ComboFix 13-09-28.02 - Frantheman7 09/28/2013 22:48:22.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3063.1641 [GMT -4:00]
Running from: c:\users\Frantheman7\Desktop\ComboFix.exe
AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Frantheman7\AppData\Local\assembly\tmp
c:\windows\system32\SET7E6.tmp
c:\windows\system32\SETD26.tmp
c:\windows\system32\SETE3C6.tmp
c:\windows\system32\SETEF31.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-08-28 to 2013-09-29 )))))))))))))))))))))))))))))))
.
.
2013-09-29 02:55 . 2013-09-29 02:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-29 02:55 . 2013-09-29 02:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-28 23:32 . 2013-04-04 18:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-28 22:03 . 2013-09-28 22:03 -------- d-----w- c:\users\Frantheman7\AppData\Roaming\Malwarebytes
2013-09-28 22:03 . 2013-09-28 22:03 -------- d-----w- c:\programdata\Malwarebytes
2013-09-27 22:55 . 2013-09-27 22:55 -------- d-----w- c:\programdata\vsosdk
2013-09-27 20:19 . 2013-09-27 20:19 -------- d-----w- c:\windows\ERUNT
2013-09-26 21:43 . 2013-09-26 21:43 -------- d-----w- c:\programdata\Malwarebytes-BackupByMalwarebytesPortable
2013-09-26 21:27 . 2013-09-26 21:27 -------- d-----w- c:\program files\CCleaner
2013-09-26 21:26 . 2013-09-27 12:45 -------- d-----w- C:\AdwCleaner
2013-09-26 00:29 . 2013-06-09 02:40 15696 ----a-w- c:\windows\system32\drivers\asdnet.sys
2013-09-25 21:37 . 2013-08-05 01:56 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-25 21:37 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 21:37 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-09-25 21:37 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 21:37 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 20:40 . 2013-09-25 20:40 -------- d-----w- c:\users\Frantheman7\AppData\Roaming\Anvisoft
2013-09-25 20:39 . 2013-09-25 20:39 -------- d-----w- c:\programdata\Anvisoft
2013-09-25 20:39 . 2012-11-07 07:16 22864 ----a-w- c:\windows\system32\drivers\asdrs.sys
2013-09-25 20:39 . 2012-11-07 07:16 14160 ----a-w- c:\windows\system32\drivers\asdws.sys
2013-09-25 20:39 . 2012-11-07 07:16 16208 ----a-w- c:\windows\system32\drivers\asdrm.sys
2013-09-25 20:39 . 2013-09-26 00:29 -------- d-----w- c:\program files\Anvisoft
2013-09-05 22:53 . 2013-09-05 22:53 -------- d-----w- c:\users\Frantheman7\AppData\Roaming\LucasArts
2013-09-05 22:22 . 2013-09-05 22:22 -------- d-----w- c:\program files\LucasArts
2013-09-05 22:05 . 2013-09-05 22:05 -------- d-----w- c:\users\Frantheman7\AppData\Local\EMU
2013-09-05 22:04 . 2013-09-05 22:05 -------- d-----w- c:\users\Frantheman7\AppData\Local\PAYDAY 2
2013-09-05 21:53 . 2013-09-05 22:03 -------- d-----w- c:\program files\PAYDAY 2
2013-09-05 01:51 . 2013-09-25 22:59 -------- d-----w- C:\Mp3tag v2.45
2013-09-05 00:08 . 2013-09-05 00:08 -------- d-----w- c:\program files\TagRename
2013-09-04 23:35 . 2013-09-04 23:35 -------- d-----w- c:\users\Frantheman7\AppData\Roaming\ABF software
2013-09-04 03:31 . 2013-09-25 22:59 -------- d-----w- c:\program files\A123 All to mp3 Converter
2013-09-03 20:52 . 2013-09-03 20:52 -------- d-----w- c:\program files\Foxit Software
2013-09-03 04:40 . 2013-09-03 04:40 -------- d-----w- c:\programdata\RealNetworks
2013-09-03 04:40 . 2013-09-03 04:40 -------- d-----w- c:\program files\Common Files\xing shared
2013-09-02 10:08 . 2013-09-03 04:40 -------- d-----w- c:\program files\Real
2013-09-02 08:37 . 2013-09-02 08:52 -------- d-----w- c:\program files\Common Files\Real
2013-09-02 05:14 . 2013-09-02 05:14 -------- d-----w- c:\program files\Tomato
2013-09-02 05:14 . 2008-07-03 18:26 6294528 ----a-w- c:\windows\system32\MediaIO1.dll
2013-08-31 00:20 . 2013-09-01 02:19 -------- d-----w- c:\programdata\WindSolutions
