Code:
Alles auswählen Aufklappen ATTFilter
ComboFix 11-12-04.03 - Sven Bögershausen 04.12.2011 20:07:12.1.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.4094.2138 [GMT 1:00]
ausgeführt von:: c:\users\Sven B÷gershausen\Downloads\Cover\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 48 bytes in 1 streams.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\PacketVideo\TwonkyBeam\Internet Explorer\TwONkyieplugin.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\14d02158d1dc4c498d1acd9638684120\Name.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\1760917c94a6dfc5d7404399c61fafee\mysql.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\1e304a77ce086f7a7e031852199502d4\NetResource.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\20252d6e001ae3774b425e81ba09b666\Fcntl.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\2076671ee5d0a5323570c92c74abac6f\Process.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\23ae7fb85999872530b5a5d4d67a4f44\Registry.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\23fe5d76b9491fa255db2281ac7687d5\Service.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\2d2847f7dd2a1fddd0fdb79d9d64ba93\List.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\2f0807b0946b0fe6a4923ffadf1218fc\vxs.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\461090bfc26706cc26ffa02662c1592c\Syck.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\48a4e6ef370984d8d9ce53660d66a7a5\Unicode.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\4e3813a1edb6903dcc223941e51f7e18\Parser.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\52831fecbfbbfee1a05b91977e499808\File.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\52ade7602469b51858072e874c345e37\ReadKey.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\5f6960e0234e0b14396e4c82a1f56c8f\HiRes.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\5ff67c77560df778223e3ec495b98f1e\Hebrew.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\62aa3b09ac39e34fd76505142c94e975\Storable.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\6a834a555edd63cb8706466e7c1666f2\Hostname.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\6c1da131f436ce35edb0690f338bdad8\File.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\6c25de79371a4db1d7e8eff0d11d5337\Base64.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\6eca2cf2961ac400050de852a1cbef9b\Byte.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\7020d50af327e3fc94b98242c307fc81\Cwd.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\76c0175b78e6f49c7544e19221d4457d\IO.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\7dd16cc839f33995d1a58e2773aa29b8\WinError.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\81368e51ca54d10b955b02b2e5382e48\Peek.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\855297e7b4b860331fdbdd53426f5e15\Dumper.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\86351894c58e4804ca004825fea78bbb\Encode.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\880556fb31088a703b58d0705c4f2b53\DBI.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\89c552b9aa641030773cbce7545c6143\XS.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\90198bd2c008178752393a8740fa6369\XS.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\9076f6dacaea506ecfb169822b132706\MD5.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\952d7675581ad6751c38c1bc1610a553\EV.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\a7c0cce4e1ac2c1f6d3e71bbe3c9bdd3\Socket.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\b7b4505cb0a127c242f14d779e410e03\POSIX.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\bb8ac2d2050e30577927a7ac95d99cd9\GD.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\be372c8e01efaf0b11c7b4c15f0b20ea\Scan.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\c06adade199b7f380d57181669fb22c1\Util.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\c3da4aa4c02db51c7f94d5eaf2438023\OLE.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\c8b0e39733c3e73e232a64a5c305ca76\API.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\e1ea0dbaf8a3ac5d1f0be83f219f8571\FastCalc.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\e775fca35641b4340ecf5cdba1fc6f62\Expat.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\ea4a4f99088551dd603ccfbabfaf3932\XSAccessor.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\f48694173221cfa9bad4275e2389b498\Win32.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\fc665959964b1312aee9d476290accdc\SHA1.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\fc8b9fd242032de837413f14e26ce21c\Zlib.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\perl510.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\20252d6e001ae3774b425e81ba09b666\Fcntl.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\2076671ee5d0a5323570c92c74abac6f\Process.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\23ae7fb85999872530b5a5d4d67a4f44\Registry.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\23fe5d76b9491fa255db2281ac7687d5\Service.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\2d2847f7dd2a1fddd0fdb79d9d64ba93\List.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\6a834a555edd63cb8706466e7c1666f2\Hostname.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\7020d50af327e3fc94b98242c307fc81\Cwd.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\7dd16cc839f33995d1a58e2773aa29b8\WinError.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\855297e7b4b860331fdbdd53426f5e15\Dumper.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\86351894c58e4804ca004825fea78bbb\Encode.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\a7c0cce4e1ac2c1f6d3e71bbe3c9bdd3\Socket.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\b7b4505cb0a127c242f14d779e410e03\POSIX.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\c3da4aa4c02db51c7f94d5eaf2438023\OLE.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\f48694173221cfa9bad4275e2389b498\Win32.dll
