MyCity » Ambulanta -> Arhiva Ambulante » Zarazen sajt i racunar

Zarazen sajt i racunar

Napisano na dan: 23.12.2009

Strana:
1
2
3
4

Zarazen sajt i racunar

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4

spalekus Poslao: 23 Dec 2009 19:59 Idi na vrh
offline spalekus Građanin Pridružio: 07 Jun 2008 Poruke: 46	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Poštovani, webmaster sam jednog sajta i već desetak dana imam ogroman problem. Naime, posetioci su počeli da se žale kako im antivirusni programi javljaju da je sajt zaražen iako se sajt pojavljivao a posle par dana umesto sajta pokazuje se samo tekst koji vam šaljem. Iste takve skripte sam pronašao u index.php i index.html. Kada sam ih obrisao sajt se ponovo pojavio i jedno izvesno vreme je sve funkcionisalo u najboljem redu. Posle dva dana pojavljuje se isti problem koji rešavam na isti način ali sam shvatio da je to samo delimično rešen problem. Rečeno mi je da u mom računaru ima virusa i da ih prenosim na sajt preko ftp protokola. Dobio sam savet da detaljno pregledam i očistim računar od virusa što sam i pokušao. Inače, koristim Avast 4.8 home i Malwarebites. Na moje iznenađenje i posle dva skeniranja ni jedan program nije pronašao ni jedan virus. Zato vam se i obraćam sa molbom da mi pomognete, jer smatram da je problem ogroman zbog redovnih posetilaca sajta . Često sam preko torenta preuzimao muziku, te smatram da ako ima virusa da sam ih tim putem i zaradio, nerazmišljajući da time činim problem sebi i svojim redovnim posetiocima. Koristim wireless internet, mislim da je brzina 512/256. Pozdrav ! DDS (Ver_09-12-01.01) - NTFSx86 Run by Aca at 18:51:47,34 on sre 23.12.2009 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.1024.326 [GMT 1:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe C:\Windows\ATKKBService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\taskhost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\OpenOffice.org 3\program\swriter.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Aca\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.jasatomic.org/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun mRun: [QuickTime Task] "c:\program files\media convert master\codec\quicktime\QTTask.exe" -atboottime StartupFolder: c:\users\aca\appdata\roaming\micros~1\windows\startm~1\programs\startup\tempcl~1.lnk - c:\program files\tempcleaner\TempCleaner.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: S&end to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\users\aca\appdata\roaming\mozilla\firefox\profiles\6i7hkchi.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.jasatomic.org FF - plugin: c:\program files\media convert master\codec\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\media convert master\codec\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-11-8 114768] R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files\abbyy finereader 9.0\NetworkLicenseServer.exe [2007-11-2 566560] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-11-8 20560] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-11-8 53328] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-11-25 138680] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-11-25 352920] S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-11-25 254040] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] =============== Created Last 30 ================ 2009-12-16 17:50:46 0 d-----w- c:\users\aca\appdata\roaming\OpenOffice.org 2009-12-16 17:14:23 0 d-----w- c:\program files\JRE 2009-12-16 17:14:02 0 d-----w- c:\program files\OpenOffice.org 3 2009-12-08 15:08:38 0 d-----w- c:\windows\pss 2009-12-03 14:19:22 197632 ----a-w- c:\windows\system32\CNMLM78.DLL 2009-12-03 11:53:47 0 d-----w- c:\programdata\CanonCP 2009-12-03 11:16:04 0 d-----w- c:\users\aca\appdata\roaming\GetRightToGo 2009-12-03 10:28:40 10 ----a-w- c:\windows\WININIT.INI 2009-12-03 10:28:21 0 d-----w- c:\program files\common files\Canon 2009-12-02 09:37:44 0 d-----w- c:\program files\NRadioBox 1.2 2009-12-01 17:49:54 0 d-----w- c:\programdata\Google 2009-11-30 07:02:47 65536 --sha-w- c:\users\aca\ntuser.dat{467b0f1c-dd7e-11de-aac1-0011d861f5d9}.TM.blf 2009-11-30 07:02:47 524288 --sha-w- c:\users\aca\ntuser.dat{467b0f1c-dd7e-11de-aac1-0011d861f5d9}.TMContainer00000000000000000002.regtrans-ms 2009-11-30 07:02:47 524288 --sha-w- c:\users\aca\ntuser.dat{467b0f1c-dd7e-11de-aac1-0011d861f5d9}.TMContainer00000000000000000001.regtrans-ms 2009-11-30 06:49:52 0 d-----w- C:\NRadioBoxData 2009-11-29 19:52:27 0 d-----w- c:\program files\Microsoft 2009-11-29 14:13:53 1048576 --sha-w- c:\users\aca\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.2.regtrans-ms 2009-11-29 14:13:52 1048576 --sha-w- c:\users\aca\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.1.regtrans-ms 2009-11-29 14:13:51 65536 --sha-w- c:\users\aca\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.blf 2009-11-29 14:13:51 1048576 --sha-w- c:\users\aca\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.0.regtrans-ms 2009-11-25 11:21:29 0 d-----w- c:\program files\common files\Protexis 2009-11-25 11:17:58 0 d-----w- c:\program files\common files\Corel 2009-11-25 11:17:09 0 d-----w- c:\program files\Corel 2009-11-25 08:01:01 2048 ----a-w- c:\windows\system32\tzres.dll ==================== Find3M ==================== 2009-12-13 16:31:45 2516 --sha-w- c:\programdata\KGyGaAvL.sys 2009-12-03 15:14:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-03 15:13:56 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-30 14:12:46 21584 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-11-25 11:31:03 88 --sh--r- c:\programdata\51B02670CC.sys 2009-11-20 19:19:54 56 ---ha-w- c:\programdata\ezsidmv.dat 2009-11-09 18:25:55 81920 ----a-w- c:\users\aca\appdata\roaming\ezpinst.exe 2009-11-09 18:25:55 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2009-11-09 18:25:55 47360 ----a-w- c:\users\aca\appdata\roaming\pcouffin.sys 2009-11-09 09:44:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2009-11-08 23:44:30 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-08 22:50:18 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-11-08 21:36:19 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2009-11-02 19:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 18:54:05,60 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