2013-08-31 00:19 . 2013-08-31 00:19 -------- d-----w- c:\users\Frantheman7\AppData\Roaming\WindSolutions
2013-08-30 19:25 . 2013-08-30 19:25 -------- d-----w- c:\program files\MP3TagEditor
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-25 23:29 . 2013-06-23 17:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-25 23:29 . 2013-06-23 17:40 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-18 02:23 . 2013-06-23 15:27 53024 ----a-w- c:\windows\system32\OpenCL.dll
2013-09-18 02:23 . 2013-06-23 19:33 13628208 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-09-18 02:23 . 2013-06-23 15:26 1222824 ----a-w- c:\windows\system32\nvumdshim.dll
2013-09-18 02:23 . 2013-06-23 15:26 12947360 ----a-w- c:\windows\system32\nvd3dum.dll
2013-09-18 02:23 . 2013-06-23 15:26 2630304 ----a-w- c:\windows\system32\nvapi.dll
2013-09-12 06:28 . 2013-06-23 15:27 4265760 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 06:28 . 2013-06-23 15:27 3006240 ----a-w- c:\windows\system32\nvsvc.dll
2013-09-12 06:28 . 2013-06-23 15:27 662816 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-12 06:28 . 2013-06-23 15:27 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-09-12 06:28 . 2013-06-23 15:27 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
2013-09-12 06:28 . 2013-06-23 15:27 209184 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-03 04:39 . 2013-06-23 15:33 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-09-03 04:39 . 2013-06-23 15:33 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-08-24 01:18 . 2013-08-24 01:18 15453832 ----a-w- c:\windows\system32\xlive.dll
2013-08-20 11:36 . 2013-08-20 11:36 1873752 ----a-w- c:\windows\system32\auto_reactivate.exe
2013-08-19 04:57 . 2007-04-27 14:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2013-07-28 04:37 . 2013-07-28 04:37 131072 ----a-r- c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{8180DC57-B9CC-4C0C-8334-B357B67BCF6B}\VideoConverter5_St_B7EA6CF0C721446799BC56B5F772EFE9.exe
2013-07-28 03:31 . 2013-07-05 21:45 81920 ----a-r- c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut41_254AB2CD520A4C819BDF86ADC896D541.exe
2013-07-28 03:31 . 2013-07-05 21:45 81920 ----a-r- c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut4_1A0B109781684C62B2EB05F675FBA899.exe
2013-07-28 03:31 . 2013-07-05 21:45 131072 ----a-r- c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut5_53A455E88AFE48C5A618B7DA9F7EFF69.exe
2013-07-28 02:56 . 2013-07-28 02:56 53248 ----a-r- c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{3A9527CF-4E91-4683-A03F-F1AD022126E5}\ARPPRODUCTICON.exe
2013-07-27 04:06 . 2013-07-27 04:06 163232 ----a-w- c:\windows\system32\drivers\afcdp.sys
2013-07-27 04:05 . 2013-07-27 04:05 752128 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2013-07-27 04:05 . 2013-07-27 04:05 600928 ----a-w- c:\windows\system32\drivers\timntr.sys
2013-07-27 04:05 . 2013-07-27 04:05 170464 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-07-25 08:57 . 2013-08-15 02:50 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-24 21:53 . 2013-07-24 21:53 722416 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-07-19 01:41 . 2013-08-15 02:50 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 00:17 . 2013-07-10 04:15 47360 ----a-w- c:\users\Frantheman7\AppData\Roaming\pcouffin.sys
2013-07-12 01:25 . 2013-07-12 01:25 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-12 01:25 . 2013-07-12 01:25 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-07-12 01:25 . 2013-07-12 01:25 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-07-12 01:25 . 2013-07-12 01:25 158720 ----a-w- c:\windows\system32\msls31.dll
2013-07-12 01:25 . 2013-07-12 01:25 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-07-12 01:25 . 2013-07-12 01:25 138752 ----a-w- c:\windows\system32\wextract.exe
