Combofix logu. - ReadBull.net

19-09-2019, 12:31:44

#1
MI6

Açık Profil bilgileri

Özel Mesaj Gönder

MI6 tarafından gönderilen tüm mesajları bul

MI6'ı arkadaş olarak ekle

Kayıtlı Üye
loguma bakar mısınız.

ComboFix 13-04-15.01 - sistem 16.04.2013 12:15:52.2.4 - x64
Microsoft Windows 7 Home Basic 6.1.7601.1.1254.90.1055.18.6051.4540 [GMT 3:00]
Running from: d:indirilenlerComboFix_2.exe
SP: Windows Defender *Enabled/Updated*
* Created a new restore point
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:dfinstall.log
c:userssistemAppDataLocal.#
c:userssistemAppDataLocal.#[email protected]@272050.# ##
c:userssistemAppDataLocal.#[email protected]@272060.# ##
c:userssistemAppDataLocal.#[email protected]@2720A0.# ##
c:userssistemAppDataLocal.#[email protected]@2720B0.# ##
c:userssistemAppDataLocal.#[email protected]@3D2050.## #
c:userssistemAppDataLocal.#[email protected]@3D2060.## #
c:userssistemAppDataLocal.#[email protected]@3D20A0.## #
c:userssistemAppDataLocal.#[email protected]@3D20B0.## #
.
.
((((((((((((((((((((((((( Files Created from 2013-03-16 to 2013-04-16 )))))))))))))))))))))))))))))))
.
.
2013-04-16 09:12 . 2013-04-16 09:12 9310 ----a-w- crogramdataMicrosoftIdentityCRLproductionte mpwlidui_WLIDSVCTEXTBOX.JS
2013-04-16 07:04 . 2013-04-16 07:04 16336550 ------w- C:Persi0.sys
2013-04-16 06:50 . 2008-07-30 06:26 27392 ------w- c:windowsSysWow64driversShieldmNt.sys
2013-04-16 06:50 . 2013-04-16 06:50 -------- d-----w- crogram filesShield
2013-04-16 06:23 . 2013-04-16 06:23 -------- d-----w- c:userssistemAppDataRoamingLolClient
2013-04-15 17:58 . 2013-04-15 17:58 -------- d-----w- c:userssistemAppDataRoamingUnity
2013-04-15 17:56 . 2013-04-15 17:56 -------- d-----w- c:userssistemAppDataLocalUnity
2013-04-14 14:22 . 2013-04-14 14:22 -------- d-----w- crogram files (x86)Common FilesSkype
2013-04-11 19:18 . 2013-04-11 19:18 -------- d-----w- crogram files (x86)Drive Vaccine
2013-04-11 18:53 . 2013-03-19 02:50 9311288 ----a-w- crogramdataMicrosoftWindows DefenderDefinition Updates\mpengine.dll
2013-04-11 18:41 . 2013-04-01 16:58 72702784 ----a-w- c:windowssystem32MRT.exe
2013-04-11 18:05 . 2012-12-16 17:11 46080 ----a-w- c:windowssystem32atmlib.dll
2013-04-11 18:05 . 2012-12-16 14:45 367616 ----a-w- c:windowssystem32atmfd.dll
2013-04-11 18:05 . 2012-12-16 14:13 295424 ----a-w- c:windowsSysWow64atmfd.dll
2013-04-11 18:05 . 2012-12-16 14:13 34304 ----a-w- c:windowsSysWow64atmlib.dll
2013-04-11 18:05 . 2010-09-30 10:41 100864 ----a-w- c:windowssystem32fontsub.dll
2013-04-11 18:05 . 2010-09-30 06:47 70656 ----a-w- c:windowsSysWow64fontsub.dll
2013-04-11 17:59 . 2013-04-11 17:59 -------- d-----w- crogram filesMicrosoft Silverlight
2013-04-11 17:59 . 2013-04-11 17:59 -------- d-----w- crogram files (x86)Microsoft Silverlight
2013-04-11 17:56 . 2012-03-01 06:46 23408 ----a-w- c:windowssystem32driversfs_rec.sys
2013-04-11 17:56 . 2012-03-01 06:33 81408 ----a-w- c:windowssystem32imagehlp.dll
2013-04-11 17:56 . 2012-03-01 06:28 5120 ----a-w- c:windowssystem32wmi.dll
2013-04-11 17:56 . 2012-03-01 05:33 159232 ----a-w- c:windowsSysWow64imagehlp.dll