dr_Bora Poslao: 23 Dec 2009 20:46 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Imaš li Windows DVD i znaš li kako bootovati sa njega i pokrenuti Command Prompt?

Profil

spalekus Poslao: 23 Dec 2009 20:54 Idi na vrh
offline spalekus Građanin Pridružio: 07 Jun 2008 Poruke: 46	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imam Windows Media player, da li na to mislite i na žalost, ne znam da pokrenem Command Promt

Profil

dr_Bora Poslao: 23 Dec 2009 21:11 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mislio sam na Windows 7 instalacioni DVD. Hajde da odradimo još jednu proveru. Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

spalekus Poslao: 23 Dec 2009 22:25 Idi na vrh
offline spalekus Građanin Pridružio: 07 Jun 2008 Poruke: 46	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-12-22.09 - Aca 23.12.2009 21:52:16.1.1 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.1024.551 [GMT 1:00] Running from: c:\users\Aca\Desktop\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2009-11-23 to 2009-12-23 ))))))))))))))))))))))))))))))) . 2009-12-23 21:11 . 2009-12-23 21:12 -------- d-----w- c:\users\Aca\AppData\Local\temp 2009-12-23 21:11 . 2009-12-23 21:11 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-12-16 17:59 . 2009-12-16 17:59 686080 ----a-w- c:\users\Aca\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\uno_packages\84AC.tmp_\sun-pdfimport.oxt\pdfimport.uno.dll 2009-12-16 17:59 . 2009-12-16 17:59 568832 ----a-w- c:\users\Aca\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\uno_packages\84AC.tmp_\sun-pdfimport.oxt\msvcp90.dll 2009-12-16 17:59 . 2009-12-16 17:59 655872 ----a-w- c:\users\Aca\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\uno_packages\84AC.tmp_\sun-pdfimport.oxt\msvcr90.dll 2009-12-16 17:59 . 2009-12-16 17:59 583168 ----a-w- c:\users\Aca\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\uno_packages\84AC.tmp_\sun-pdfimport.oxt\xpdfimport.exe 2009-12-16 17:59 . 2009-12-16 17:59 224768 ----a-w- c:\users\Aca\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\uno_packages\84AC.tmp_\sun-pdfimport.oxt\msvcm90.dll 2009-12-16 17:53 . 2009-12-23 20:10 1 ----a-w- c:\users\Aca\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-12-16 17:50 . 2009-12-16 17:50 -------- d-----w- c:\users\Aca\AppData\Roaming\OpenOffice.org 2009-12-16 17:14 . 2009-12-16 17:14 -------- d-----w- c:\program files\JRE 2009-12-16 17:14 . 2009-12-16 17:14 -------- d-----w- c:\program files\OpenOffice.org 3 2009-12-14 14:15 . 2009-12-14 14:15 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-14 14:13 . 2009-12-14 14:13 -------- d-----w- c:\program files\Common Files\InstallShield 2009-12-11 11:01 . 2009-12-11 11:01 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb8E9F.tmp.exe 2009-12-10 15:48 . 2009-12-10 15:48 4844296 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-12-05 23:02 . 2009-12-05 23:02 -------- d-----w- c:\users\Aca\AppData\Local\Cooliris 2009-12-05 23:02 . 2009-10-06 12:40 103424 ----a-w- c:\users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\6i7hkchi.default\extensions\piclens@cooliris.com\libs\pixomatic.dll 2009-12-05 23:02 . 2009-10-06 12:40 545280 ----a-w- c:\users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\6i7hkchi.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2009-12-05 23:02 . 2009-10-06 12:40 153600 ----a-w- c:\users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\6i7hkchi.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll 2009-12-05 23:02 . 2009-10-06 12:40 4716544 ----a-w- c:\users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\6i7hkchi.default\extensions\piclens@cooliris.com\components\cooliris.dll 2009-12-05 23:02 . 2009-10-06 12:40 344064 ----a-w- c:\users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\6i7hkchi.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2009-12-03 17:52 . 2006-09-13 04:00 42496 ----a-w- c:\programdata\CanonBJ\IJPrinter\CNMWindows\Canon iP4200\LanguageModules\0411\CNMsr78.dll 2009-12-03 17:52 . 2006-09-13 04:00 74240 ----a-w- c:\programdata\CanonBJ\IJPrinter\CNMWindows\Canon iP4200\LanguageModules\0409\CNMsr78.dll 2009-12-03 17:52 . 2006-09-13 04:00 73216 ----a-w- c:\programdata\CanonBJ\IJPrinter\CNMWindows\Canon iP4200\LanguageModules\0411\CNMlr78.dll 2009-12-03 17:52 . 2006-09-13 04:00 334848 ----a-w- c:\programdata\CanonBJ\IJPrinter\CNMWindows\Canon iP4200\LanguageModules\0409\CNMur78.dll 2009-12-03 17:52 . 2006-09-13 04:00 249344 ----a-w- c:\programdata\CanonBJ\IJPrinter\CNMWindows\Canon iP4200\LanguageModules\0411\CNMur78.dll 2009-12-03 17:52 . 2006-09-13 04:00 130048 ----a-w- c:\programdata\CanonBJ\IJPrinter\CNMWindows\Canon iP4200\LanguageModules\0409\CNMlr78.dll 2009-12-03 14:19 . 