c:\users\Sven Bögershausen\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\perl510.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\14d02158d1dc4c498d1acd9638684120\Name.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\1760917c94a6dfc5d7404399c61fafee\mysql.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\1e304a77ce086f7a7e031852199502d4\NetResource.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\20252d6e001ae3774b425e81ba09b666\Fcntl.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\2076671ee5d0a5323570c92c74abac6f\Process.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\23ae7fb85999872530b5a5d4d67a4f44\Registry.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\23fe5d76b9491fa255db2281ac7687d5\Service.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\2d2847f7dd2a1fddd0fdb79d9d64ba93\List.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\2f0807b0946b0fe6a4923ffadf1218fc\vxs.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\461090bfc26706cc26ffa02662c1592c\Syck.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\48a4e6ef370984d8d9ce53660d66a7a5\Unicode.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\4e3813a1edb6903dcc223941e51f7e18\Parser.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\52831fecbfbbfee1a05b91977e499808\File.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\52ade7602469b51858072e874c345e37\ReadKey.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\5f6960e0234e0b14396e4c82a1f56c8f\HiRes.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\5ff67c77560df778223e3ec495b98f1e\Hebrew.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\62aa3b09ac39e34fd76505142c94e975\Storable.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\6a834a555edd63cb8706466e7c1666f2\Hostname.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\6c1da131f436ce35edb0690f338bdad8\File.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\6c25de79371a4db1d7e8eff0d11d5337\Base64.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\6eca2cf2961ac400050de852a1cbef9b\Byte.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\7020d50af327e3fc94b98242c307fc81\Cwd.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\76c0175b78e6f49c7544e19221d4457d\IO.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\7dd16cc839f33995d1a58e2773aa29b8\WinError.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\81368e51ca54d10b955b02b2e5382e48\Peek.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\855297e7b4b860331fdbdd53426f5e15\Dumper.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\86351894c58e4804ca004825fea78bbb\Encode.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\880556fb31088a703b58d0705c4f2b53\DBI.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\89c552b9aa641030773cbce7545c6143\XS.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\90198bd2c008178752393a8740fa6369\XS.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\9076f6dacaea506ecfb169822b132706\MD5.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\952d7675581ad6751c38c1bc1610a553\EV.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\a7c0cce4e1ac2c1f6d3e71bbe3c9bdd3\Socket.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\b7b4505cb0a127c242f14d779e410e03\POSIX.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\bb8ac2d2050e30577927a7ac95d99cd9\GD.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\be372c8e01efaf0b11c7b4c15f0b20ea\Scan.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\c06adade199b7f380d57181669fb22c1\Util.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\c3da4aa4c02db51c7f94d5eaf2438023\OLE.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\c8b0e39733c3e73e232a64a5c305ca76\API.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\e1ea0dbaf8a3ac5d1f0be83f219f8571\FastCalc.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\e775fca35641b4340ecf5cdba1fc6f62\Expat.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\ea4a4f99088551dd603ccfbabfaf3932\XSAccessor.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\f48694173221cfa9bad4275e2389b498\Win32.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\fc665959964b1312aee9d476290accdc\SHA1.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\fc8b9fd242032de837413f14e26ce21c\Zlib.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-1828\perl510.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\20252d6e001ae3774b425e81ba09b666\Fcntl.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\2076671ee5d0a5323570c92c74abac6f\Process.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\23ae7fb85999872530b5a5d4d67a4f44\Registry.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\23fe5d76b9491fa255db2281ac7687d5\Service.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\2d2847f7dd2a1fddd0fdb79d9d64ba93\List.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\6a834a555edd63cb8706466e7c1666f2\Hostname.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\7020d50af327e3fc94b98242c307fc81\Cwd.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\7dd16cc839f33995d1a58e2773aa29b8\WinError.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\855297e7b4b860331fdbdd53426f5e15\Dumper.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\86351894c58e4804ca004825fea78bbb\Encode.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\a7c0cce4e1ac2c1f6d3e71bbe3c9bdd3\Socket.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\b7b4505cb0a127c242f14d779e410e03\POSIX.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\c3da4aa4c02db51c7f94d5eaf2438023\OLE.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\f48694173221cfa9bad4275e2389b498\Win32.dll
c:\users\SVENBG~1\AppData\Local\Temp\pdk-Sven_B[f6]gershausen-872\perl510.dll
I:\Autorun.inf
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-11-04 bis 2011-12-04 ))))))))))))))))))))))))))))))
.
