MyCity » Ambulanta -> Arhiva Ambulante » TR/ATRAPS.Gen2 virus

TR/ATRAPS.Gen2 virus

Napisano na dan: 4.6.2012

Strana:
1
2
3
4
5

TR/ATRAPS.Gen2 virus

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4
5

boksi Poslao: 05 Jun 2012 22:18 Idi na vrh
offline boksi Ugledni građanin Pridružio: 11 Jun 2008 Poruke: 474	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.05.06 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Boris :: BORIS-PC [administrator] Protection: Enabled 6/5/2012 10:05:38 PM mbam-log-2012-06-05 (22-05-38).txt Scan type: Quick scan Scan options enabled: Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken \| PUP \| PUM Scan options disabled: P2P Objects scanned: 187026 Time elapsed: 11 minute(s), 45 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\Windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\n (Rootkit.0Access) -> Quarantined and deleted successfully. C:\Windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\U\00000001.@ (Trojan.Small) -> Quarantined and deleted successfully. C:\Windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\U\80000000.@ (Trojan.Sirefef) -> Quarantined and deleted successfully. C:\Windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\U\800000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully. (end)

Profil

Sass Drake Poslao: 05 Jun 2012 22:20 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje sistema? Restartuj sistem i opet pokušaj da pokreneš ComboFix. Ako uspiješ, postavi izvještaj koji ćeš dobiti na kraju njegovog skeniranja.

Profil

boksi Poslao: 05 Jun 2012 22:37 Idi na vrh
offline boksi Ugledni građanin Pridružio: 11 Jun 2008 Poruke: 474	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Avira i Malwarebytes pokazuju da opet ima isti virus ovaj put combo pokusava ali me upozorava na ovo

Profil

Sass Drake Poslao: 05 Jun 2012 22:39 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Deaktiviraj ih. http://www.mycity.rs/Uputstva/Iskljucivanje-zastitnog-softvera.html

Profil

boksi Poslao: 05 Jun 2012 22:41 Idi na vrh
offline boksi Ugledni građanin Pridružio: 11 Jun 2008 Poruke: 474	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 05 Jun 2012 22:40 Sta mi pokazuje kad sam iskljucio zastitu? Dopuna: 05 Jun 2012 22:41 Posle deaktivacije mi je pokazao ovu poruku

Profil

Sass Drake Poslao: 05 Jun 2012 22:42 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	2Ovo se svidja korisnicima: TwinHeadedEagle, mcrule Registruj se da bi pohvalio/la poruku! Sudeći po tome, isključena im je zaštita. Pokreni sad ComboFix i postavi izvještaj.