2006-09-13 04:00 197632 ----a-w- c:\windows\system32\CNMLM78.DLL 2009-12-03 14:19 . 2009-12-03 14:19 -------- d--h--w- c:\program files\CanonBJ 2009-12-03 11:53 . 2009-12-03 11:53 -------- d-----w- c:\programdata\CanonCP 2009-12-03 11:53 . 2009-07-29 11:51 112664 ----a-w- c:\programdata\CanonCP\CNYSELPHYCP\CNYWindows\CNYCanon SELPHY CP720\CNYCPUIN.EXE 2009-12-03 11:53 . 2009-07-13 12:55 102400 ----a-w- c:\programdata\CanonCP\CNYSELPHYCP\CNYWindows\CNYCanon SELPHY CP720\CNY04091.DLL 2009-12-03 11:16 . 2009-12-03 11:17 -------- d-----w- c:\users\Aca\AppData\Roaming\GetRightToGo 2009-12-03 10:28 . 2009-12-03 12:27 -------- d-----w- c:\program files\Common Files\Canon 2009-12-02 09:37 . 2009-12-02 09:37 -------- d-----w- c:\program files\NRadioBox 1.2 2009-12-01 17:51 . 2009-12-13 10:03 -------- d-----w- c:\users\Aca\AppData\Local\Google 2009-12-01 17:49 . 2009-12-01 17:51 -------- d-----w- c:\program files\Google 2009-11-30 06:49 . 2009-11-30 20:11 -------- d-----w- C:\NRadioBoxData 2009-11-29 19:52 . 2009-11-29 19:52 -------- d-----w- c:\program files\Microsoft 2009-11-25 11:21 . 2009-11-25 11:21 -------- d-----w- c:\program files\Common Files\Protexis 2009-11-25 11:17 . 2009-11-25 11:17 -------- d-----w- c:\program files\Common Files\Corel 2009-11-25 11:17 . 2009-11-25 11:17 -------- d-----w- c:\program files\Corel 2009-11-25 08:01 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-22 23:20 . 2009-11-10 08:42 -------- d-----w- c:\program files\Winamp 2009-12-22 22:05 . 2009-11-11 09:02 -------- d-----w- c:\users\Aca\AppData\Roaming\uTorrent 2009-12-18 21:51 . 2009-11-20 19:11 -------- d-----w- c:\users\Aca\AppData\Roaming\Skype 2009-12-16 18:11 . 2009-11-08 19:38 113136 ----a-w- c:\users\Aca\AppData\Local\GDIPFONTCACHEV1.DAT 2009-12-16 17:12 . 2009-11-08 23:44 -------- d-----w- c:\program files\Java 2009-12-16 14:12 . 2009-11-08 22:57 -------- d-----w- c:\programdata\Microsoft Help 2009-12-16 14:08 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild 2009-12-15 20:59 . 2009-11-16 04:33 -------- d-----w- c:\program files\RegCleaner 2009-12-13 16:31 . 2009-11-08 23:24 2516 --sha-w- c:\programdata\KGyGaAvL.sys 2009-12-13 16:31 . 2009-11-08 23:24 2516 --sha-w- c:\programdata\KGyGaAvL.sys 2009-12-11 10:01 . 2009-11-08 22:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-03 15:14 . 2009-11-08 22:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-03 15:13 . 2009-11-08 22:15 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-30 16:01 . 2009-11-08 20:15 -------- d-----w- c:\users\Aca\AppData\Roaming\GHISLER 2009-11-30 16:01 . 2009-11-20 23:46 -------- d-----w- c:\program files\NRadioBox 2009-11-30 16:01 . 2009-11-15 08:57 -------- d--h--w- c:\programdata\CanonIJScan 2009-11-30 16:01 . 2009-11-09 11:17 -------- d--h--w- c:\programdata\CanonBJ 2009-11-30 14:12 . 2009-07-13 23:11 21584 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-11-28 08:39 . 2009-11-08 21:19 -------- d-----w- c:\program files\xat.com xatshow 2009-11-27 15:16 . 2009-11-09 18:25 -------- d-----w- c:\program files\Media Convert Master 2009-11-25 19:49 . 2009-11-09 16:21 -------- d-----w- c:\program files\Opera 2009-11-25 11:31 . 2009-11-08 23:24 88 --sh--r- c:\programdata\51B02670CC.sys 2009-11-25 11:31 . 2009-11-08 23:24 88 --sh--r- c:\programdata\51B02670CC.sys 2009-11-25 11:22 . 2009-11-08 23:24 -------- d-----w- c:\users\Aca\AppData\Roaming\Corel 2009-11-25 11:21 . 2009-11-08 23:21 -------- d-----w- c:\programdata\Corel 2009-11-24 23:54 . 2009-11-08 20:47 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-11-24 23:49 . 2009-11-08 20:48 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-11-24 23:48 . 2009-11-08 20:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-11-24 23:47 . 2009-11-08 20:48 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-11-23 11:40 . 2009-11-21 07:25 -------- d-----w- c:\programdata\ABBYY 2009-11-23 11:25 . 2009-11-23 11:18 -------- d-----w- c:\program files\ABBYY FineReader 9.0 2009-11-23 10:47 . 2009-11-21 07:25 -------- d-----w- c:\program files\ABBYY FineReader 10 2009-11-21 07:33 . 2009-11-21 07:33 -------- d-----w- c:\users\Aca\AppData\Roaming\ABBYY 2009-11-20 19:19 . 2009-11-20 19:19 56 ---ha-w- c:\programdata\ezsidmv.dat 2009-11-20 19:11 . 2009-11-20 19:11 -------- d-----r- c:\program files\Skype 2009-11-20 19:11 . 2009-11-20 19:11 -------- d-----w- c:\program files\Common Files\Skype 2009-11-20 19:11 . 2009-11-20 19:10 -------- d-----w- c:\programdata\Skype 2009-11-20 12:39 . 2009-11-09 18:26 -------- d-----w- c:\programdata\Apple Computer 2009-11-20 12:38 . 2009-11-20 12:38 -------- d-----w- c:\program files\Common Files\Apple 2009-11-20 12:38 . 2009-11-20 12:38 -------- d-----w- c:\program files\Apple Software Update 2009-11-20 12:38 . 2009-11-20 12:38 -------- d-----w- c:\programdata\Apple 2009-11-19 20:37 . 