2013-04-11 17:56 . 2012-03-01 05:29 5120 ----a-w- c:windowsSysWow64wmi.dll
2013-04-11 17:50 . 2012-11-09 05:45 2048 ----a-w- c:windowssystem32tzres.dll
2013-04-11 17:50 . 2012-11-09 04:42 2048 ----a-w- c:windowsSysWow64tzres.dll
2013-04-11 17:45 . 2012-08-11 00:56 715776 ----a-w- c:windowssystem32kerberos.dll
2013-04-11 17:41 . 2012-06-02 05:41 184320 ----a-w- c:windowssystem32cryptsvc.dll
2013-04-11 17:41 . 2012-06-02 05:41 140288 ----a-w- c:windowssystem32cryptnet.dll
2013-04-11 17:41 . 2012-06-02 05:41 1464320 ----a-w- c:windowssystem32crypt32.dll
2013-04-11 17:41 . 2012-06-02 04:36 140288 ----a-w- c:windowsSysWow64cryptsvc.dll
2013-04-11 17:41 . 2012-06-02 04:36 1159680 ----a-w- c:windowsSysWow64crypt32.dll
2013-04-11 17:41 . 2012-06-02 04:36 103936 ----a-w- c:windowsSysWow64cryptnet.dll
2013-04-11 17:39 . 2013-03-19 06:04 5550424 ----a-w- c:windowssystem32ntoskrnl.exe
2013-04-11 17:39 . 2013-03-19 05:04 3968856 ----a-w- c:windowsSysWow64ntkrnlpa.exe
2013-04-11 17:39 . 2013-03-19 05:46 43520 ----a-w- c:windowssystem32csrsrv.dll
2013-04-11 17:39 . 2013-03-19 05:04 3913560 ----a-w- c:windowsSysWow64ntoskrnl.exe
2013-04-11 17:39 . 2013-03-19 04:47 6656 ----a-w- c:windowsSysWow64apisetschema.dll
2013-04-11 17:39 . 2013-03-19 03:06 112640 ----a-w- c:windowssystem32smss.exe
2013-03-30 15:45 . 2012-11-08 08:25 109112 ------w- c:windowssystem32driversShield.sys
2013-03-30 15:42 . 2011-07-01 02:46 31232 ----a-w- c:windowssystem32driverstap0901.sys
2013-03-30 15:42 . 2013-03-30 15:44 -------- d-----w- crogram filesSecurityKISS Tunnel
2013-03-30 12:28 . 2013-03-30 12:28 348160 ----a-w- c:windowsSysWow64msvcr71.dll
2013-03-30 12:14 . 2013-03-30 12:15 -------- d-----w- crogram files (x86)OscarX7H
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2013-03-30 13:33 . 2012-09-15 16:18 73432 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl
2013-03-30 13:33 . 2012-09-15 16:18 693976 ----a-w- c:windowsSysWow64FlashPlayerApp.exe
2013-03-30 12:29 . 2013-01-17 09:54 56072 ----a-w- c:windowssystem32certsentry.dll
2013-03-30 12:29 . 2013-01-17 09:54 47368 ----a-w- c:windowsSysWow64certsentry.dll
2013-03-11 22:10 . 2010-11-21 03:27 282744 ------w- c:windowssystem32MpSigStub.exe
2013-02-09 11:04 . 2013-02-09 11:04 466456 ----a-w- c:windowssystem32wrap_oal.dll
2013-02-09 11:04 . 2013-02-09 11:04 444952 ----a-w- c:windowsSysWow64wrap_oal.dll
2013-02-09 11:04 . 2013-02-09 11:04 122904 ----a-w- c:windowssystem32OpenAL32.dll
2013-02-09 11:04 . 2013-02-09 11:04 109080 ----a-w- c:windowsSysWow64OpenAL32.dll
2013-02-08 10:23 . 2013-01-09 16:02 281688 ----a-w- c:windowsSysWow64PnkBstrB.xtr
2013-02-07 09:23 . 2012-09-22 16:51 281688 ----a-w- c:windowsSysWow64PnkBstrB.ex0
2013-01-20 18:41 . 2013-01-20 18:41 40960 ----a-w- c:windowsSysWow64nwsftUninstall.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoft windowscurrentversionexplorershelliconoverlayid entifiersIDM Shell Extension]
@=""
[HKEY_CLASSES_ROOTCLSID]
2012-11-15 23:07 21904 ----a-w- crogram files (x86)Internet Download ManagerIDMShellExt.dll
.