Profil

boksi Poslao: 05 Jun 2012 23:16 Idi na vrh
offline boksi Ugledni građanin Pridružio: 11 Jun 2008 Poruke: 474	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 05 Jun 2012 23:06 ComboFix 12-06-05.03 - Boris 06/05/2012 22:46:02.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2037.1138 [GMT 2:00] Running from: c:\users\Boris\Desktop\ComboFix.exe AV: Avira Desktop Enabled/Updated {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop Enabled/Updated {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\system32\avisynth.dll c:\windows\system32\devil.dll . Infected copy of c:\windows\system32\services.exe was found and disinfected Restored copy from - c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe . . ((((((((((((((((((((((((( Files Created from 2012-05-05 to 2012-06-05 ))))))))))))))))))))))))))))))) . . 2012-06-05 19:58 . 2012-06-05 19:58 -------- d-----w- c:\users\Boris\AppData\Roaming\Malwarebytes 2012-06-05 19:58 . 2012-06-05 19:58 -------- d-----w- c:\programdata\Malwarebytes 2012-06-05 19:58 . 2012-06-05 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-05 19:58 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-05 18:44 . 2012-06-05 18:44 -------- d-----w- c:\users\Boris\AppData\Roaming\Avira 2012-06-05 18:37 . 2012-06-05 18:38 -------- d-----w- c:\program files\Ask.com 2012-06-05 18:37 . 2012-04-27 08:20 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-06-05 18:37 . 2012-04-24 22:32 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-06-05 18:37 . 2012-04-16 19:18 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-06-05 18:37 . 2012-06-05 18:38 -------- d-----w- c:\programdata\Avira 2012-06-05 18:37 . 2012-06-05 18:37 -------- d-----w- c:\program files\Avira 2012-06-05 12:24 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7097FFBE-9B29-4EC0-BB56-E47E6EEB3B1A}\mpengine.dll 2012-06-04 21:57 . 2012-06-04 21:57 -------- d--h--w- c:\programdata\Common Files 2012-06-04 21:56 . 2012-06-05 11:47 -------- d-----w- c:\programdata\AVG2012 2012-06-04 21:56 . 2012-06-05 08:38 -------- d-----w- C:\$AVG 2012-06-04 21:56 . 2012-06-04 21:56 -------- d-----w- c:\program files\AVG 2012-06-04 21:55 . 2012-06-05 08:38 -------- d-----w- c:\programdata\MFAData 2012-06-03 18:58 . 2005-07-14 10:31 32256 ----a-w- c:\windows\system32\AVSredirect.dll 2012-06-03 18:58 . 2004-01-24 22:00 70656 ----a-w- c:\windows\system32\i420vfw.dll 2012-06-03 18:58 . 2012-06-03 18:58 -------- d-----w- c:\program files\AviSynth 2.5 2012-05-28 08:58 . 2012-06-05 20:52 -------- d-----w- c:\users\Boris\AppData\Roaming\uTorrent 2012-05-14 06:45 . 2012-05-14 06:45 685816 ----a-w- c:\windows\system32\drivers\sptd.sys 2012-05-09 05:05 . 2012-03-30 10:29 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 05:05 . 2012-04-02 04:40 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 05:05 . 2012-04-02 04:41 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-09 05:05 . 2012-04-02 04:40 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-09 05:05 . 2012-04-02 04:40 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-09 05:05 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 05:04 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-09 05:04 . 2012-04-02 02:43 2342400 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 05:04 . 2012-03-17 07:20 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 05:04 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\system32\DWrite.dll 2012-05-09 05:04 . 2012-03-03 05:40 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-05-09 05:04 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2012-05-09 05:04 . 2012-03-03 05:40 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-05-09 05:04 . 2012-03-03 05:40 161792 ----a-w- c:\windows\system32\d3d10_1.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-05 20:56 . 2012-04-21 17:43 16608 ----a-w- c:\windows\gdrv.sys 2012-06-04 20:22 . 2012-04-29 12:17 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-04 20:22 . 2012-04-21 18:05 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-21 22:23 . 2011-03-28 16:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-04-21 19:49 . 2012-04-21 19:49 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-04-21 19:49 . 2012-04-21 19:49 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-04-21 19:49 . 2012-04-21 19:49 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-04-21 19:49 . 2012-04-21 19:49 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-04-21 19:49 . 2012-04-21 19:49 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-04-21 19:49 . 2012-04-21 19:49 161792 ----a-w- c:\windows\system32\msls31.dll 2012-04-21 19:49 . 2012-04-21 19:49 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-04-21 19:49 . 2012-04-21 19:49 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-04-21 19:49 . 2012-04-21 19:49 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-04-21 19:49 . 2012-04-21 19:49 367104 ----a-w- c:\windows\system32\html.iec 2012-04-21 19:49 . 2012-04-21 19:49 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-04-21 19:49 . 2012-04-21 19:49 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-04-21 19:49 . 2012-04-21 19:49 152064 ----a-w- c:\windows\system32\wextract.exe 2012-04-21 19:49 . 2012-04-21 19:49 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-04-21 19:49 . 2012-04-21 19:49 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-04-21 19:49 . 2012-04-21 19:49 11776 ----a-w- c:\windows\system32\mshta.exe 2012-04-21 19:49 . 2012-04-21 19:49 101888 ----a-w- c:\windows\system32\admparse.dll 2012-04-21 19:48 . 2012-04-21 19:48 801792 ----a-w- c:\windows\system32\FntCache.dll 2012-04-21 19:48 . 2012-04-21 19:48 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2012-04-21 19:48 . 2012-04-21 19:48 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2012-04-21 19:48 . 2012-04-21 19:48 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2012-04-21 19:48 . 2012-04-21 19:48 3181568 ----a-w- c:\windows\system32\mf.dll 2012-04-21 19:48 . 2012-04-21 19:48 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2012-04-21 18:01 . 2012-04-21 18:01 505128 ----a-w- c:\windows\system32\msvcp71.dll 2012-04-21 18:01 . 2012-04-21 18:01 29480 ----a-w- c:\windows\system32\msxml3a.dll 2012-04-21 18:01 . 2012-04-21 17:59 353576 ----a-w- c:\windows\system32\msvcr71.dll 2012-04-21 17:47 . 2012-04-21 17:47 319456 ----a-w- c:\windows\DIFxAPI.dll 2012-03-08 16:37 . 2012-03-08 16:37 302448 ----a-w- c:\windows\WLXPGSS.SCR 2012-04-21 01:19 . 2012-04-24 17:58 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2006-05-03 10:06 163328 --sha-r- c:\windows\System32\flvDX.dll 2007-02-21 11:47 31232 --sha-r- c:\windows\System32\msfDX.dll 2008-03-16 13:30 216064 --sha-r- c:\windows\System32\nbDX.dll 2010-01-06 22:00 107520 --sha-r- c:\windows\System32\TAKDSDecoder.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-18 1519272] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2012-04-18 09:56 1519272 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-18 1519272] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="d:\utorrent\uTorrent.exe" [2012-06-05 888720] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-13 6711840] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-13 1833504] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336] "BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-03-13 75048] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552] "VMonitorVMUVC"="c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe" [2008-08-29 143360] "ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-04-18 1557160] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-4-21 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2012-05-03 06:36 17355912 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2012-06-05 20:21 888720 ----a-w- d:\utorrent\uTorrent.exe . R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-05-14 685816] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-04-21 116648] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-04-05 158856] R3 01AEAFEE;01AEAFEE;c:\windows\system32\01AEAFEE.