2009-11-19 20:37 -------- d-----w- c:\users\Aca\AppData\Roaming\CD-LabelPrint 2009-11-16 04:53 . 2009-11-16 04:53 -------- d-----w- c:\program files\TempCleaner 2009-11-16 04:52 . 2009-11-08 22:50 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-11-15 22:10 . 2009-11-08 21:10 -------- d-----w- c:\program files\K-Lite Codec Pack 2009-11-15 17:52 . 2009-11-15 17:52 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2009-11-15 08:57 . 2009-11-15 08:57 -------- d-----w- c:\users\Aca\AppData\Roaming\Canon 2009-11-11 21:36 . 2009-11-11 21:36 -------- d-----w- c:\users\Aca\AppData\Roaming\GRETECH 2009-11-11 18:53 . 2009-11-11 18:53 -------- d-----w- c:\program files\GRETECH 2009-11-11 09:04 . 2009-11-11 09:04 -------- d-----w- c:\program files\uTorrent 2009-11-10 23:44 . 2009-11-09 11:16 -------- d-----w- c:\program files\Canon 2009-11-10 12:25 . 2009-11-10 08:42 -------- d-----w- c:\users\Aca\AppData\Roaming\Winamp 2009-11-10 08:42 . 2009-11-10 08:42 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-11-09 18:26 . 2009-11-08 21:45 -------- d-----w- c:\users\Aca\AppData\Roaming\Vso 2009-11-09 18:25 . 2009-11-09 18:25 81920 ----a-w- c:\users\Aca\AppData\Roaming\ezpinst.exe 2009-11-09 18:25 . 2009-11-09 18:25 81920 ----a-w- c:\users\Aca\AppData\Roaming\ezpinst.exe 2009-11-09 18:25 . 2009-11-09 18:25 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2009-11-09 18:25 . 2009-11-09 18:25 47360 ----a-w- c:\users\Aca\AppData\Roaming\pcouffin.sys 2009-11-09 18:25 . 2009-11-09 18:25 47360 ----a-w- c:\users\Aca\AppData\Roaming\pcouffin.sys 2009-11-09 17:01 . 2009-11-09 17:01 -------- d-----w- c:\users\Aca\AppData\Roaming\Nero 2009-11-09 17:00 . 2009-11-09 16:59 -------- d-----w- c:\program files\Common Files\Nero 2009-11-09 17:00 . 2009-11-09 16:57 -------- d-----w- c:\program files\Nero 2009-11-09 16:59 . 2009-11-09 16:59 -------- d-----w- c:\programdata\Nero 2009-11-09 16:31 . 2009-11-09 16:31 -------- d-----w- c:\program files\WinWatermark 2 2009-11-09 13:54 . 2009-11-09 13:54 -------- d-----w- c:\users\Aca\AppData\Roaming\Publish Providers 2009-11-09 09:44 . 2009-11-09 09:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2009-11-09 04:18 . 2009-11-09 04:18 0 ----a-w- c:\windows\system32\atiicdxx.dat 2009-11-09 04:18 . 2009-11-09 04:18 0 ----a-w- c:\windows\ativpsrm.bin 2009-11-09 01:03 . 2009-11-09 01:03 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2009-11-09 00:55 . 2009-11-09 00:55 -------- d-----w- c:\users\Aca\AppData\Roaming\Sony 2009-11-09 00:44 . 2009-11-09 00:44 -------- d-----w- c:\program files\Vstplugins 2009-11-09 00:44 . 2009-11-09 00:39 -------- d-----w- c:\program files\Sony 2009-11-09 00:40 . 2009-11-09 00:40 -------- d-----w- c:\program files\Sony Setup 2009-11-09 00:36 . 2009-11-08 23:27 -------- d-----w- c:\program files\Common Files\ACD Systems 2009-11-08 23:45 . 2009-11-08 23:45 -------- d-----w- c:\users\Aca\AppData\Roaming\VitySoft 2009-11-08 23:44 . 2009-11-08 23:44 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-08 23:31 . 2009-11-08 23:31 -------- d-----w- c:\program files\Common Files\Adobe 2009-11-08 23:29 . 2009-11-08 23:29 -------- d-----w- c:\users\Aca\AppData\Roaming\FastStone 2009-11-08 23:29 . 2009-11-08 23:29 -------- d-----w- c:\program files\FastStone Capture 2009-11-08 23:28 . 2009-11-08 23:28 -------- d-----w- c:\users\Aca\AppData\Roaming\ACD Systems 2009-11-08 23:27 . 2009-11-08 23:27 -------- d-----w- c:\programdata\ACD Systems 2009-11-08 23:27 . 2009-11-08 23:27 -------- d-----w- c:\program files\ACD Systems 2009-11-08 23:02 . 2009-11-08 23:02 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2009-11-08 22:55 . 2009-11-08 22:49 -------- d-----w- c:\users\Aca\AppData\Roaming\DAEMON Tools Lite 2009-11-08 22:50 . 2009-11-08 22:49 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-11-08 22:50 . 2009-11-08 22:50 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-11-08 22:49 . 2009-11-08 22:49 -------- d-----w- c:\programdata\DAEMON Tools Lite 2009-11-08 22:15 . 2009-11-08 22:15 -------- d-----w- c:\users\Aca\AppData\Roaming\Malwarebytes 2009-11-08 22:15 . 2009-11-08 22:15 -------- d-----w- c:\programdata\Malwarebytes 2009-11-08 21:45 . 2009-11-08 21:45 -------- d-----w- c:\program files\VSO 2009-11-08 21:36 . 2009-11-08 21:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2009-11-08 20:57 . 2009-11-08 20:57 -------- d-----w- c:\program files\CamStudio 2009-11-08 20:47 . 2009-11-08 20:47 -------- d-----w- c:\program files\Alwil Software 2009-11-02 19:42 . 2009-11-08 19:46 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-02 04:06 . 