API tools faq
paste
Advertisement
Guest User

Combofixlog

a guest
Oct 1st, 2014
240
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 34.71 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 14-09-29.02 - WIN 7 10/02/2014 10:01:42.2.4 - x86
  2. Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2031.936 [GMT 8:00]
  3. Running from: c:\users\WIN 7\Desktop\ComboFix.exe
  4. AV: Norton 360 Premier Edition *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
  5. FW: Norton 360 Premier Edition *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
  6. SP: Norton 360 Premier Edition *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
  7. SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  8. .
  9. .
  10. ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
  11. .
  12. .
  13. ---- Previous Run -------
  14. .
  15. c:\users\Public\sdelevURL.tmp
  16. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\databases\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0
  17. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\databases\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0\1
  18. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\databases\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0\2
  19. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
  20. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\background.html
  21. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\background.js
  22. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\crossriderManifest.json
  23. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\extension.js
  24. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\icons\actions\icon1.png
  25. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\icons\icon128.png
  26. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\icons\icon16.png
  27. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\icons\icon48.png
  28. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\icons\notifications\icon1.png
  29. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\icons\notifications\icon48.png
  30. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\api\chrome.js
  31. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\api\cookie.js
  32. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\api\message.js
  33. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\api\push.js
  34. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\background.js
  35. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\lib\app_api.js
  36. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\lib\async_api.js
  37. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\lib\bg_app_api.js
  38. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\lib\cookie_store.js
  39. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\lib\data_store.js
  40. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\lib\faye-browser-min.js
  41. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\js\lib\util.js
  42. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\manifest.json
  43. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.18.9_0\popup.html
  44. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0.localstorage-journal
  45. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0.localstorage
  46. c:\users\WIN 7\AppData\Local\Torch\User Data\Default\Preferences
  47. .
  48. .
  49. ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
  50. .
  51. .
  52. -------\Legacy_NPF
  53. .
  54. .
  55. ((((((((((((((((((((((((( Files Created from 2014-09-02 to 2014-10-02 )))))))))))))))))))))))))))))))
  56. .
  57. .
  58. 2014-10-02 02:06 . 2014-10-02 02:06 -------- d-----w- c:\users\fbwuser\AppData\Local\temp
  59. 2014-10-02 02:06 . 2014-10-02 02:06 -------- d-----w- c:\users\Default\AppData\Local\temp
  60. 2014-10-02 01:21 . 2014-10-02 01:51 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
  61. 2014-10-02 01:20 . 2014-10-02 01:20 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
  62. 2014-10-02 01:20 . 2014-05-11 23:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
  63. 2014-10-02 01:20 . 2014-05-11 23:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
  64. 2014-10-02 01:20 . 2014-05-11 23:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
  65. 2014-10-01 07:03 . 2014-10-01 07:03 -------- d-----w- c:\programdata\GridinSoft
  66. 2014-10-01 07:03 . 2014-10-01 07:04 -------- d-----w- c:\program files\GridinSoft Trojan Killer
  67. 2014-10-01 01:02 . 2014-09-25 01:40 519680 ----a-w- c:\windows\system32\qdvd.dll
  68. 2014-09-29 02:31 . 2014-09-29 02:31 -------- d-sh--w- c:\users\WIN 7\AppData\Local\EmieUserList
  69. 2014-09-29 02:31 . 2014-09-29 02:31 -------- d-sh--w- c:\users\WIN 7\AppData\Local\EmieSiteList
  70. 2014-09-25 16:00 . 2014-09-25 16:00 16128 ----a-w- c:\windows\system32\drivers\gtkdrv.sys
  71. 2014-09-25 01:11 . 2014-09-25 01:11 -------- d-----w- c:\programdata\Malwarebytes
  72. 2014-09-24 03:01 . 2014-09-09 21:47 2048 ----a-w- c:\windows\system32\tzres.dll
  73. 2014-09-22 03:14 . 2014-09-22 03:14 -------- d-----w- c:\programdata\Oracle
  74. 2014-09-16 00:42 . 2014-09-16 00:42 -------- d-----w- c:\users\WIN 7\AppData\Roaming\Zbshareware Lab
  75. 2014-09-15 05:42 . 2014-09-25 05:16 -------- d-----w- c:\windows\rescache
  76. 2014-09-13 12:05 . 2014-09-13 12:05 3231696 ----a-w- c:\program files\Mozilla Firefox\d3dcompiler_46.dll
  77. 2014-09-10 04:55 . 2014-07-07 01:40 1059840 ----a-w- c:\windows\system32\lsasrv.dll
  78. 2014-09-10 04:55 . 2014-07-07 01:40 550912 ----a-w- c:\windows\system32\kerberos.dll
  79. 2014-09-10 04:55 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
  80. 2014-09-10 04:55 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
  81. .
