this is the combofix.txt from when i had run it afew days agow, so I need to run it again and send you the newest results?
------------
ComboFix 11-05-23.02 - ash 05/24/2011 4:25.1.4 - x64
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1253.30.1033.18.8190.2880 [GMT 3:00]
Running from: c:\users\ash\Desktop\ComboFix.exe
AV: ZoneAlarm Extreme Security Antivirus *Disabled/Updated* {E9467272-859A-F159-FA9E-55E7E32D7A25}
FW: ZoneAlarm Extreme Security Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Extreme Security Anti-Spyware *Disabled/Updated* {52279396-A3A0-FED7-C02E-6E9598AA3098}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\ErrLog.txt
c:\program files (x86)\INSTALL.LOG
c:\program files (x86)\UNWISE.EXE
c:\users\ash\AppData\Local\Asus.xrm-ms
c:\windows\ST6UNST.000
c:\windows\SysWow64\firefox.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_.norton2009Reset
.
.
((((((((((((((((((((((((( Files Created from 2011-04-24 to 2011-05-24 )))))))))))))))))))))))))))))))
.
.
2011-05-24 01:36 . 2011-05-24 01:36 -------- d-----w- c:\users\Thanos\AppData\Local\temp
2011-05-24 01:36 . 2011-05-24 01:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-24 01:36 . 2011-05-24 01:36 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-05-22 15:39 . 2011-05-22 15:39 -------- d-----w- c:\users\ash\AppData\Roaming\#ISW.FS#
2011-05-21 06:13 . 2011-05-18 09:37 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5C3FEF2-8078-4E78-ADB2-D0B2AD84A6B4}\mpengine.dll
2011-05-20 19:24 . 2011-05-20 19:24 -------- d-----w- c:\users\Thanos\AppData\Local\WLDM
2011-05-20 19:24 . 2011-05-20 19:24 -------- d-----w- c:\users\ash\AppData\Local\{1EA39A51-FDC8-41C3-82EC-AB658B6CF6F2}
2011-05-20 19:23 . 2011-05-20 19:23 -------- d-----w- c:\users\Thanos\AppData\Local\Mozilla
2011-05-20 19:23 . 2011-05-20 19:23 -------- d-----w- c:\users\Thanos\AppData\Roaming\CheckPoint
2011-05-20 19:23 . 2011-05-20 19:23 -------- d-----w- c:\users\Thanos\AppData\Roaming\MailFrontier
2011-05-20 19:23 . 2011-05-20 19:23 -------- d-----w- c:\users\Thanos\AppData\Local\Adobe
2011-05-20 19:23 . 2011-05-20 19:23 -------- d-----w- c:\users\Thanos\AppData\Roaming\Nero
2011-05-19 22:36 . 2011-05-19 22:36 -------- d-----w- c:\programdata\Kaspersky SDK
2011-05-19 22:31 . 2011-05-21 21:31 -------- d-----w- c:\users\ash\AppData\Roaming\MailFrontier
2011-05-19 21:13 . 2010-08-28 23:53 72704 ----a-w- c:\windows\zllsputility.exe
2011-05-19 21:12 . 2009-10-12 15:15 157712 ----a-w- c:\windows\system32\drivers\kl1.sys
2011-05-19 21:08 . 2010-08-28 23:53 69120 ----a-w- c:\windows\SysWow64\zlcomm.dll
2011-05-19 21:08 . 2010-08-28 23:53 103936 ----a-w- c:\windows\SysWow64\zlcommdb.dll
2011-05-19 21:06 . 2010-08-28 23:53 1238528 ----a-w- c:\windows\SysWow64\zpeng25.dll
2011-05-19 21:06 . 2011-05-19 21:06 -------- d-----w- c:\windows\system32\ZoneLabs
2011-05-19 21:06 . 2010-06-09 16:16 450648 ----a-w- c:\windows\SysWow64\drivers\vsdatant.sys
2011-05-19 05:45 . 2011-05-19 05:49 -------- d-----w- C:\xampp
2011-05-19 04:43 . 2011-05-19 04:43 -------- d-----w- c:\program files (x86)\ZoneAlarm_Security
2011-05-19 04:43 . 2011-05-19 04:43 -------- d-----w- c:\program files\CheckPoint
2011-05-19 04:41 . 2011-05-19 04:41 -------- d-----w- c:\program files (x86)\Zone Labs
2011-05-19 04:41 . 2010-06-09 16:16 450648 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2011-05-19 04:41 . 2011-05-19 04:41 -------- d-----w- c:\programdata\CheckPoint
2011-05-19 04:20 . 2011-05-19 04:20 -------- d-----w- c:\users\ash\AppData\Local\conduitEngine
2011-05-16 13:11 . 2011-05-16 13:12 -------- d-----w- c:\users\UpdatusUser
2011-05-11 08:35 . 2011-04-07 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-11 08:35 . 2011-04-07 12:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-04-27 21:13 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 21:13 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 21:13 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-27 21:13 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll
2011-04-27 21:13 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll
2011-04-27 21:13 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-21 05:13 . 2009-11-12 09:17 8892928 ----a-w- c:\programdata\atscie.msi