2009-11-08 19:33 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-01 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-08 149280] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-12-03 1394000] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-12-11 122880] "QuickTime Task"="c:\program files\Media Convert Master\codec\quicktime\QTTask.exe" [2009-11-10 417792] c:\users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TempCleaner.lnk - c:\program files\TempCleaner\TempCleaner.exe [2004-3-26 346624] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKLM\~\startupfolder\C:^Users^Aca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box] 2009-12-11 11:07 122880 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\Media Convert Master\codec\quicktime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd] 2004-06-10 11:48 286720 ----a-w- c:\windows\vsnpstd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2009-04-14 06:43 604704 ----a-w- c:\windows\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-12-01 17:51 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [8.11.2009 21:48 114768] R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2.11.2007 18:58 566560] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [8.11.2009 21:48 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [8.11.2009 21:47 53328] S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [8.11.2009 23:50 691696] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.jasatomic.org/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: S&end to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 FF - ProfilePath - c:\users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\6i7hkchi.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.jasatomic.org FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\Media Convert Master\codec\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\Media Convert Master\codec\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll . - - - - ORPHANS REMOVED - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.032" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.abr" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.amc" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.amr" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ani" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.apd" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.arw" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.bay" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.bmp" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.bw" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.bwf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdda\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.cdda" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.cel" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.cr2" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.crw" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.cs1" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.cur" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dcr" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dcx" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dib" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dif" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.djv" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.djvu" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dng" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dv" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.emf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.eps" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.erf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.fff" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.flc" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.fli" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.fpx" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.gif" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gsm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.gsm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.hdr" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.icl" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.icn" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ico" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.iff" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ilbm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.int" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.inta" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.iw4" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.j2c" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.j2k" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jbr" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jfif" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jif" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jp2" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpc" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpe" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpeg" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpg" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpk" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpx" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.kdc" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.lbm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.m15" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.m1a" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.m2a" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4b\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.m4b" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4p\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.m4p" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.m75" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.mef" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.mos" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.mpv" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.mrw" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.nef" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.orf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pbm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pbr" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pcd" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pct" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pcx" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pef" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pgm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pic" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pics" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pict" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pix" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.png" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ppm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.psd" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.psp" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pspbrush" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pspimage" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.qcp" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qt\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.qt" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.qtpf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.raf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ras" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.raw" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.rgb" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.rgba" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.rle" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.rsb" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.rw2" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.sdv" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.sfil" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.sgi" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.smf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.sml" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.sr2" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.srf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.swa" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.tga" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.thm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.tif" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.tiff" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ttc" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ttf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ulw" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.vfw" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.wbm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.wbmp" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.wmf" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.xbm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.xif" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.xpm" [HKEY_USERS\S-1-5-21-2211027839-4248864363-3108305393-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E67D0C84-D678-1911-5749-DDC78972ADEB}*] "madnljakmajoahikdjpfkffljc"=hex:6f,61,65,6c,6e,61,69,63,6f,6b,62,65,6a,69,67, 68,63,6f,6f,69,62,69,62,63,62,68,67,62,68,6b,00,6d [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2009-12-23 22:18:54 ComboFix-quarantined-files.txt 2009-12-23 21:18 Pre-Run: 7.171.117.056 bytes free Post-Run: 7.108.067.328 bytes free - - End Of File - - 24D9FAEBAB7A79E1CB585598A7A0034A