  82. .
  83. .
  84. (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
  85. .
  86. 2014-09-24 03:24 . 2012-04-22 22:53 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
  87. 2014-09-24 03:24 . 2011-10-10 02:28 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
  88. 2014-08-23 01:46 . 2014-09-01 00:25 305152 ----a-w- c:\windows\system32\gdi32.dll
  89. 2014-08-23 00:42 . 2014-09-01 00:25 2352640 ----a-w- c:\windows\system32\win32k.sys
  90. 2014-07-24 18:35 . 2014-07-24 18:35 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
  91. 2014-07-14 01:42 . 2014-08-13 00:33 654336 ----a-w- c:\windows\system32\rpcrt4.dll
  92. 2014-07-09 01:29 . 2014-08-13 00:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
  93. 2014-07-09 01:29 . 2014-08-13 00:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
  94. 2013-02-17 03:27 . 2013-02-17 03:27 2174976 ----a-w- c:\program files\Common Files\atimpenc.dll
  95. .
  96. .
  97. ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
  98. .
  99. .
  100. *Note* empty entries & legit default entries are not shown
  101. REGEDIT4
  102. .
  103. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
  104. @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
  105. [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
  106. 2012-11-15 23:07 21904 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
  107. .
  108. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  109. "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2013-12-15 3821136]
  110. .
  111. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  112. "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
  113. "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
  114. "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-01-17 421888]
  115. "HDD Regenerator"="c:\program files\HDD Regenerator\Shell.exe" [BU]
  116. .
  117. c:\users\WIN 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  118. OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632]
  119. .
  120. c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
  121. SpyderUtility.lnk - c:\program files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe [2012-2-8 8241767]
  122. .
  123. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  124. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  125. "ConsentPromptBehaviorUser"= 3 (0x3)
  126. "EnableUIADesktopToggle"= 0 (0x0)
  127. "PromptOnSecureDesktop"= 0 (0x0)
  128. .
  129. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  130. 2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
  131. .
  132. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
  133. 2013-03-20 21:10 472992 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
  134. .
  135. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager]
  136. 2013-03-13 05:39 1039248 ----a-w- c:\program files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
  137. .
  138. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]
  139. 2013-05-29 07:50 1734144 ----a-w- c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
  140. .
  141. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
  142. 2007-06-01 02:21 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
  143. .
  144. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserPlugInHelper]
  145. c:\program files\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe [BU]
  146. .
  147. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
  148. c:\program files\Samsung\Kies\KiesTrayAgent.exe [BU]
  149. .
  150. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
  151. 2011-08-21 17:18 6276408 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
  152. .
  153. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
  154. c:\program files\Mobogenie\DaemonProcess.exe [BU]
  155. .
  156. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  157. 2007-03-01 07:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
  158. .
  159. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
  160. 2013-10-02 12:28 1090912 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
  161. .
  162. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
  163. 2013-01-17 08:08 267792 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
  164. .
  165. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection]
  166. c:\program files\Yahoo!\Search Protection\SearchProtection.exe [BU]
  167. .
  168. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
  169. 2013-12-18 03:43 1980416 ----a-w- c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
  170. .
