Fixed Attach Log
Edited the Attach log post w/ the correct text log, sorry for pasting the wrong log.
I will edit this post with the ComboFix Log as soon as it is done.
//////////////////
ComboFix2 log part 1
//////////////////
ComboFix 11-06-24.02 - Administrator 06/25/2011 0:46.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4095.2382 [GMT -4:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\users\Administrator\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Fbotaa.exe"
"c:\windows\SysWow64\onexuit.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Fbotaa.exe
c:\windows\SysWow64\onexuit.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-05-25 to 2011-06-25 )))))))))))))))))))))))))))))))
.
.
2011-06-25 04:49 . 2011-06-25 04:49 -------- d-----w- c:\users\Nel\AppData\Local\temp
2011-06-25 04:49 . 2011-06-25 04:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-25 04:49 . 2011-06-25 04:49 -------- d-----w- c:\users\AznAvatar\AppData\Local\temp
2011-06-25 04:39 . 2011-06-25 04:39 -------- d-----w- c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-06-25 01:09 . 2011-06-25 01:06 4770816 ----a-w- C:\unetbtin.exe
2011-06-25 00:56 . 2011-06-25 00:56 -------- d-----w- c:\program files (x86)\PowerISO
2011-06-25 00:56 . 2011-06-15 08:30 93240 ----a-w- c:\windows\system32\drivers\scdemu.sys
2011-06-24 22:13 . 2011-06-25 04:39 -------- dc-h--w- c:\programdata\~0
2011-06-24 22:13 . 2011-06-24 22:13 -------- d-----w- c:\users\Administrator\AppData\Local\PackageAware
2011-06-24 19:37 . 2011-06-24 19:37 -------- d-----w- c:\users\Administrator\AppData\Roaming\Malwarebytes
2011-06-24 19:37 . 2011-06-24 19:37 -------- d-----w- c:\programdata\Malwarebytes
2011-06-24 19:37 . 2011-05-29 13:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-24 19:37 . 2011-06-24 19:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-24 19:37 . 2011-05-29 13:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-24 19:21 . 2011-06-24 19:21 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-06-24 19:21 . 2011-06-24 19:21 -------- d-----w- c:\program files (x86)\Trend Micro
2011-06-24 18:51 . 2011-06-24 18:51 -------- d-----w- c:\program files (x86)\Magical Jelly Bean
2011-06-24 06:20 . 2011-06-25 02:51 -------- d-----w- c:\users\Administrator\AppData\Local\ElevatedDiagnostics
2011-06-24 05:02 . 2011-06-24 05:02 -------- d-----w- c:\program files (x86)\ESET
2011-06-24 02:05 . 2011-06-25 03:14 -------- d-----w- c:\users\Administrator\AppData\Local\CrashDumps
2011-06-24 02:04 . 2011-06-24 02:04 -------- d-----w- c:\users\Administrator\AppData\Local\Google
2011-06-24 00:08 . 2011-06-24 05:32 -------- d-----w- c:\programdata\PC Tools
2011-06-23 20:16 . 2011-06-23 20:16 -------- d-----w- c:\users\Administrator\AppData\Local\AMD
2011-06-23 20:15 . 2011-06-23 20:15 -------- d-----w- c:\users\Administrator\AppData\Local\ATI
2011-06-23 19:44 . 2011-06-23 19:44 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-23 19:29 . 2011-06-23 19:29 -------- d-----w- c:\programdata\AIM
2011-06-23 19:29 . 2011-06-23 19:29 -------- d-----w- c:\program files (x86)\AIM
2011-06-23 19:29 . 2011-06-23 19:29 -------- d-----w- c:\program files (x86)\Common Files\Software Update Utility
2011-06-23 19:08 . 2011-06-24 05:01 -------- d-----w- c:\users\Administrator\AppData\Local\NPE
2011-06-23 19:08 . 2011-06-23 19:08 -------- d-----w- c:\programdata\Norton
2011-06-23 18:54 . 2011-06-23 18:54 -------- d-----w- c:\users\Administrator\AppData\Local\Adobe
2011-06-23 18:41 . 2011-06-25 03:23 -------- d-----r- c:\users\Public
2011-06-23 18:40 . 2011-06-23 18:40 -------- d-----w- c:\users\Administrator\AppData\Local\Symantec
2011-06-23 18:40 . 2011-06-23 19:29 -------- d-----w- c:\users\Administrator\AppData\Local\AIM
2011-06-23 18:39 . 2011-06-25 04:48 -------- d-----w- c:\users\Administrator\AppData\Local\Temp
2011-06-23 18:21 . 2011-06-23 18:21 -------- d-----w- c:\users\Administrator\AppData\Local\AOL
2011-06-23 18:20 . 2011-06-23 18:20 -------- d-----w- c:\users\Administrator\AppData\Local\Mozilla
2011-06-23 18:20 . 2011-06-23 18:20 -------- d-----w- c:\users\Administrator\AppData\Local\Apps
2011-06-21 23:44 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A731392F-13A2-4EAD-A657-C7B0DD6912C3}\mpengine.dll
2011-06-16 04:09 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-16 04:09 . 2011-04-25 05:32 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-16 04:09 . 2011-04-25 02:44 499712 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-16 04:09 . 2011-04-29 05:47 1110528 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-16 04:09 . 2011-04-29 05:08 759296 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-16 04:09 . 2011-05-04 02:51 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 04:09 . 2011-05-04 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-16 04:09 . 2011-05-04 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 04:09 . 2011-05-28 03:07 3133952 ----a-w- c:\windows\system32\win32k.sys
2011-06-16 04:07 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-16 04:07 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 04:07 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 04:07 . 2010-12-18 06:13 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-16 04:07 . 2010-12-18 05:31 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-06-16 04:07 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 04:07 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-06-13 00:01 . 2011-06-22 04:04 -------- d-----w- c:\users\Administrator\AppData\Roaming\skypePM
2011-06-13 00:01 . 2011-06-20 06:50 -------- d-----w- c:\programdata\Skype Extras
2011-06-12 23:57 . 2011-06-22 06:01 -------- d-----w- c:\users\Administrator\AppData\Roaming\Skype
2011-06-12 23:56 . 2011-06-12 23:56 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-06-12 23:56 . 2011-06-23 18:52 -------- d-----r- c:\program files (x86)\Skype
2011-06-12 23:56 . 2011-06-12 23:56 -------- d-----w- c:\programdata\Skype
2011-06-10 20:42 . 2011-06-10 20:42 -------- d-----w- c:\users\Administrator\AppData\Roaming\Notepad++
2011-06-10 20:42 . 2011-06-10 20:42 -------- d-----w- c:\program files (x86)\Notepad++
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 23:14 . 2009-10-02 21:00 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-04-22 20:18 . 2011-05-25 14:34 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-20 06:44 . 2011-04-20 06:44 9319936 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-04-20 06:30 . 2011-04-20 06:30 22900736 ----a-w- c:\windows\system32\atio6axx.dll
2011-04-20 06:09 . 2011-04-20 06:09 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-04-20 06:09 . 2011-01-05 03:02 676864 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-04-20 06:07 . 2011-01-05 03:01 795648 ----a-w- c:\windows\system32\aticfx64.dll