Profil

dr_Bora Poslao: 24 Dec 2009 00:20 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Moraćemo privremeno deaktivirati Deamon Tools, tj. virtuelne drive-ove pošto ometaju rad programa koje koristimo. Preuzmi DeFogger sa ovog linka na Desktop . Dvoklikom pokreni DeFogger; Pojaviće se MsgBox na kome ćeš kliknuti na taster Disable; Ponovo će se pojaviti MsgBox na kome ćeš kliknuti na Yes; Sačekaj da se procesuiranje programa DeFogger izvrši pa nastavi prema sledećem uputstvu. Napomena:Na kraju postupka ce biti potrebno ponovno pokretanje Windows-a. Ovim postupkom će biti deaktivirani CD/DVD emulatori i omogućen neometan rad programa koje koristimo. Nakon ovoga ponovi prvo Gmer skeniranje (Rootkit/Malware scan), sačuvaj i priloži log uz poruku korišćenjem opcije Prikači fajl.

Profil

spalekus Poslao: 24 Dec 2009 10:24 Idi na vrh
offline spalekus Građanin Pridružio: 07 Jun 2008 Poruke: 46	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

dr_Bora Poslao: 24 Dec 2009 18:31 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ovaj file na Desktop (desni klik na link pa Save as). Pokreni ga dvoklikom, a zatim klikni OK. Računar će se restartovati dva puta. Na kraju postupka upload-uj file C:\atapi.vir preko ovog linka: http://www.mycity.rs/ambulanta-upload.php

Profil

spalekus Poslao: 24 Dec 2009 18:42 Idi na vrh
offline spalekus Građanin Pridružio: 07 Jun 2008 Poruke: 46	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nešto nije u redu. File koji sam preuzeo je tekst u Notepadu. Da li sam pogrešio nešto?

Profil

dr_Bora Poslao: 24 Dec 2009 18:58 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Desni klik na link pa Save as, Save linked content as i sl.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Zarazen sajt i racunar

Ko je trenutno na forumu

Ukupno su 757 korisnika na forumu :: 11 registrovanih, 1 sakriven i 745 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 100ka, A.R.Chafee.Jr., bozo13, Dorcolac, hyla, Koridor, nick79, suton, uruk, voja64, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by