  171. R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-11 860472]
  172. R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys [x]
  173. R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-08-18 108032]
  174. R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-10-02 110296]
  175. R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-11 51928]
  176. R3 PCFApiUtil;PCFApiUtil;c:\program files\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil.sys [x]
  177. R3 Spyder4;Datacolor Spyder4;c:\windows\system32\DRIVERS\dccmtr.sys [2011-06-02 12288]
  178. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
  179. R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
  180. R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-11 1343400]
  181. R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
  182. R4 Blackberry Device Manager;Blackberry Device Manager;c:\program files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-01-18 577536]
  183. R4 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [2013-11-27 555304]
  184. R4 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2012-09-05 66560]
  185. R4 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2014-08-04 5095264]
  186. S0 Bhbase;Baidu Hook Base;c:\windows\System32\drivers\Bhbase.sys [2013-09-26 47456]
  187. S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1405000.01C\SYMDS.SYS [2013-05-21 367704]
  188. S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1405000.01C\SYMEFA.SYS [2013-05-23 934488]
  189. S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20140912.003\BHDrvx86.sys [2014-09-12 1137368]
  190. S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\1405000.01C\ccSetx86.sys [2013-04-16 134744]
  191. S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2013-11-13 39624]
  192. S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20140930.001\IDSvix86.sys [2014-09-01 476888]
  193. S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1405000.01C\Ironx86.SYS [2013-03-05 175264]
  194. S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\1405000.01C\SYMNETS.SYS [2013-04-25 339544]
  195. S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-17 176128]
  196. S2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\cmw_srv.exe [2013-11-27 906024]
  197. S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2013-11-28 108000]
  198. S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-11 1809720]
  199. S2 N360;Norton 360;c:\program files\Norton 360 Premier Edition\Engine\20.5.0.28\ccSvcHst.exe [2013-05-21 144368]
  200. S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-10 111408]
  201. S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-11 23256]
  202. S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
  203. S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2012-12-06 2046560]
  204. S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-05-16 391272]
  205. S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2013-06-21 37064]
  206. S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\DRIVERS\gtkdrv.sys [2014-09-25 16128]
  207. .
  208. .
  209. Contents of the 'Scheduled Tasks' folder
  210. .
  211. 2014-10-02 c:\windows\Tasks\Adobe Flash Player Updater.job
  212. - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 03:24]
  213. .
  214. .
  215. ------- Supplementary Scan -------
  216. .
  217. uStart Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=20.5.0.28
  218. IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
  219. IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
  220. IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
  221. IE: Locate Spot on Map by GPS - c:\program files\Opanda\IExif 2.3\IExifMap.htm
  222. IE: View Exif/GPS/IPTC with IExif - c:\program files\Opanda\IExif 2.3\IExifCom.htm
  223. TCP: Interfaces\{CD890928-BFE0-4285-B317-3F5296BFEAFA}: NameServer = 202.134.0.155
  224. FF - ProfilePath - c:\users\WIN 7\AppData\Roaming\Mozilla\Firefox\Profiles\azh1isgu.default-1412064827447\
  225. FF - prefs.js: browser.search.selectedEngine - Bing
  226. .
  227. - - - - ORPHANS REMOVED - - - -
  228. .
  229. Toolbar-10 - (no file)
  230. .
  231. .
  232. .
  233. [HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
  234. "ImagePath"="\"c:\program files\Norton 360 Premier Edition\Engine\20.5.0.28\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360 Premier Edition\Engine\20.5.0.28\diMaster.dll\" /prefetch:1"
  235. .
  236. --------------------- LOCKED REGISTRY KEYS ---------------------
  237. .
  238. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
  239. @Denied: (2) (LocalSystem)
  240. "Progid"="ACDSee 10.0.032"
  241. .
  242. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
  243. @Denied: (2) (LocalSystem)
  244. "Progid"="ACDSee 10.0.abr"
  245. .
  246. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
  247. @Denied: (2) (LocalSystem)
  248. "Progid"="ACDSee 10.0.ani"
  249. .
  250. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
  251. @Denied: (2) (LocalSystem)
  252. "Progid"="ACDSee 10.0.arw"
  253. .
  254. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
  255. @Denied: (2) (LocalSystem)
  256. "Progid"="ACDSee 10.0.bay"
  257. .
  258. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
  259. @Denied: (2) (S-1-5-21-22482793-1858402393-37194211-1000)
  260. @Denied: (2) (LocalSystem)
  261. "Progid"="PhotoViewer.FileAssoc.Bitmap"
  262. .
  263. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
  264. @Denied: (2) (LocalSystem)
  265. "Progid"="ACDSee 10.0.bw"
  266. .
  267. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
  268. @Denied: (2) (LocalSystem)
  269. "Progid"="ACDSee 10.0.cs1"
  270. .