2011-04-20 06:07 . 2011-04-20 06:07 17693184 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-04-20 06:05 . 2011-01-05 02:58 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-04-20 06:04 . 2011-01-05 02:58 480256 ----a-w- c:\windows\system32\atieclxx.exe
2011-04-20 06:04 . 2011-01-05 02:57 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-04-20 06:03 . 2011-04-20 06:03 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-04-20 06:02 . 2011-01-05 02:56 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-04-20 06:02 . 2011-04-20 06:02 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-04-20 06:02 . 2011-04-20 06:02 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-04-20 06:02 . 2011-04-20 06:02 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-04-20 06:02 . 2011-04-20 06:02 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-04-20 06:02 . 2011-04-20 06:02 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-04-20 05:59 . 2011-04-20 05:59 4161536 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-04-20 05:49 . 2011-01-05 02:43 4951552 ----a-w- c:\windows\system32\atidxx64.dll
2011-04-20 05:46 . 2011-04-20 05:46 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-04-20 05:46 . 2011-04-20 05:46 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-04-20 05:46 . 2011-04-20 05:46 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-04-20 05:46 . 2011-04-20 05:46 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-04-20 05:45 . 2011-04-20 05:45 7768064 ----a-w- c:\windows\system32\aticaldd64.dll
2011-04-20 05:42 . 2011-04-20 05:42 6389760 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-04-20 05:40 . 2011-04-20 05:40 1222656 ----a-w- c:\windows\system32\atiumd6v.dll
2011-04-20 05:40 . 2011-04-20 05:40 1923584 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-04-20 05:40 . 2011-01-05 02:32 3868672 ----a-w- c:\windows\system32\atiumd6a.dll
2011-04-20 05:38 . 2011-01-05 02:33 4286464 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-04-20 05:31 . 2011-01-05 02:27 5440000 ----a-w- c:\windows\system32\atiumd64.dll
2011-04-20 05:30 . 2011-01-05 02:25 4056576 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-04-20 05:27 . 2011-01-05 02:28 58880 ----a-w- c:\windows\system32\coinst.dll
2011-04-20 05:23 . 2011-01-05 02:20 366080 ----a-w- c:\windows\system32\atiadlxx.dll
2011-04-20 05:23 . 2011-04-20 05:23 262144 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-04-20 05:22 . 2011-04-20 05:22 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-04-20 05:22 . 2011-04-20 05:22 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-04-20 05:22 . 2011-04-20 05:22 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-04-20 05:22 . 2011-04-20 05:22 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-04-20 05:22 . 2011-04-20 05:22 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-04-20 05:22 . 2011-04-20 05:22 306176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-04-20 05:21 . 2011-01-05 02:18 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-04-20 05:21 . 2011-01-05 02:18 31232 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-04-20 05:21 . 2011-01-05 02:18 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-04-20 05:21 . 2011-01-05 02:18 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-04-20 05:20 . 2011-04-20 05:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-04-20 05:13 . 2011-04-20 05:13 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-04-20 05:13 . 2011-04-20 05:13 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-04-20 05:13 . 2011-04-20 05:13 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-04-20 05:13 . 2011-04-20 05:13 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-04-12 23:23 . 2011-04-12 23:23 258352 ----a-w- c:\windows\SysWow64\unicows.dll
2011-04-09 06:58 . 2011-05-24 15:14 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:45 . 2011-05-11 18:07 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-11 18:07 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 18:07 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-24 15:14 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-25_03.21.54 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-02-03 09:01 . 2011-06-25 03:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-03 09:01 . 2011-06-25 04:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-03 09:01 . 2011-06-25 03:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-03 09:01 . 2011-06-25 04:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 02:36 . 2011-06-25 04:47 626844 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-06-25 03:15 626844 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-06-25 04:47 107160 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-06-25 03:15 107160 c:\windows\system32\perfc009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim"="c:\program files (x86)\AIM\aim.exe" [2011-05-03 4321112]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-19 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2009-06-24 115560]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-02-17 17798144]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-07-12 74752]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-05 336384]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R3 BATTLEP;BATTLEP;c:\program files (x86)\BattlePing\BattleP.exe [2009-12-25 1568768]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [x]
R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.21746.0.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-05 354304]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-08-17 239648]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-09 136824]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213172611-107097552-3265808761-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-24 02:04]
.
2011-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213172611-107097552-3265808761-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-24 02:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLCCCATS"="c:\windows\system32\spool\DRIVERS\x64\3\DLCCtime.dll" [2006-02-24 28672]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.startsearcher.com
mStart Page = hxxp://www.startsearcher.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &D&ownload &with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\BattleP.dll
TCP: DhcpNameServer = 192.168.11.1
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ietlzerp.default\
FF - prefs.js: browser.startup.homepage -
www.yahoo.com
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Xuse ????? - c:\program files\Xuse\?????\Xuse_Inst.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe
AddRemove-????????? - c:\program files (x86)\Guilty\?????????\UNINST.EXE