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 257696] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-04-21 116648] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976] R4 Pciiitcnt;Pciiitcnt; [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000] S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/04/21 20:02];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 87536] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224] S2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-01 465360] S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2008-12-24 68136] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-04-09 3063968] S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys [2008-08-29 256512] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2008-07-01 398720] . . Contents of the 'Scheduled Tasks' folder . 2012-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 20:22] . 2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-04-21 20:52] . 2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-04-21 20:52] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_RS IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll TCP: DhcpNameServer = 89.216.1.40 89.216.1.50 FF - ProfilePath - c:\users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\tq1etcya.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_RS FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10401&locale=en_RS&apn_uid=b2c9abe9-2dbf-48a7-a321-adfe18da98d4&apn_ptnrs=%5EABZ&apn_sauid=D0D415B5-C9D9-47F7-B2FF-C3C851FCA090&apn_dtid=%5EYYYYYY%5EYY%5ERS&&q= . - - - - ORPHANS REMOVED - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) MSConfigStartUp-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.032" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.abr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ani" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.apd" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.arw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bay" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bmp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cr2" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.crw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cs1" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cur" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcx" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dib" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djv" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djvu" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dng" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.emf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.eps" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.erf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fff" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fpx" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.gif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.hdr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icl" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icn" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (S-1-5-21-2103478201-806380249-2024604306-1000) @Denied: (2) (LocalSystem) "Progid"="Winamp.File.iff" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ilbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.int" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.inta" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.iw4" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2c" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2k" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jbr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jfif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jp2" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpc" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpe" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpeg" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (S-1-5-21-2103478201-806380249-2024604306-1000) @Denied: (2) (LocalSystem) "Progid"="Applications\\OIS.EXE" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpk" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpx" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.kdc" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.lbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mef" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mos" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mrw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nef" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nrw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.orf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcd" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pct" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcx" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pef" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pgm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pic" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pict" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pix" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.png" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ppm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psd" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspbrush" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspimage" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.raf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ras" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (S-1-5-21-2103478201-806380249-2024604306-1000) @Denied: (2) (LocalSystem) "Progid"="Winamp.File.raw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgb" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgba" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rle" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rsb" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rw2" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rwl" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sgi" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sr2" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.srf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tga" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.thm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tiff" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttc" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30po" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30pp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30ppf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbmp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wmf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xmp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xpm" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\taskhost.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\conhost.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Completion time: 2012-06-05 23:02:04 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-05 21:02 . Pre-Run: 3,384,946,688 bytes free Post-Run: 3,420,659,712 bytes free . - - End Of File - - F7F7F50E4F1F5AA36E43A95EFBF4573D Dopuna: 05 Jun 2012 23:12 Kako da resim ovo svaki put se ponavlja posle restarta Dopuna: 05 Jun 2012 23:16