  271. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
  272. @Denied: (2) (LocalSystem)
  273. "Progid"="ACDSee 10.0.cur"
  274. .
  275. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
  276. @Denied: (2) (LocalSystem)
  277. "Progid"="ACDSee 10.0.dcr"
  278. .
  279. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
  280. @Denied: (2) (LocalSystem)
  281. "Progid"="ACDSee 10.0.dcx"
  282. .
  283. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
  284. @Denied: (2) (LocalSystem)
  285. "Progid"="ACDSee 10.0.dib"
  286. .
  287. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
  288. @Denied: (2) (LocalSystem)
  289. "Progid"="ACDSee 10.0.dng"
  290. .
  291. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
  292. @Denied: (2) (LocalSystem)
  293. "Progid"="ACDSee 10.0.emf"
  294. .
  295. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
  296. @Denied: (2) (LocalSystem)
  297. "Progid"="ACDSee 10.0.eps"
  298. .
  299. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
  300. @Denied: (2) (LocalSystem)
  301. "Progid"="ACDSee 10.0.erf"
  302. .
  303. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
  304. @Denied: (2) (LocalSystem)
  305. "Progid"="ACDSee 10.0.fff"
  306. .
  307. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
  308. @Denied: (2) (LocalSystem)
  309. "Progid"="ACDSee 10.0.fpx"
  310. .
  311. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
  312. @Denied: (2) (LocalSystem)
  313. "Progid"="ACDSee 10.0.gif"
  314. .
  315. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
  316. @Denied: (2) (LocalSystem)
  317. "Progid"="ACDSee 10.0.hdr"
  318. .
  319. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
  320. @Denied: (2) (LocalSystem)
  321. "Progid"="ACDSee 10.0.icl"
  322. .
  323. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
  324. @Denied: (2) (LocalSystem)
  325. "Progid"="ACDSee 10.0.icn"
  326. .
  327. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
  328. @Denied: (2) (S-1-5-21-22482793-1858402393-37194211-1000)
  329. @Denied: (2) (LocalSystem)
  330. "Progid"="Winamp.File.iff"
  331. .
  332. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
  333. @Denied: (2) (LocalSystem)
  334. "Progid"="ACDSee 10.0.ilbm"
  335. .
  336. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
  337. @Denied: (2) (LocalSystem)
  338. "Progid"="ACDSee 10.0.int"
  339. .
  340. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
  341. @Denied: (2) (LocalSystem)
  342. "Progid"="ACDSee 10.0.inta"
  343. .
  344. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
  345. @Denied: (2) (LocalSystem)
  346. "Progid"="ACDSee 10.0.iw4"
  347. .
  348. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
  349. @Denied: (2) (LocalSystem)
  350. "Progid"="ACDSee 10.0.j2c"
  351. .
  352. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
  353. @Denied: (2) (LocalSystem)
  354. "Progid"="ACDSee 10.0.j2k"
  355. .
  356. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
  357. @Denied: (2) (LocalSystem)
  358. "Progid"="ACDSee 10.0.jbr"
  359. .
  360. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
  361. @Denied: (2) (LocalSystem)
  362. "Progid"="ACDSee 10.0.jfif"
  363. .
  364. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
  365. @Denied: (2) (LocalSystem)
  366. "Progid"="ACDSee 10.0.jif"
  367. .
  368. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
  369. @Denied: (2) (LocalSystem)
  370. "Progid"="ACDSee 10.0.jp2"
  371. .
  372. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
  373. @Denied: (2) (LocalSystem)
  374. "Progid"="ACDSee 10.0.jpc"
  375. .
  376. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
  377. @Denied: (2) (LocalSystem)
  378. "Progid"="ACDSee 10.0.jpk"
  379. .
  380. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
  381. @Denied: (2) (LocalSystem)
  382. "Progid"="ACDSee 10.0.jpx"
  383. .
  384. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
  385. @Denied: (2) (LocalSystem)
  386. "Progid"="ACDSee 10.0.lbm"
  387. .
  388. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
  389. @Denied: (2) (LocalSystem)
  390. "Progid"="ACDSee 10.0.mef"
  391. .
  392. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
  393. @Denied: (2) (LocalSystem)
  394. "Progid"="ACDSee 10.0.mos"
  395. .