2011-05-18 14:50 . 2009-02-24 07:56 164880 ---ha-w- c:\users\ash\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2011-04-13 11:38 . 2010-06-24 08:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-08 05:14 . 2010-10-19 13:02 6299752 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-04-08 05:14 . 2010-10-19 13:02 2034280 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-04-08 05:14 . 2010-01-03 03:43 10071656 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-04-08 05:14 . 2008-09-17 21:55 12934248 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-04-08 05:14 . 2008-06-26 04:24 2273896 ----a-w- c:\windows\system32\nvapi64.dll
2011-04-07 20:19 . 2011-04-07 20:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 20:19 . 2011-04-07 20:19 797288 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 20:19 . 2011-04-07 20:19 1012328 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 20:19 . 2011-04-07 20:19 6338152 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 20:19 . 2011-04-07 20:19 3041384 ----a-w- c:\windows\system32\nvsvc64.dll
2011-03-16 06:57 . 2011-03-16 06:57 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-16 06:57 . 2011-03-16 06:57 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-16 06:57 . 2011-03-16 06:57 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-16 06:57 . 2011-03-16 06:57 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-16 06:57 . 2011-03-16 06:57 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-16 06:57 . 2011-03-16 06:57 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-16 06:57 . 2011-03-16 06:57 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-16 06:57 . 2011-03-16 06:57 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-16 06:57 . 2011-03-16 06:57 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-16 06:57 . 2011-03-16 06:57 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-16 06:57 . 2011-03-16 06:57 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-16 06:57 . 2011-03-16 06:57 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-16 06:57 . 2011-03-16 06:57 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-16 06:57 . 2011-03-16 06:57 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-16 06:57 . 2011-03-16 06:57 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-16 06:57 . 2011-03-16 06:57 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-16 06:57 . 2011-03-16 06:57 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-16 06:57 . 2011-03-16 06:57 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-16 06:57 . 2011-03-16 06:57 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-16 06:57 . 2011-03-16 06:57 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-16 06:57 . 2011-03-16 06:57 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-16 06:57 . 2011-03-16 06:57 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-16 06:57 . 2011-03-16 06:57 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-16 06:57 . 2011-03-16 06:57 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-16 06:57 . 2011-03-16 06:57 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-16 06:57 . 2011-03-16 06:57 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-16 06:57 . 2011-03-16 06:57 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-16 06:57 . 2011-03-16 06:57 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-16 06:57 . 2011-03-16 06:57 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-16 06:57 . 2011-03-16 06:57 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-16 06:57 . 2011-03-16 06:57 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-16 06:57 . 2011-03-16 06:57 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-16 06:57 . 2011-03-16 06:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-16 06:57 . 2011-03-16 06:57 448512 ----a-w- c:\windows\system32\html.iec