2013-07-12 01:25 . 2013-07-12 01:25 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-12 01:25 . 2013-07-12 01:25 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-07-12 01:25 . 2013-07-12 01:25 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-07-12 01:25 . 2013-07-12 01:25 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-07-12 01:25 . 2013-07-12 01:25 12800 ----a-w- c:\windows\system32\mshta.exe
2013-07-12 01:25 . 2013-07-12 01:25 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-07-12 01:25 . 2013-07-12 01:25 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-07-12 01:25 . 2013-07-12 01:25 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-07-12 01:25 . 2013-07-12 01:25 361984 ----a-w- c:\windows\system32\html.iec
2013-07-12 01:25 . 2013-07-12 01:25 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-12 01:25 . 2013-07-12 01:25 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-09 05:03 . 2013-08-15 02:50 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-09 05:03 . 2013-08-15 02:50 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-09 04:53 . 2013-08-15 02:50 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-07-09 04:52 . 2013-08-15 02:50 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 04:50 . 2013-08-15 02:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 04:46 . 2013-08-15 02:50 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 04:46 . 2013-08-15 02:50 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 04:46 . 2013-08-15 02:50 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-06 05:05 . 2013-08-15 02:50 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-05 01:25 . 2013-07-05 01:25 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-07-05 01:25 . 2013-07-05 01:25 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-07-05 01:25 . 2013-07-05 01:25 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-07-05 01:25 . 2013-07-05 01:25 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-07-05 01:25 . 2013-07-05 01:25 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-07-05 01:25 . 2013-07-05 01:25 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-07-05 01:25 . 2013-07-05 01:25 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-07-05 01:25 . 2013-07-05 01:25 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-07-05 01:25 . 2013-07-05 01:25 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-07-05 01:25 . 2013-07-05 01:25 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-07-05 01:25 . 2013-07-05 01:25 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-07-05 01:25 . 2013-07-05 01:24 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-07-05 01:24 . 2013-07-05 01:24 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-07-05 01:24 . 2013-07-05 01:24 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-07-05 01:24 . 2013-07-05 01:24 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2008-02-06 04:44 . 2013-07-28 13:47 200704 ----a-w- c:\program files\BorisFXUI.fex
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TextAloud3"="c:\program files\TextAloud\TextAloudMP3.exe" [2011-02-14 3732480]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2013-06-23 4771184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDEAL Calendar"="c:\program files\IDEAL Calendar\Calendar.exe" [2005-06-17 593920]
"mylbx"="c:\program files\My Lockbox\mylbx.exe" [2012-07-25 2211688]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-08-16 152392]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2013-09-03 295512]
"Anvi Smart Defender"="c:\program files\Anvisoft\Anvi Smart Defender\ASDTray.exe" [2013-08-12 1635048]
"Anvi AD Blocker"="c:\program files\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe" [2013-06-14 1256144]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-06-26 280576]
.