  396. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
  397. @Denied: (2) (LocalSystem)
  398. "Progid"="ACDSee 10.0.mrw"
  399. .
  400. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
  401. @Denied: (2) (LocalSystem)
  402. "Progid"="ACDSee 10.0.nef"
  403. .
  404. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
  405. @Denied: (2) (LocalSystem)
  406. "Progid"="ACDSee 10.0.orf"
  407. .
  408. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
  409. @Denied: (2) (LocalSystem)
  410. "Progid"="ACDSee 10.0.pbm"
  411. .
  412. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
  413. @Denied: (2) (LocalSystem)
  414. "Progid"="ACDSee 10.0.pbr"
  415. .
  416. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
  417. @Denied: (2) (LocalSystem)
  418. "Progid"="ACDSee 10.0.pct"
  419. .
  420. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
  421. @Denied: (2) (LocalSystem)
  422. "Progid"="ACDSee 10.0.pcx"
  423. .
  424. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
  425. @Denied: (2) (LocalSystem)
  426. "Progid"="ACDSee 10.0.pef"
  427. .
  428. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
  429. @Denied: (2) (LocalSystem)
  430. "Progid"="ACDSee 10.0.pgm"
  431. .
  432. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
  433. @Denied: (2) (LocalSystem)
  434. "Progid"="ACDSee 10.0.pic"
  435. .
  436. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
  437. @Denied: (2) (LocalSystem)
  438. "Progid"="ACDSee 10.0.pict"
  439. .
  440. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
  441. @Denied: (2) (LocalSystem)
  442. "Progid"="ACDSee 10.0.pix"
  443. .
  444. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
  445. @Denied: (2) (S-1-5-21-22482793-1858402393-37194211-1000)
  446. @Denied: (2) (LocalSystem)
  447. "Progid"="PhotoViewer.FileAssoc.Png"
  448. .
  449. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
  450. @Denied: (2) (LocalSystem)
  451. "Progid"="ACDSee 10.0.ppm"
  452. .
  453. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
  454. @Denied: (2) (LocalSystem)
  455. "Progid"="ACDSee 10.0.psp"
  456. .
  457. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
  458. @Denied: (2) (LocalSystem)
  459. "Progid"="ACDSee 10.0.pspbrush"
  460. .
  461. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
  462. @Denied: (2) (LocalSystem)
  463. "Progid"="ACDSee 10.0.pspimage"
  464. .
  465. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
  466. @Denied: (2) (LocalSystem)
  467. "Progid"="ACDSee 10.0.raf"
  468. .
  469. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
  470. @Denied: (2) (LocalSystem)
  471. "Progid"="ACDSee 10.0.ras"
  472. .
  473. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
  474. @Denied: (2) (LocalSystem)
  475. "Progid"="ACDSee 10.0.rgb"
  476. .
  477. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
  478. @Denied: (2) (LocalSystem)
  479. "Progid"="ACDSee 10.0.rgba"
  480. .
  481. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
  482. @Denied: (2) (LocalSystem)
  483. "Progid"="ACDSee 10.0.rle"
  484. .
  485. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
  486. @Denied: (2) (LocalSystem)
  487. "Progid"="ACDSee 10.0.rsb"
  488. .
  489. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
  490. @Denied: (2) (LocalSystem)
  491. "Progid"="ACDSee 10.0.sgi"
  492. .
  493. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
  494. @Denied: (2) (LocalSystem)
  495. "Progid"="ACDSee 10.0.sr2"
  496. .
  497. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
  498. @Denied: (2) (LocalSystem)
  499. "Progid"="ACDSee 10.0.srf"
  500. .
  501. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
  502. @Denied: (2) (LocalSystem)
  503. "Progid"="ACDSee 10.0.tga"
  504. .
  505. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
  506. @Denied: (2) (LocalSystem)
  507. "Progid"="ACDSee 10.0.thm"
  508. .
  509. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
  510. @Denied: (2) (LocalSystem)
  511. "Progid"="ACDSee 10.0.tif"
  512. .
  513. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
  514. @Denied: (2) (LocalSystem)
  515. "Progid"="ACDSee 10.0.tiff"
  516. .