2011-03-16 06:57 . 2011-03-16 06:57 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-16 06:57 . 2011-03-16 06:57 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-16 06:57 . 2011-03-16 06:57 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-16 06:57 . 2011-03-16 06:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-16 06:57 . 2011-03-16 06:57 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-16 06:57 . 2011-03-16 06:57 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-16 06:57 . 2011-03-16 06:57 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-16 06:57 . 2011-03-16 06:57 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-10 17:18 . 2011-04-15 15:14 1360384 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:18 . 2011-04-15 15:14 1398784 ----a-w- c:\windows\system32\mfc42.dll
2011-03-10 17:03 . 2011-04-15 15:14 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-10 17:03 . 2011-04-15 15:14 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-03 16:02 . 2011-04-15 15:14 975872 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:59 . 2011-04-27 21:13 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2011-03-03 15:59 . 2011-04-27 21:13 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 15:59 . 2011-04-27 21:13 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2011-03-03 15:42 . 2011-04-15 15:14 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-03 15:40 . 2011-04-27 21:13 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 21:13 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 21:13 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 21:13 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:46 . 2011-04-15 15:14 2762240 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 16:12 . 2011-04-15 15:14 117760 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-24 16:38 . 2011-04-15 15:15 991104 ----a-w- c:\windows\system32\winresume.efi
2011-02-24 16:38 . 2011-04-15 15:15 979840 ----a-w- c:\windows\system32\winresume.exe
2011-02-24 16:37 . 2011-04-15 15:15 1076608 ----a-w- c:\windows\system32\winload.efi
2011-02-24 16:37 . 2011-04-15 15:15 1063296 ----a-w- c:\windows\system32\winload.exe
2011-02-24 16:37 . 2011-04-15 15:15 20864 ----a-w- c:\windows\system32\kdusb.dll
2011-02-24 16:37 . 2011-04-15 15:15 18816 ----a-w- c:\windows\system32\kd1394.dll
2011-02-24 16:37 . 2011-04-15 15:15 17792 ----a-w- c:\windows\system32\kdcom.dll
2010-06-13 16:10 . 2010-09-13 13:16 2734688 ----a-w- c:\program files (x86)\tbZyng.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files (x86)\Zynga\prxtbZyn0.dll" [2011-03-28 176936]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn2\YTNavAssist.dll" [2011-01-21 213816]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\Zynga\prxtbZyn0.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-10-18 10:26 3908192 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files (x86)\Zynga\prxtbZyn0.dll" [2011-03-28 176936]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"BitTorrent DNA"="c:\users\ash\Program Files (x86)\DNA\btdna.exe" [2009-11-12 323392]
"WindowsLivePhone"="c:\program files (x86)\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Opware15"="c:\program files (x86)\ScanSoft\OmniPage15.0\Opware15.exe" [2006-02-03 69632]
"PDF3 Registry Controller"="c:\program files (x86)\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe" [2005-08-25 106496]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Microsoft Pinyin IME Migration"="c:\progra~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2008-11-04 33128]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
"Acrobat Assistant 8.0"="j:\programs\Adobe_Acrobat_10\Acrobat\Acrotray.exe" [2010-10-25 821144]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"IME JPN 2007 Migration"="c:\progra~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE" [2009-02-14 63856]
"WindowsLivePhone"="c:\program files (x86)\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
"Adobe Acrobat Speed Launcher"="j:\programs\Adobe_Acrobat_10\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Korean IME Migration"="c:\progra~2\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE" [2006-10-26 26400]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-10-25 932288]
"RemoteControl10"="j:\programs\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-03-13 75048]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"ZoneAlarm Client"="c:\program files (x86)\Zone Labs\ZoneAlarm\zlclient.exe" [2010-08-28 1039360]
.