.
2011-12-04 19:29 . 2011-12-04 19:35 -------- d-----w- c:\users\Sven Bögershausen\AppData\Local\Temp
2011-12-04 19:28 . 2011-12-04 19:28 -------- d-----w- c:\users\Max\AppData\Local\temp
2011-12-04 19:28 . 2011-12-04 19:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-03 18:20 . 2011-12-03 18:42 -------- d-----w- C:\_OTL
2011-11-30 22:57 . 2011-11-30 22:57 -------- d-----w- c:\users\Sven Bögershausen\AppData\Roaming\Malwarebytes
2011-11-30 22:57 . 2011-11-30 22:57 -------- d-----w- c:\programdata\Malwarebytes
2011-11-30 22:57 . 2011-11-30 22:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-30 22:57 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-13 16:04 . 2005-02-02 11:05 8704 ----a-w- c:\windows\system32\E_GCINST.DLL
2011-11-13 16:04 . 2006-12-08 01:04 129536 ----a-w- c:\windows\system32\E_ILMBZE.DLL
2011-11-13 16:04 . 2006-04-19 01:00 86528 ----a-w- c:\windows\system32\E_IBCBBZE.DLL
2011-11-13 16:03 . 2011-11-13 16:05 -------- d-----w- c:\programdata\EPSON
2011-11-11 17:42 . 2011-11-11 17:42 -------- d-----w- c:\program files (x86)\DVDFab 8 Qt
2011-11-11 16:08 . 2011-11-11 16:08 -------- d-----w- c:\windows\system32\Macromed
2011-11-11 12:49 . 2011-09-20 21:06 1426304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-11 12:49 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-11 12:49 . 2011-10-17 11:41 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-11-11 12:49 . 2011-09-30 16:16 893440 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-11 12:49 . 2011-09-30 16:16 50688 ----a-w- c:\program files\Windows Mail\wabimp.dll
2011-11-11 12:49 . 2011-09-30 15:57 707584 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-11 16:08 . 2011-10-26 16:09 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-30 23:25 . 2011-10-13 15:41 1147904 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 23:21 . 2011-10-13 15:41 56832 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:21 . 2011-10-13 15:41 1538560 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 23:20 . 2011-10-13 15:41 132096 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 23:20 . 2011-10-13 15:41 77312 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 23:06 . 2011-10-13 15:41 916480 ----a-w- c:\windows\SysWow64\wininet.dll
2011-09-30 23:02 . 2011-10-13 15:41 43520 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-09-30 23:01 . 2011-10-13 15:41 1469440 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-09-30 23:01 . 2011-10-13 15:41 71680 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-09-30 23:01 . 2011-10-13 15:41 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-09-30 22:29 . 2011-10-13 15:41 479232 ----a-w- c:\windows\system32\html.iec
2011-09-30 22:07 . 2011-10-13 15:41 385024 ----a-w- c:\windows\SysWow64\html.iec
2011-09-30 21:48 . 2011-10-13 15:41 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:47 . 2011-10-13 15:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-30 21:29 . 2011-10-13 15:41 133632 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-09-30 21:28 . 2011-10-13 15:41 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-09-06 13:56 . 2011-10-13 15:41 2764288 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files (x86)\Winamp Toolbar\winamptb.dll" [2009-02-19 1262888]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-11-17 18:29 1515688 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-11-17 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"Tunebite"="c:\program files (x86)\RapidSolution\Tunebite\Tunebite.exe" [2008-06-12 6366512]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-04-07 102400]
"ANT Agent"="c:\program files (x86)\Garmin\ANT Agent\ANT Agent.exe" [2011-04-14 12036968]
"gStart"="c:\program files (x86)\Garmin\gStart.exe" [2008-08-13 1891416]
"AOL Fast Start"="c:\program files (x86)\AOL 9.0 VR\AOL.EXE" [2007-06-21 50480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PCMMediaSharing"="c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-05-20 204908]
"BkupTray"="c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"NapsterShell"="c:\program files (x86)\Napster\napster.exe" [2010-07-20 323280]
"HostManager"="c:\program files (x86)\Common Files\AOL\1235421702\ee\AOLSoftware.exe" [2006-09-26 50736]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"BrStsWnd"="c:\program files (x86)\Brownie\BrstsW64.exe" [2008-09-18 967168]