c:\users\Frantheman7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ShellFolderFix.lnk - c:\program files\ShellFolderFix\ShellFolderFixUI.exe /autostart [2013-6-23 1819648]
TimeLeft.lnk - c:\program files\TimeLeft3\TimeLeft.exe [2013-6-23 2374832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snagit 11.lnk - c:\program files\TechSmith\Snagit 11\Snagit32.exe [2013-5-29 9479536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart\0auto_reactivate c:\bootwiz\asrm.bin
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 11.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk
backup=c:\windows\pss\Snagit 11.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Frantheman7^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^create-restore.vbs]
path=c:\users\Frantheman7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\create-restore.vbs
backup=c:\windows\pss\create-restore.vbs.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2010-08-21 10:16 390712 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-04-24 03:21 203928 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-22 01:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 15:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-01-21 21:22 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
2013-06-23 18:01 4771184 ----a-w- c:\program files\BitTorrent\BitTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPMonitor]
2011-07-08 16:31 84464 ----a-w- c:\program files\Roxio 2012\5.0\CPMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
2011-06-12 23:07 506352 ----a-w- c:\program files\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUs Tray]
2012-03-15 13:34 744584 ----a-w- c:\program files\EaseUS\Todo Backup\bin\TrayNotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUs Watch]
2011-12-23 03:09 70792 ----a-w- c:\program files\EaseUS\Todo Backup\bin\EuWatch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iFunBoxConnector]
2012-11-20 13:03 812544 ----a-w- c:\ifunbox.win\ifb_conn.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2010-05-21 17:40 324976 ----a-w- c:\programdata\FLEXnet\Connect\11\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-08-16 13:07 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
2013-05-16 14:44 1012000 ----a-w- c:\program files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2011-11-15 03:50 312376 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2011-07-13 11:41 293360 ----a-w- c:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor]
2010-08-20 13:18 2536752 ----a-w- c:\program files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TAForOE Loader]
2010-05-17 12:51 499144 ----a-w- c:\program files\TextAloud\TAForOELoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TB]
2011-12-23 03:09 243336 ----a-w- c:\program files\EaseUS\Todo Backup\bin\XSnapShotTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2013-09-03 04:39 295512 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2010-08-21 10:15 5459136 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 15:07 199752 ----a-w- c:\progra~1\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-07-11 21:47 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
2;2 CareMon;CareMon;c:\program files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 MBAMScheduler;MBAMScheduler;k:\malwarebytes' anti-malware\mbamscheduler.exe
R2 MBAMService;MBAMService;k:\malwarebytes' anti-malware\mbamservice.exe
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-07-13 340976]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2011-06-14 267568]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RoxMediaDB13;RoxMediaDB13;c:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-07-13 1095664]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys
R4 BOTService;BOTService;c:\program files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-07-14 211440]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-12-23 50312]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2012-02-08 42120]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [2010-07-22 41912]
S0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\DRIVERS\pssnap.sys [2013-06-14 16504]
S0 SahdIa32;HDD Filter Driver;c:\windows\System32\Drivers\SahdIa32.sys [2011-02-09 21488]
S0 SaibIa32;Volume Filter Driver;c:\windows\System32\Drivers\SaibIa32.sys [2011-02-09 15856]
S0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\DRIVERS\SI3112r.sys [2007-08-29 116264]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2013-07-24 722416]
S0 SysCow;SysCow;c:\windows\system32\drivers\syscow32v.sys [2010-05-23 81904]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2013-07-27 752128]
S1 asdrm;asdrm;c:\windows\system32\DRIVERS\asdrm.sys [2012-11-07 16208]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-12-23 17032]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2011-12-23 187016]
S1 SaibVd32;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVd32.sys [2011-02-09 25584]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\App\SaibSVC.exe [2011-02-09 457200]
S2 AdblockerSrv;Adblocker Monitor Service;c:\program files\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe [2013-06-14 314064]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2013-07-27 3975088]
S2 asdnet;Adblocker Monitor Driver;c:\windows\system32\DRIVERS\asdnet.sys [2013-06-09 15696]
S2 asdrs;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\asdrs.sys [2012-11-07 22864]
S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2013-08-12 742120]
S2 asdws;AnviSmartDefender Web Guard;c:\windows\system32\DRIVERS\asdws.sys [2012-11-07 14160]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 BOT4Service;BOT4Service;c:\program files\Roxio\BackOnTrack\App\BService.exe [2011-07-15 21488]
S2 EaseUS Agent;EaseUS Agent;c:\program files\EaseUS\Todo Backup\bin\Agent.exe [2011-12-23 61064]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
S2 Guard Agent;Guard Agent;c:\program files\EaseUS\Todo Backup\bin\GuardAgent.exe [2011-12-23 23176]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
S2 ReflectService.exe;Reflect Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-07-25 224920]
S2 supersafer;supersafer;c:\windows\system32\drivers\supersafer.sys [2011-11-15 354176]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2013-07-27 163232]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-23 23:29]
.