c:\users\ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EmEditor.lnk - c:\program files (x86)\EmEditor\emedtray.exe [2008-5-21 91280]
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2009-2-25 576000]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Register Mask Pro 3.0.lnk - [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-15 135664]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 BrlAPI;BrlAPI;c:\cygwin\bin\cygrunsrv.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-07-26 1038088]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-15 135664]
R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 vsdatant7;vsdatant7;c:\windows\system32\drivers\vsdatant.win7.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SI3112r;SiI-3112 SATARaid Controller;c:\windows\system32\DRIVERS\SI3112r.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/20 22:09];j:\programs\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 09:58 146928]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2010-10-18 20549]
S2 atashost;WebEx Service Host for Support Center;c:\windows\SysWOW64\atashost.exe [2009-03-06 20376]
S2 iprip;RIP Listener;c:\windows\System32\svchost.exe [2008-01-21 27648]
S2 ISWKL;ZoneAlarm ForceField ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2010-08-27 33008]
S2 IswSvc;ZoneAlarm ForceField IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2010-08-27 823272]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S3 icsak;icsak;c:\program files\CheckPoint\ZAForceField\AK\icsak.sys [2010-08-27 44784]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [x]
S3 PsxDrv;PsxDrv;c:\windows\system32\drivers\psxdrv.sys [x]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-15 07:11]
.
2011-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-15 07:11]
.
2011-05-24 c:\windows\Tasks\User_Feed_Synchronization-{217C160A-A253-44EF-BCDF-5CC166F24E45}.job
- c:\windows\system32\msfeedssync.exe [2011-03-16 06:57]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF23051.cfxxe" [X]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376]
"Microsoft Pinyin IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2008-10-24 60264]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2007-08-31 1553832]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1659816]
"IME JPN 2007 Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE" [2009-02-12 119664]
"Korean IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE" [2006-10-26 43808]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2008-08-21 380448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open with Scansoft PDF Converter 3.0 - c:\program files (x86)\ScanSoft\OmniPage15.0\PDFConverter3\IEShellExt.dll /100
FF - ProfilePath - c:\users\ash\AppData\Roaming\Mozilla\Firefox\Profiles\9telk2op.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm Security Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2645238&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=2&q=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
Wow6432Node-HKLM-Run-OpScheduler - c:\program files (x86)\ScanSoft\OmniPage15.0\OpScheduler.exe
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre6\bin\jusched.exe
Wow6432Node-HKLM-Run-NBKeyScan - c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - (no file)
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-YInstHelper - c:\windows\system32\regsvr32
AddRemove-{1cc5cdf4-97ef-43db-9d12-c4333932bdb7} - c:\program files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe
AddRemove-{2847cb6b-8b5b-4d1d-b809-bfb17c953605} - c:\program files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files (x86)\DivX\DivXPlayerUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\j:\programs\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.032"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.abr"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ani"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.arw"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bay"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bmp"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bw"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cr2"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.crw"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cs1"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cur"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcr"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcx"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dib"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djv"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djvu"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dng"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.emf"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.eps"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.erf"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fff"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fpx"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.gif"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.hdr"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icl"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icn"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iff"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ilbm"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.int"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.inta"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iw4"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2c"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2k"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jbr"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jfif"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jif"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jp2"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpc"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpe"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpeg"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpg"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpk"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpx"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.kdc"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.lbm"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mef"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mos"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mrw"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.nef"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.orf"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbm"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbr"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcd"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pct"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcx"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pef"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pgm"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pic"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pict"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pix"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.png"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ppm"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psp"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspbrush"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspimage"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raf"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ras"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raw"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgb"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgba"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rle"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rsb"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sgi"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sr2"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.srf"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tga"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.thm"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tif"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-372249081-3020970452-1992056640-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tiff"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttc"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttf"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbm"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbmp"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wmf"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xbm"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xif"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xpm"
.