  517. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
  518. @Denied: (2) (LocalSystem)
  519. "Progid"="ACDSee 10.0.ttc"
  520. .
  521. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
  522. @Denied: (2) (LocalSystem)
  523. "Progid"="ACDSee 10.0.ttf"
  524. .
  525. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10o\UserChoice]
  526. @Denied: (2) (LocalSystem)
  527. "Progid"="ACDSee 10.0.v10o"
  528. .
  529. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10p\UserChoice]
  530. @Denied: (2) (LocalSystem)
  531. "Progid"="ACDSee 10.0.v10p"
  532. .
  533. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10pf\UserChoice]
  534. @Denied: (2) (LocalSystem)
  535. "Progid"="ACDSee 10.0.v10pf"
  536. .
  537. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
  538. @Denied: (2) (LocalSystem)
  539. "Progid"="ACDSee 10.0.wbm"
  540. .
  541. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
  542. @Denied: (2) (LocalSystem)
  543. "Progid"="ACDSee 10.0.wbmp"
  544. .
  545. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
  546. @Denied: (2) (LocalSystem)
  547. "Progid"="ACDSee 10.0.wmf"
  548. .
  549. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
  550. @Denied: (2) (LocalSystem)
  551. "Progid"="ACDSee 10.0.xbm"
  552. .
  553. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
  554. @Denied: (2) (LocalSystem)
  555. "Progid"="ACDSee 10.0.xif"
  556. .
  557. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
  558. @Denied: (2) (LocalSystem)
  559. "Progid"="ACDSee 10.0.xmp"
  560. .
  561. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
  562. @Denied: (2) (LocalSystem)
  563. "Progid"="ACDSee 10.0.xpm"
  564. .
  565. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000_Classes\CLSID\{1273c904-aaff-4d3e-a7a2-50ce315ce2d0}]
  566. @Denied: (Full) (Everyone)
  567. @Allowed: (Read) (RestrictedCode)
  568. "Model"=dword:00000045
  569. "Therad"=dword:0000001f
  570. "SpecVersion"=dword:00000081
  571. "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
  572. 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
  573. .
  574. [HKEY_USERS\S-1-5-21-22482793-1858402393-37194211-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
  575. @Denied: (Full) (Everyone)
  576. @Allowed: (Read) (RestrictedCode)
  577. "scansk"=hex(0):3b,97,97,be,cb,c0,fb,30,a8,9d,95,74,c9,f0,f1,4a,05,c2,17,9e,48,
  578. be,06,95,5f,97,d6,38,a7,a3,19,1c,ce,58,ac,77,ab,ca,0f,93,00,00,00,00,00,00,\
  579. .
  580. [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  581. @Denied: (A) (Users)
  582. @Denied: (A) (Everyone)
  583. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  584. "BlindDial"=dword:00000000
  585. .
  586. [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  587. @Denied: (A) (Users)
  588. @Denied: (A) (Everyone)
  589. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  590. "BlindDial"=dword:00000000
  591. .
  592. [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  593. @Denied: (Full) (Everyone)
  594. .
  595. --------------------- DLLs Loaded Under Running Processes ---------------------
  596. .
  597. - - - - - - - > 'Explorer.exe'(988)
  598. c:\program files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
  599. .
  600. ------------------------ Other Running Processes ------------------------
  601. .
  602. c:\windows\system32\atieclxx.exe
  603. c:\windows\system32\taskhost.exe
  604. c:\program files\Hard Disk Sentinel\HDSentinel.exe
  605. c:\program files\GridinSoft Trojan Killer\trojankiller.exe
  606. c:\windows\System32\WUDFHost.exe
  607. c:\windows\system32\conhost.exe
  608. c:\windows\system32\sppsvc.exe
  609. c:\windows\system32\taskhost.exe
  610. .
  611. **************************************************************************
  612. .
  613. Completion time: 2014-10-02 10:11:14 - machine was rebooted
  614. ComboFix-quarantined-files.txt 2014-10-02 02:11
  615. .
  616. Pre-Run: 24,044,769,280 bytes free
  617. Post-Run: 23,809,265,664 bytes free
  618. .
  619. - - End Of File - - 954AC671105817288A09AA38FE68FD18
  620. A36C5E4F47E84449FF07ED3517B43A31
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!