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurre ntVersionRun]
"uTorrent"="d:utorrentuTorrent.exe" [2012-09-15 896912]
"IDMan"="crogram files (x86)Internet Download ManagerIDMan.exe" [2012-10-26 3540416]
"DAEMON Tools Lite"="d:daemon tools liteDTLite.exe" [2010-04-01 357696]
"Integrated Driver"="c:userssistemAppDataRoamingTeraCopy wlnlog.exe" [2013-01-24 5942272]
"Sidebar"="crogram filesWindows Sidebarsidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft WindowsCurrentVersionRun]
"NUSB3MON"="crogram files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe" [2010-11-17 113288]
"USB Security"="crogram files (x86)USB Disk SecurityUSBGuard.exe" [2013-01-02 658632]
"Adobe ARM"="crogram files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurr entversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyDfLogon]
2004-08-08 12:19 49152 ----a-w- c:windowsSystem32LogonDll.dll
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoft windows ntcurrentversionwindows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:windowsSysWOW64nvinit.dll
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoft windows ntcurrentversiondrivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontro lsession manager]
BootExecute REG_MULTI_SZ autocheck autochk /k:C /k *
.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetContro lSafeBootMinimalDFServ]
@="Service"
.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetContro lSafeBootMinimalWdf01000.sys]
@="Driver"
.
R1 ShieldMF;ShieldMF;crogram files (x86)ShieldShieldMf.sys [x]
R2 SkypeUpdate;Skype Updater;crogram files (x86)SkypeUpdaterUpdater.exe [2013-02-28 161384]
R3 afcdp;afcdp;c:windowssystem32DRIVERSafcdp.sys [2012-10-06 367200]
R3 EagleX64;EagleX64;c:windowssystem32driversEagl eX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;d:garena plusRoomsafedrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsus bflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:windowssystem32driversTsUsbGD.sys [2010-11-21 31232]
R3 WinRing0_1_2_0;WinRing0_1_2_0;crogram files (x86)IObitGame Booster 3DriverWinRing0x64.sys [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;crogram files (x86)Common FilesAcronisCDPafcdpsrv.exe [2012-10-06 3696632]
R4 DragonUpdater;COMODO Dragon Update Service;d:comodoDragondragon_updater.exe [2013-03-28 2074768]
R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;crogram filesIntelWiFibinPanDhcpDns.exe [2010-12-17 340240]
R4 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpo ol2;crogram filesCommon FilesNitro PDFProfessional7.0NitroPDFDriverService2x64.exe [2012-05-16 216072]
R4 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64NLSSRV32.EXE [2012-05-16 69640]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;crogram files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2012-11-30 382824]
R4 syncagentsrv;Acronis Sync Agent Service;crogram files (x86)Common FilesAcronisSyncAgentsyncagentsrv.exe [2012-08-18 7017888]
R4 TeamViewer8;TeamViewer 8;crogram files (x86)TeamViewerVersion8TeamViewer_Service.exe [2012-11-22 3430824]
R4 VMUSBArbService;VMware USB Arbitration Service;crogram files (x86)Common FilesVMwareUSBvmware-usbarbitrator64.exe [2012-08-01 917656]
R4 VMwareHostd;VMware Workstation Server;crogram files (x86)VMwareVMware Workstationvmware-hostd.exe [2012-08-15 15680000]
S0 DeepFrz;DeepFrz; [x]
S0 DfDiskLow;DfDiskLow; [x]
S0 fltsrv;Acronis Storage Filter Management;c:windowssystem32DRIVERSfltsrv.sys [2012-10-05 155272]
S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpc iflt.sys [2012-12-03 30056]
S0 sptd;sptd;c:windowsSystem32Driverssptd.sys [2012-09-20 834544]
S0 tib_mounter;Acronis TIB Mounter;c:windowssystem32DRIVERStib_mounter.sy s [2012-10-05 1093256]
S0 vididr;Acronis Virtual Disk;c:windowssystem32DRIVERSvididr.sys [2012-10-05 228488]
S0 vidsflt;Acronis Disk Storage Filter;c:windowssystem32DRIVERSvidsflt.sys [2012-10-05 166024]
S0 vmci;VMware VMCI Bus Driver;c:windowssystem32DRIVERSvmci.sys [2012-07-06 85104]
