-14 19:56 . 2013-05-14 19:59 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X6.3 - Hotfix 1
2013-05-14 18:41 . 2013-05-24 19:05 -------- d-----w- c:\program files (x86)\WatermarkSubtitleCreator
2013-05-14 18:32 . 2013-05-14 18:32 9195912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-12 22:50 . 2013-05-14 20:22 -------- d-----w- c:\programdata\Studio14Trial
2013-05-12 21:44 . 2013-05-14 20:09 -------- d-----w- c:\users\Administrator\AppData\Roaming\GeoVid
2013-05-12 21:41 . 2013-05-12 21:41 -------- d-----w- c:\program files (x86)\Common Files\GeoVid
2013-05-12 21:41 . 2007-06-28 16:55 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2013-05-12 21:41 . 2003-02-21 13:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-05-12 21:41 . 2004-08-18 13:00 1712128 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-05-12 21:41 . 2003-03-19 06:19 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-05-12 21:41 . 2003-03-19 06:12 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2013-05-12 21:41 . 2003-03-19 05:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-05-12 21:41 . 2003-03-19 04:05 89088 ----a-w- c:\windows\SysWow64\atl71.dll
2013-05-12 21:41 . 2005-06-07 13:11 60416 ----a-w- c:\windows\SysWow64\dsetup.dll
2013-05-08 23:24 . 2013-05-08 23:24 -------- d-----w- c:\program files\Common Files\Corel
2013-05-08 23:23 . 2013-05-08 23:23 -------- d-----w- c:\programdata\Protexis
2013-05-08 23:23 . 2013-05-08 23:23 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2013-05-08 23:21 . 2013-05-09 00:58 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X6.3
2013-05-05 20:05 . 2013-05-05 22:18 -------- d-----w- c:\users\Administrator\AppData\Roaming\MOVAVI
2013-05-02 19:54 . 2013-05-26 13:18 -------- d-----w- c:\users\Administrator\AppData\Roaming\.minecraft
2013-04-30 20:47 . 2013-04-30 20:47 -------- d-----w- c:\programdata\Logs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 15:24 . 2012-12-07 18:17 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-14 18:32 . 2012-12-06 23:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 18:32 . 2012-12-06 23:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 09:38 . 2013-04-11 21:19 265976 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2013-05-14 09:38 . 2013-04-11 21:19 175864 ----a-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2013-05-14 09:38 . 2013-04-11 21:19 438008 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
2013-05-09 08:59 . 2013-03-17 09:26 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-17 09:26 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-12-02 15:52 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2012-12-02 15:52 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2012-12-02 15:52 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2012-12-02 15:52 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2012-12-02 15:52 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2012-12-02 15:52 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2012-12-02 15:50 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2012-12-02 15:52 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2012-12-02 15:57 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-20 15:06 . 2013-04-20 15:06 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-20 15:06 . 2013-04-20 15:06 311200 ----a-w- c:\windows\system32\javaws.exe
2013-04-20 15:06 . 2013-04-20 15:06 188832 ----a-w- c:\windows\system32\javaw.exe
2013-04-20 15:06 . 2013-04-20 15:06 188320 ----a-w- c:\windows\system32\java.exe
2013-04-20 15:06 . 2013-04-20 15:06 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-20 15:06 . 2013-04-20 15:06 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-13 05:49 . 2013-05-15 10:54 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 10:54 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 10:54 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 10:54 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 10:54 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 10:54 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 11:52 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-07 16:09 . 2013-04-11 21:19 216064 ----a-w- c:\windows\SysWow64\Lagarith.dll
2013-04-04 03:35 . 2013-04-19 06:08 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-19 06:04 . 2013-04-10 16:31 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 16:31 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 16:31 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 16:31 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 16:31 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 16:31 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-08 18:47 . 2012-12-27 08:40 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-08 18:47 . 2012-12-27 08:40 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 229888]
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 12800]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-14 256904]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 491088]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 339536]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2011-03-11 107904]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 194128]
R3 AppID;AppID Driver;c:\windows\system32\drivers\appid.sys [2010-11-20 61440]
R3 AppIDSvc;Application Identity;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 97856]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [2009-06-10 468480]
R3 BDESVC;BitLocker Drive Encryption Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-06-10 18432]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-06-10 8704]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 286720]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-06-10 47104]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-06-10 14976]
R3 BrUsbSer;Brother MFC USB Serial WDM Driver;c:\windows\System32\Drivers\BrUsbSer.sys [2009-06-10 14720]
R3 BTHPORT;Bluetooth Port Driver;c:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
R3 CertPropSvc;Šírenie certifikátu;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-07-14 45568]
R3 defragsvc;Defragmentácia disku;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [2009-06-10 3286016]
R3 EFS;Encrypting File System (EFS);c:\windows\System32\lsass.exe [2011-11-17 31232]
R3 ehRecvr;Windows Media Center Receiver Service;c:\windows\ehome\ehRecvr.exe [2010-11-20 696832]
R3 ehSched;Windows Media Center Scheduler Service;c:\windows\ehome\ehsched.exe [2009-07-14 127488]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2011-03-11 27008]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2013-03-13 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-05-09 270824]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 CLFS;Common Log (CLFS);c:\windows\System32\CLFS.sys [2009-07-14 367696]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2012-06-02 458704]
S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys [2013-05-09 131232]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 45056]
S1 CSC;Offline Files Driver;c:\windows\system32\drivers\csc.sys [2010-11-20 514560]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 102400]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 40448]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-03 283200]
S2 adfs;adfs; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2013-05-09 137960]
S2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 CscService;Offline Files;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Diagnostic Policy Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 Appinfo;Application Information;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [2009-06-10 270848]
S3 bowser;Browser Support Driver;c:\windows\system32\DRIVERS\bowser.sys [2011-02-23 90624]
S3 BthEnum;Bluetooth Request Block Driver;c:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network);c:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 bthserv;Bluetooth Support Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 BTHUSB;Bluetooth Radio USB Driver;c:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 CompositeBus;Composite Bus Enumerator Driver;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 38912]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2013-04-10 983400]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - ElbyCDIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-24 18:15 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-06 18:32]
.