.
------- Supplementary Scan -------
.
uLocal Page = about:blank
uStart Page =
https://www.google.com/mStart Page = about:blank
mLocal Page = about:blank
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 10.0.0.1
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-iDevice Manager Launcher - c:\program files\Software4u\iDevice Manager\Software4u.IDMLauncher.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-SSDMonitor - c:\program files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
MSConfigStartUp-Winsuite2012 - c:\program files\Spotmau\PowerSuite Golden Edition\Winsuite 2012\Spotmau_WinSuite_TrayIcon.exe
AddRemove-Alcohol 120% - c:\program files\Alcohol Soft\Alcohol 120\uninst.exe
AddRemove-Dll-Files Fixer_is1 - c:\program files\Dll-Files.com Fixer\unins000.exe
AddRemove-FE5AE7DC-7B01-4263-A94C-B4526C276549_is1 - c:\program files\Software4u\iPhone Explorer\unins000.exe
AddRemove-FE5AE7DC-7B01-4263-A94C-B4526C276550_is1 - c:\program files\Software4u\iDevice Manager\unins000.exe
AddRemove-InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354} - c:\program files (x86)\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\setup.exe
AddRemove-Malwarebytes' Anti-Malware_is1 - k:\malwarebytes' anti-malware\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.032"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.abr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ani"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.apd"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.arw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bay"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bmp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cr2"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.crw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cs1"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cur"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dib"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djv"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djvu"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dng"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.emf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.eps"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.erf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fff"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fpx"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.gif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.hdr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icl"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icn"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (S-1-5-21-3602084776-2122628737-1096821462-1001)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.iff"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ilbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.int"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.inta"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.iw4"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2c"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2k"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jbr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jp2"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpc"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpe"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpeg"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpg"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpk"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpx"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.kdc"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.lbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mef"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mos"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mrw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nef"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nrw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.orf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcd"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pct"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcx"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pef"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pgm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pict"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pix"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.png"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ppm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psd"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspbrush"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspimage"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.raf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ras"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-3602084776-2122628737-1096821462-1001)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.raw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgb"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgba"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rle"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rsb"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rw2"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rwl"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sgi"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sr2"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.srf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tga"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.thm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tiff"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttc"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30po"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30pp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30ppf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbmp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wmf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xmp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xpm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A618B794-1FC0-DF96-E488-F3F993F47E08}*]
"iacigalhndcohfgkle"=hex:69,61,6e,63,64,61,69,6e,68,70,62,65,6a,6a,6a,67,63,68,
00,00
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F40CFDDB-794D-95B3-898F-951AD6FDA618}*]
@Allowed: (Read) (RestrictedCode)
"jaiheheihhgacdgjllmj"=hex:69,61,64,6f,6e,62,6d,63,6a,62,70,61,68,68,6f,64,65,
61,00,00
"iagkghpnkgeabcfkeg"=hex:69,61,64,6f,6e,62,6d,63,6a,62,70,61,68,68,6f,64,65,61,
00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-09-28 23:37:26
ComboFix-quarantined-files.txt 2013-09-29 03:37
.
Pre-Run: 1,592,036,151,296 bytes free
Post-Run: 1,591,918,075,904 bytes free
.
- - End Of File - - 79301F9E5BF16F9F8E1A789133A3F2AF
A6760C5F40127D4D36B48ECB8DF3C680