Profil

Sass Drake Poslao: 05 Jun 2012 23:42 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Korak 1 Otvoriti Notepad i iskopirati sledeći tekst: `Folder:: C:\Windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07} File:: c:\windows\system32\01AEAFEE.exe Driver:: 01AEAFEE Pciiitcnt RegLock:: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledećoj poruci log koji bude bio napravljen na kraju čišćenja/skeniranja. Korak 2 Spakuj u ZIP, RAR ili 7Z arhivu sljedeći folder: C:\Qoobox\Quarantine i pošalji ga preko sljedećeg linka: http://www.mycity.rs/ambulanta-upload.php

Profil

boksi Poslao: 06 Jun 2012 00:20 Idi na vrh
offline boksi Ugledni građanin Pridružio: 11 Jun 2008 Poruke: 474	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 06 Jun 2012 0:17 ComboFix 12-06-05.03 - Boris 06/05/2012 23:53:34.2.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2037.1341 [GMT 2:00] Running from: c:\users\Boris\Desktop\ComboFix.exe Command switches used :: c:\users\Boris\Desktop\CFScript.txt AV: Avira Desktop Disabled/Updated {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop Disabled/Updated {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\system32\01AEAFEE.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07} c:\windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\@ c:\windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\U\00000001.@ c:\windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\U\80000000.@ c:\windows\Installer\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\U\800000cb.@ . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_01AEAFEE -------\Service_Pciiitcnt . . ((((((((((((((((((((((((( Files Created from 2012-05-05 to 2012-06-05 ))))))))))))))))))))))))))))))) . . 2012-06-05 22:03 . 2012-06-05 22:06 -------- d-----w- c:\users\Boris\AppData\Local\temp 2012-06-05 19:58 . 2012-06-05 19:58 -------- d-----w- c:\users\Boris\AppData\Roaming\Malwarebytes 2012-06-05 19:58 . 2012-06-05 19:58 -------- d-----w- c:\programdata\Malwarebytes 2012-06-05 19:58 . 2012-06-05 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-05 19:58 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-05 18:44 . 2012-06-05 18:44 -------- d-----w- c:\users\Boris\AppData\Roaming\Avira 2012-06-05 18:37 . 2012-06-05 18:38 -------- d-----w- c:\program files\Ask.com 2012-06-05 18:37 . 2012-04-27 08:20 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-06-05 18:37 . 2012-04-24 22:32 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-06-05 18:37 . 2012-04-16 19:18 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-06-05 18:37 . 2012-06-05 18:38 -------- d-----w- c:\programdata\Avira 2012-06-05 18:37 . 2012-06-05 18:37 -------- d-----w- c:\program files\Avira 2012-06-05 12:24 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7097FFBE-9B29-4EC0-BB56-E47E6EEB3B1A}\mpengine.dll 2012-06-04 21:57 . 2012-06-04 21:57 -------- d--h--w- c:\programdata\Common Files 2012-06-04 21:56 . 2012-06-05 11:47 -------- d-----w- c:\programdata\AVG2012 2012-06-04 21:56 . 2012-06-05 08:38 -------- d-----w- C:\$AVG 2012-06-04 21:56 . 2012-06-04 21:56 -------- d-----w- c:\program files\AVG 2012-06-04 21:55 . 2012-06-05 08:38 -------- d-----w- c:\programdata\MFAData 2012-06-03 18:58 . 2005-07-14 10:31 32256 ----a-w- c:\windows\system32\AVSredirect.dll 2012-06-03 18:58 . 2004-01-24 22:00 70656 ----a-w- c:\windows\system32\i420vfw.dll 2012-06-03 18:58 . 2012-06-03 18:58 -------- d-----w- c:\program files\AviSynth 2.5 2012-05-28 08:58 . 2012-06-05 22:00 -------- d-----w- c:\users\Boris\AppData\Roaming\uTorrent 2012-05-14 06:45 . 2012-05-14 06:45 685816 ----a-w- c:\windows\system32\drivers\sptd.sys 2012-05-09 05:05 . 2012-03-30 10:29 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 05:05 . 2012-04-02 04:40 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 05:05 . 2012-04-02 04:41 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-09 05:05 . 2012-04-02 04:40 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-09 05:05 . 2012-04-02 04:40 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-09 05:05 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 05:04 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-09 05:04 . 2012-04-02 02:43 2342400 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 05:04 . 2012-03-17 07:20 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 05:04 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\system32\DWrite.dll 2012-05-09 05:04 . 2012-03-03 05:40 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-05-09 05:04 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2012-05-09 05:04 . 2012-03-03 05:40 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-05-09 05:04 . 2012-03-03 05:40 161792 ----a-w- c:\windows\system32\d3d10_1.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-05 22:04 . 2012-04-21 17:43 16608 ----a-w- c:\windows\gdrv.sys 2012-06-04 20:22 . 2012-04-29 12:17 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-04 20:22 . 2012-04-21 18:05 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-21 22:23 . 2011-03-28 16:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-04-21 19:49 . 2012-04-21 19:49 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-04-21 19:49 . 2012-04-21 19:49 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-04-21 19:49 . 2012-04-21 19:49 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-04-21 19:49 . 2012-04-21 19:49 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-04-21 19:49 . 2012-04-21 19:49 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-04-21 19:49 . 2012-04-21 19:49 161792 ----a-w- c:\windows\system32\msls31.dll 2012-04-21 19:49 . 2012-04-21 19:49 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-04-21 19:49 . 2012-04-21 19:49 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-04-21 19:49 . 