S0 vsock;vSockets Driver;c:windowssystem32driversvsock.sys [2012-07-06 70256]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:windowssystem32DRIVERShssdrv6.sys [2012-08-01 41704]
S1 nvkflt;nvkflt;c:windowssystem32DRIVERSnvkflt.s ys [2012-12-03 284008]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework6 4v4.0.30319mscorsvw.exe [2010-03-18 138576]
S2 DFServ;DFServ;crogram files (x86)FaronicsDeep FreezeInstall C-0DFServ.exe [2012-09-04 1092096]
S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.s ys [2012-11-22 165112]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64driversvstor2-mntapi10-shared.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-12-10 181248]
S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2010-10-26 406632]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-16 c:windowsTasksAdobe Flash Player Updater.job
- c:windowsSysWOW64MacromedFlashFlashPlayerUpda teService.exe [2012-09-15 13:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurr entversionexplorershelliconoverlayidentifiersAc ronisSyncError]
@=""
[HKEY_CLASSES_ROOTCLSID]
2012-08-22 22:13 2732160 ----a-w- crogram files (x86)AcronisTrueImageHometishell64.dll
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurr entversionexplorershelliconoverlayidentifiersAc ronisSyncInProgress]
@=""
[HKEY_CLASSES_ROOTCLSID]
2012-08-22 22:13 2732160 ----a-w- crogram files (x86)AcronisTrueImageHometishell64.dll
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurr entversionexplorershelliconoverlayidentifiersAc ronisSyncOk]
@=""
[HKEY_CLASSES_ROOTCLSID]
2012-08-22 22:13 2732160 ----a-w- crogram files (x86)AcronisTrueImageHometishell64.dll
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurr entversionexplorershelliconoverlayidentifiersID M Shell Extension]
@=""
[HKEY_CLASSES_ROOTCLSID]
2012-11-15 23:07 23496 ----a-w- crogram files (x86)Internet Download ManagerIDMShellExt64.dll
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurr entVersionRun]
"IntelWireless"="crogram filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2010-12-17 1933584]
"Apoint"="crogram filesDellTPadApoint.exe" [2011-04-12 609144]
"IgfxTray"="c:windowssystem32igfxtray.exe" [2011-04-19 168216]
"HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-04-19 392472]
"Persistence"="c:windowssystem32igfxpers.ex e" [2011-04-19 416024]
"Windows Mobile Device Center"="c:windowsWindowsMobilewmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
"AppInit_DLLs"=c:windowsSystem32nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:windowssystem32blank.htm
uStart Page = hxxp://www.google.com.tr
mLocal Page = c:windowsSysWOW64blank.htm
IE: Butun linkleri IDM ile indir - crogram files (x86)Internet Download ManagerIEGetAll.htm
IE: IDM ile indir - crogram files (x86)Internet Download ManagerIEExt.htm
IE: Microsoft Excel'e Go&nder - crogra~2MICROS~1OFFICE11EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO- - (no file)
BHO- - (no file)
AddRemove-CoreAAC Audio Decoder - c:windowssystem32CoreAAC-uninstall.exe
AddRemove-Uplay - crogram files (x86)UbisoftUbisoft Game LauncherUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINESYSTEMControlSet003servicess hdbus]
"ImagePath"=multi:"SysWOW64DRIVERSShdbus.sys 0"
--
.
[HKEY_LOCAL_MACHINESYSTEMControlSet003servicesS hield]
"ImagePath"=multi:"SysWOW64DRIVERSShield.sys 0"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet003servicesS hieldf]
"ImagePath"=multi:"SysWOW64DRIVERSShieldf.sys0 "
.
[HKEY_LOCAL_MACHINESYSTEMControlSet003servicess hieldm]
"ImagePath"=multi:"SysWOW64DRIVERSShieldm.sys0 "
.
[HKEY_LOCAL_MACHINESYSTEMControlSet003servicess hdbus]
"ImagePath"=multi:"SysWOW64DRIVERSShdbus.sys 0"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet003servicesS hield]
"ImagePath"=multi:"SysWOW64DRIVERSShield.sys 0"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet003servicesS hieldf]
"ImagePath"=multi:"SysWOW64DRIVERSShieldf.sys0 "
.