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,bc,d6,4d,72,5c,90,46,9a,c1,f3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,bc,d6,4d,72,5c,90,46,9a,c1,f3,\
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.669\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.669"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.AAC"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.aiff"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.amf"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.ASF"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.PlayList"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.au"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.AVI"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.avr"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.B4S\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.PlayList"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.caf"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.CDA"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.far\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.far"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FLAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.FLAC"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FLV\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.FLV"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htk\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.htk"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.iff"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.it\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.it"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.itz"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.KAR\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.KAR"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.M2V"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.PlayList"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M3U8\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.PlayList"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M4A\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.M4A"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mat\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.mat"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mdz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.mdz"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MID"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MIDI"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MIZ\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MIZ"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MKV"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.mod"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP1\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MP1"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MP2"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MP3"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MP4"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MPEG"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MPG"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mtm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.mtm"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSA\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.NSA"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nst\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.nst"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSV\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.NSV"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.OGG\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.OGG"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.okt\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.okt"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.paf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.paf"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PLS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.PlayList"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ptm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.ptm"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pvf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.pvf"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.raw"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rf64\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.rf64"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.RMI"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3m\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.s3m"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3z\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.s3z"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sd2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.sd2"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sds\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.sds"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.sf"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.stm"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.stz"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.SWF"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\NOTEPAD.EXE"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ult\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.ult"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vbs\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\wscript.exe"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.VLB\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.VLB"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.voc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.voc"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.w64\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.w64"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wal\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.SkinZip"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.wav"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.webm"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wlz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.LangZip"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.WMA"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.WMV"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.PlayList"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wsz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.SkinZip"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wve\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.wve"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.xi"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.xm"
.
[HKEY_USERS\S-1-5-21-3213172611-107097552-3265808761-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.xmz"
.