2012-04-21 19:49 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-04-21 19:49 . 2012-04-21 19:49 367104 ----a-w- c:\windows\system32\html.iec 2012-04-21 19:49 . 2012-04-21 19:49 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-04-21 19:49 . 2012-04-21 19:49 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-04-21 19:49 . 2012-04-21 19:49 152064 ----a-w- c:\windows\system32\wextract.exe 2012-04-21 19:49 . 2012-04-21 19:49 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-04-21 19:49 . 2012-04-21 19:49 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-04-21 19:49 . 2012-04-21 19:49 11776 ----a-w- c:\windows\system32\mshta.exe 2012-04-21 19:49 . 2012-04-21 19:49 101888 ----a-w- c:\windows\system32\admparse.dll 2012-04-21 19:48 . 2012-04-21 19:48 801792 ----a-w- c:\windows\system32\FntCache.dll 2012-04-21 19:48 . 2012-04-21 19:48 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2012-04-21 19:48 . 2012-04-21 19:48 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2012-04-21 19:48 . 2012-04-21 19:48 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2012-04-21 19:48 . 2012-04-21 19:48 3181568 ----a-w- c:\windows\system32\mf.dll 2012-04-21 19:48 . 2012-04-21 19:48 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2012-04-21 18:01 . 2012-04-21 18:01 505128 ----a-w- c:\windows\system32\msvcp71.dll 2012-04-21 18:01 . 2012-04-21 18:01 29480 ----a-w- c:\windows\system32\msxml3a.dll 2012-04-21 18:01 . 2012-04-21 17:59 353576 ----a-w- c:\windows\system32\msvcr71.dll 2012-04-21 17:47 . 2012-04-21 17:47 319456 ----a-w- c:\windows\DIFxAPI.dll 2012-03-08 16:37 . 2012-03-08 16:37 302448 ----a-w- c:\windows\WLXPGSS.SCR 2012-04-21 01:19 . 2012-04-24 17:58 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2006-05-03 10:06 163328 --sha-r- c:\windows\System32\flvDX.dll 2007-02-21 11:47 31232 --sha-r- c:\windows\System32\msfDX.dll 2008-03-16 13:30 216064 --sha-r- c:\windows\System32\nbDX.dll 2010-01-06 22:00 107520 --sha-r- c:\windows\System32\TAKDSDecoder.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-18 1519272] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2012-04-18 09:56 1519272 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-18 1519272] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="d:\utorrent\uTorrent.exe" [2012-06-05 888720] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-13 6711840] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-13 1833504] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336] "BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-03-13 75048] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552] "VMonitorVMUVC"="c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe" [2008-08-29 143360] "ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-04-18 1557160] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-4-21 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2012-05-03 06:36 17355912 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2012-06-05 20:21 888720 ----a-w- d:\utorrent\uTorrent.exe . R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-05-14 685816] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-04-21 116648] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-04-05 158856] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 257696] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-04-21 116648] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000] S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/04/21 20:02];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 87536] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224] S2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-01 465360] S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2008-12-24 68136] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-04-09 3063968] S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys [2008-08-29 256512] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2008-07-01 398720] . . Contents of the 'Scheduled Tasks' folder . 2012-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 20:22] . 2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-04-21 20:52] . 2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-04-21 20:52] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_RS IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll TCP: DhcpNameServer = 89.216.1.40 89.216.1.50 FF - ProfilePath - c:\users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\tq1etcya.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.rts.rs/ FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10401&locale=en_RS&apn_uid=b2c9abe9-2dbf-48a7-a321-adfe18da98d4&apn_ptnrs=%5EABZ&apn_sauid=D0D415B5-C9D9-47F7-B2FF-C3C851FCA090&apn_dtid=%5EYYYYYY%5EYY%5ERS&&q= . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.032" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.abr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ani" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.apd" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.arw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bay" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bmp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cr2" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.crw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cs1" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cur" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcx" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dib" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djv" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djvu" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dng" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.emf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.eps" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.erf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fff" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fpx" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.gif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.hdr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icl" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icn" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (S-1-5-21-2103478201-806380249-2024604306-1000) @Denied: (2) (LocalSystem) "Progid"="Winamp.File.iff" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ilbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.int" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.inta" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.iw4" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2c" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2k" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jbr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jfif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jp2" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpc" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpe" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpeg" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (S-1-5-21-2103478201-806380249-2024604306-1000) @Denied: (2) (LocalSystem) "Progid"="Applications\\OIS.EXE" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpk" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpx" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.kdc" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.lbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mef" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mos" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mrw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nef" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nrw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.orf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbr" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcd" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pct" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcx" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pef" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pgm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pic" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pict" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pix" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.png" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ppm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psd" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspbrush" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspimage" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.raf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ras" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (S-1-5-21-2103478201-806380249-2024604306-1000) @Denied: (2) (LocalSystem) "Progid"="Winamp.File.raw" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgb" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgba" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rle" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rsb" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rw2" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rwl" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sgi" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sr2" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.srf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tga" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.thm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tiff" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttc" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30po" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30pp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30ppf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbmp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wmf" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xbm" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xif" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xmp" . [HKEY_USERS\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xpm" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\taskhost.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\conhost.exe c:\windows\system32\conhost.exe . ************************************************************************** . Completion time: 2012-06-06 00:14:08 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-05 22:14 ComboFix2.txt 2012-06-05 21:02 . Pre-Run: 3,423,444,992 bytes free Post-Run: 3,617,767,424 bytes free . - - End Of File - - DA215F7422BA6664C81877BCFFFE4BE8 Dopuna: 06 Jun 2012 0:20 Uplodovano

Profil

Sass Drake Poslao: 06 Jun 2012 00:36 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sljedeći tekst: `DeQuarantine:: C:\Qoobox\Quarantine\c\windows\system32\avisynth.dll.vir C:\Qoobox\Quarantine\c\windows\system32\devil.dll.vir Quit::` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sljedećoj poruci log koji bude bio napravljen na kraju čišćenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » TR/ATRAPS.Gen2 virus

Ko je trenutno na forumu

Ukupno su 1142 korisnika na forumu :: 45 registrovanih, 7 sakrivenih i 1090 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ajo baba, anta, cavatina, CikaKURE, Dimitrise93, Djokislav, DonRumataEstorski, Duh sa sekirom, dushan, FOX, Griffon vulture, HogarStrashni, ikan, Krvava Devetka, kubura91, kybonacci, laurusri, Marko Marković, mercedesamg, Mercury, Milenaaa, Milos ZA, MiroslavD, Mixelotti, Mlav, Motocar, nemkea71, nenad81, ObelixSRB, opt1, repac, Shinobi, Srle993, stalja, stegonosa, suton, Trpe Grozni, Tvrtko I, Vlad000, vladaa012, vladetije, Vladko, wizzardone, wolverined4, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by