[HKEY_LOCAL_MACHINESYSTEMControlSet003servicess hieldm]
"ImagePath"=multi:"SysWOW64DRIVERSShieldm.sys0 "
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.032UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.032"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.abrUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.abr"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.aniUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ani"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.apdUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.apd"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.arwUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.arw"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.bayUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.bay"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.bmpUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.bmp"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.bwUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.bw"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.cr2UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.cr2"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.crwUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.crw"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.cs1UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.cs1"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.curUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.cur"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.dcrUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.dcr"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.dcxUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.dcx"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.dibUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.dib"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.djvUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.djv"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.djvuUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.djvu"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.dngUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.dng"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.emfUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.emf"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.epsUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.eps"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.erfUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.erf"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.fffUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.fff"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.gifUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.gif"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.hdrUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.hdr"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.iclUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.icl"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.icnUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.icn"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.iffUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.iff"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.ilbmUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ilbm"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.intUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.int"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.intaUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.inta"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.iw4UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.iw4"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.j2cUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.j2c"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.j2kUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.j2k"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jbrUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jbr"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jfifUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jfif"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jifUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jif"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jp2UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jp2"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jpcUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jpc"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jpeUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jpe"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jpegUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jpeg"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jpgUserChoice]
@Denied: (2) (S-1-5-21-2807249642-141071359-686430031-1000)
@Denied: (2) (LocalSystem)
"Progid"="jpegfile"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jpkUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jpk"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.jpxUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jpx"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.kdcUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.kdc"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.lbmUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.lbm"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.mefUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.mef"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.mosUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.mos"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.mrwUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.mrw"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.nefUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.nef"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.nrwUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.nrw"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.orfUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.orf"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pbmUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pbm"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pbrUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pbr"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pcdUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pcd"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pctUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pct"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pcxUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pcx"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pefUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pef"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pgmUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pgm"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.picUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pic"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pictUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pict"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pngUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.png"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.ppmUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ppm"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.psdUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.psd"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pspUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.psp"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pspbrushUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pspbrush"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.pspimageUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pspimage"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.rafUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.raf"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.rasUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ras"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.rawUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.raw"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.rgbUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rgb"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.rgbaUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rgba"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.rleUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rle"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.rsbUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rsb"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.rw2UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rw2"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.rwlUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rwl"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.sgiUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.sgi"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.sr2UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.sr2"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.srfUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.srf"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.srwUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.srw"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.tgaUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.tga"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.thmUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.thm"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.tifUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.tif"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.tiffUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.tiff"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.ttcUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ttc"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.ttfUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ttf"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.v60poUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.v60po"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.v60ppUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.v60pp"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.v60ppfUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.v60ppf"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.wbmUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.wbm"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.wbmpUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.wbmp"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.wmfUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.wmf"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.xbmUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.xbm"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.xifUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.xif"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.xmpUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.xmp"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000SoftwareMicrosoftWindowsCurrentVersionExp lorerFileExts.xpmUserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.xpm"
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000_ClassesWow6432NodeCLSID]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000064
"Therad"=dword:00000016
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,3 5,6b ,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68 ,ee,21,46,8f,3c,f2,5c,68,
.
[HKEY_USERSS-1-5-21-2807249642-141071359-686430031-1000_ClassesWow6432NodeCLSID]
@Denied: (Full) (Everyone)
"scansk"=hex(0):2e,f8,e5,16,df,26,22,12,67,2b, bb,7 1,dc,b6,fc,f9,3e,4a,33,4d,30,
36,6a,0c,40,88,bd,b8,70,58,ca,90,c8,f2,de,d3,e7,34 ,1b,cc,00,00,00,00,00,00,
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\system32\Macrom e d\Flash\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID\LocalServer 32]
@="c:\Windows\system32\Macromed\Flash\FlashUt il64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID\TypeLib]
@=""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface\ProxySt ubClsid32]
@=""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface\TypeLib]
@=""
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\SysWOW64\Macrom e d\Flash\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\LocalServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\FlashUt il32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\TypeLib]
@=""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32 _11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32 _11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\TypeLib]
@=""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32 _11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash32 _11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\TypeLib]
@=""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCL SID\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeIn terface]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeIn terface\ProxyStubClsid32]
@=""
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeIn terface\TypeLib]
@=""
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREESETESET SecurityCurrentVersionInfo]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\ProgramData\ESET\ESET NOD32 Antivirus\"
"DataDir"="ESET\ESET NOD32 Antivirus\"
"EditionName"=" "
"InstallDir"="c:\Program Files\ESET\ESET NOD32 Antivirus\"
"LanguageId"=dword:0000041f
"PackageTag"=dword:00000000
"ProductBase"=dword:00000000
"ProductCode"=""
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.2.71.2"
"UniqueId"="00151F625053595A"
"ScannerBuild"=dword:00001dd3
"ScannerVersionId"=dword:000015fe
"ScannerVersion"="ready"
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,6 7,00 ,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00 ,5c,00,53,00,4f,00,46,00,
.
[HKEY_LOCAL_MACHINESYSTEMControlSet003ControlPC WSecurity]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-16 12:22:37
ComboFix-quarantined-files.txt 2013-04-16 09:22
ComboFix2.txt 2013-02-07 14:02
.
Pre-Run: 11.985.006.592 bayt boş
Post-Run: 12.237.860.864 bayt boş
.
- - End Of File - - 510369C4B8DDD839970ADDED46C9B95B
__________________