[HKEY_USERS\S-1-5-21-372249081-3020970452-1992056640-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CF0BB237-E425-2C8D-FE37-1642F0F1C204}*]
"jafghoaeoklmcojcdpoc"=hex:6f,61,69,61,62,6a,70,65,61,62,68,67,70,6d,70,6b,6c,
6a,67,65,67,70,61,6a,62,63,6a,68,6e,70,00,04
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOPM02.00.00.01PRO"="E03A2AF0890C169A5ECC1D38DD6EC3C5384F008AD794D1D70E5438C88D9E4DEDC96F46E0FC36AF2954EA04FBFDD78FA734A0B94772281B0EE3D286C052D8E5A787998F1F05A20109ECE589BE88C86FD0D60B89A8E9AF5AEC2560AA230E84257C41708353CA754231DEB4E971CBF3E6D10CE4860B540F813E14D73A533AD68A8FACEDD3094BD4203EF79292E76C93EF60D74C7AA89830F56F87FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA9C6AECB7A5D1407A6171C11EC38DE3D569A8B3D8AF807ED6328B179F0EEA8861357F2B9DE6AEE57362401F1627D799190C52FB8F092AA29E70179437E2674799D4B16A6235EB034E6429576D0D98B20FEED97AB1EE4002C00D60D599576E14D3CE888BC24F57533AD29258D885D9D4373B9732EDEA394EE63AE819C36FB364E2431E8BF325DDC1661F6F401CA61C7D2050451B089F318FE08BF50BFE44A5DDFCE583ACA26332AB41DFCB26E5F3245BB0FD9A7F5736C60FEA97457CA296562F6784762C7D58A43FA3EC06B47100F777DB1004C14F81C65A34A6CD71B91C878A0231AABF822EA34E7E7FB94D12C2DDFAC4EEBFD757A0445B5ADFCF65DAE63F6F79421C57369CE2A8DFD9B05A607B328718D475CD9DB9740125A2C3F989395D43254E0411F1525F9162D41F6B4753E9C89D8726AD303C13A2B9DB59CA25AB5B212AF9215B80C511AB9E1438BBDD25E2BC161FD924A5D5EBD86090A60A79F8D50F4B9221DD2BCAA2549CE2A45D67F966A0298B1A0F7593F77BA6E4BC127035B95C8453015CF197B59A7E9348BE9DA5F10413707C46B6BA8B77866D1D7F529520A8D6D1222E996839ACBEED1A936CEA5F70BB72E93078AD37300CD2922BABB185EDB0DCE48ACAE75EEC2592A4F4B44482480D8880502B26DC32544110072E7C4E25E4824747ADFF702A96D951010A99BB6D59E2DF667E4976552AEFB396B5C688D50028273072A26A2B430A2E3BE72E6F7D2CE662795226639053592F5C94F047887E38D765C1510432B6C11A4649568D3D3F532BB3F74E345CD43AF4306F78E6168DA9E9655A9B7FA67B05812628C4ED94AE143BC6CE50C3052896391EB94712A6C9942CC23741506DA4EA1D06FD5BDBE39270118F5075048CCFAF0B81BE48AD8A393B7F74C8711C0865BC8669476CDD9399C059B8BEA157F8851CEF086ADAB17AF8276D927FA0D30033261C0B0728A2776DC1E7DB0A9B4686809AAD8F7B81C34C66323196364DBF9FAEFB0ACF456F3C731464FD53BDEFA3EE060E26F88D09420B2779D407FE442E9AEF9AE5FE6AFFEFCBEFE4E9F552AA95BFADB8B1BA9C743F0D1C474BDD09B7D6DEF730A6F609013B0856A063DFE2EF443D5C4EAA51F714BE298136CE47F30BC99"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\astsrv.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\xampp\mysql\bin\mysqld.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Internet Explorer\IELowutil.exe
.
**************************************************************************
.
Completion time: 2011-05-24 04:58:43 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-24 01:58
.
Pre-Run: 7,900,454,912 bytes free
Post-Run: 6,075,863,040 bytes free
.
- - End Of File - - CCD3E5A53A7D887EE14F10D41B3B2206