2013-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 15:52]
.
2013-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02 15:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hwupd4zq.default\
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,3b,1b,44,3a,48,
93,18,ff,d5,04,b5,26,95,3f,01,cb,c9,1c
"{7473B6BD-4691-4744-A82B-7854EB3D70B6}"=hex:51,66,7a,6c,4c,1d,3b,1b,ad,aa,65,
69,a4,14,2e,0b,b1,20,3c,14,ea,7f,34,ac
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,c9,
05,98,ba,e9,0e,bc,9d,be,17,8d,6c,f9,d9
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,8b,02,
6b,c5,84,46,0a,af,e0,90,9a,f0,9b,69,59
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,44,96,
b3,69,7c,be,02,96,70,b5,b7,84,58,00,8d
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,de,
c6,70,f6,31,0f,a5,7f,d8,65,c0,87,cc,b3
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,3b,
50,8b,3b,10,0b,89,fe,b9,9b,04,77,3d,6f
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:5a,38,de,95,d8,1d,ce,01
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,46,e4,1e,92,1c,30,44,8c,13,0f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5d,46,e4,1e,92,1c,30,44,8c,13,0f,\
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.032"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.abr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ani"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.arw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.avi"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bay"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.bw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cr2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.crw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cs1"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.cur"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dcx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dib"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djv"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.djvu"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.dng"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.emf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.eps"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.erf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.fpx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.gif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.hdr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icl"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.icn"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ilbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.int"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.inta"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.iw4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2c"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.j2k"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jbr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jfif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jp2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpeg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpk"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.jpx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.kdc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.lbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mos"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mp3"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mp4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.mpg"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.mrw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.nef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.orf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pbr"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcd"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pct"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pcx"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pef"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pgm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pic"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pict"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pix"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.png"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ppm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.properties\UserChoice]
@Denied: (2) (Administrator)
"Progid"="properties_auto_file"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psd"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.psp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspbrush"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.pspimage"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ras"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.raw"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgb"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rgba"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rle"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rsb"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.rw2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sgi"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.sr2"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.srf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tga"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.thm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.tiff"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttc"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.ttf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25po"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25pp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.v25ppf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wbmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.wmf"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KMPlayer.wmv"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xbm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xif"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xmp"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.5.xpm"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.yml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\PSPad.exe"
.
[HKEY_USERS\S-1-5-21-2442151506-1116486411-3893431267-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
@Denied: (2) (Administrator)
.
Completion time: 2013-05-26 19:12:46
ComboFix-quarantined-files.txt 2013-05-26 17:12
ComboFix2.txt 2013-05-25 21:08
ComboFix3.txt 2013-05-23 12:36
.
Pre-Run: 31 905 071 104 bytes free
Post-Run: 31 889 543 168 bytes free
.
- - End Of File - - 5E9D9D0ECAFF560F7F91D0F030A6D25A
Re: prosím o kontrolu
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jaký je stav PC.
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jaký je stav PC.
Re: prosím o kontrolu
Zdravím
Myslím že notebook ide ako hodinky, čo sa týka rýchlosti tak to bohužiaľ neviem objektývne posúdiť keď že som včera po mesiaci našiel vo Win7 nastavenie ktoré my obmedzovalo využitie RAM na 2GB napriek tomu že tam mám nainštalované 4GB. Teraz tam mám 4GB a ten rozdiel po vyčistení a nastavení RAM je obrovský.
Naposledy som bol na tomto fóre asi pred troma rokmi keď som mal počítač napadnutý nejakou háveďou a stretol som sa tu len z ľuďmi ktorí boli ochotný pomôcť. Musím konštatovať že sa tu za tie 3 roky nič nezmenilo
Veľká vďaka
Myslím že notebook ide ako hodinky, čo sa týka rýchlosti tak to bohužiaľ neviem objektývne posúdiť keď že som včera po mesiaci našiel vo Win7 nastavenie ktoré my obmedzovalo využitie RAM na 2GB napriek tomu že tam mám nainštalované 4GB. Teraz tam mám 4GB a ten rozdiel po vyčistení a nastavení RAM je obrovský.
Naposledy som bol na tomto fóre asi pred troma rokmi keď som mal počítač napadnutý nejakou háveďou a stretol som sa tu len z ľuďmi ktorí boli ochotný pomôcť. Musím konštatovať že sa tu za tie 3 roky nič nezmenilo
Veľká vďaka
Přispějete na provoz fóra?