"PivotSoftware"="c:\program files (x86)\Portrait Displays\Pivot Software\wpctrl.exe" [2007-02-09 694008]
"DT PHL"="c:\program files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" [2008-12-17 86016]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2009-03-20 1904640]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2010-09-15 339312]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-11-17 901800]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\users\Sven Bögershausen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
OneNote Inhaltsverzeichnis.onetoc2 [2009-2-23 3656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk - c:\program files (x86)\Audible\Bin\AudibleDownloadHelper.exe [2009-4-29 1787224]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
phase-6 Reminder.lnk - c:\program files (x86)\phase-6\phase-6\reminder\reminder.exe [2010-6-28 1032192]
PHOTOfunSTUDIO 5.2 HD Edition.lnk - c:\program files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2010-9-5 172544]
Squeezebox Server-Taskleisten-Tool.lnk - c:\program files (x86)\Squeezebox\SqueezeTray.exe [2010-11-27 2351191]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [x]
R3 ITEIO.SYS;ITEIO.SYS;c:\windows\System32\drivers\ITEIO.sys [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 TFsExDisk;TFsExDisk; [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-05-20 269448]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys [2008-11-28 34048]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2008-07-21 98304]
S2 SqueezeMySQL;SqueezeMySQL;c:\progra~2\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe [2011-04-14 4149248]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2009-08-27 92008]
S2 TwonkyMedia;TwonkyMedia;c:\program files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe [2010-10-22 497240]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}]
2008-06-18 13:04 8192 ----a-w- c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-04 c:\windows\Tasks\RegistryBooster.job
- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-08-04 13:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:53 50736 ----a-w- c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-08-19 319488]
"EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-08-19 323584]
"eDataSecurity Loader"="c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe" [2008-07-29 561200]
"RtHDVCpl"="RAVCpl64.exe" [2008-08-19 6456352]
"Skytel"="Skytel.exe" [2008-08-19 1833504]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-10-14 6144]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 182784]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-01 15851040]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-01 82464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://secure.logmein.com/mycomputers_connect.asp?lang=de&shortcut=1y8942m6p4x2ld5r70j3tfszoqie54wwsawchfd9wv2mxbnvyc2d3am33ujmf7iyyrrh593fq8edjyihse599vl5gdq54zd6ckao6uziuj15bwk2nk9tsvftzdlj8anw
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = fritz.box;*.local
IE: &Alles mit FlashGet laden - c:\program files (x86)\FlashGet\jc_all.htm
IE: &AOL Toolbar-Suche - c:\program files (x86)\aol\aol toolbar 4.0\resources\de-DE\local\search.html
IE: &Mit FlashGet laden - c:\program files (x86)\FlashGet\jc_link.htm
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Playlist - c:\program files (x86)\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314
IE: Free YouTube to MP3 Converter - c:\users\Sven Bögershausen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: TwonkyBeam to - c:\program files (x86)\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/231
IE: {{339E0A0F-ACAE-408f-AAD7-4E9158FFDE7C} - {BE8D0059-D24D-4919-B76F-99F4A2203647} {BE8D0059-D24D-4919-B76F-99F4A2203647} - {be8d0059-d24d-4919-b76f-99f4a2203647}\inprocserver32 does not exist!
LSP: c:\windows\system32\wpclsp.dll
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{18A11C53-EBFE-46B4-8724-E2BFA8B009D7}: NameServer = 192.168.178.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Sven Bögershausen\AppData\Roaming\Mozilla\Firefox\Profiles\y3uzzl3n.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Winamp Search
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} - (no file)
Wow6432Node-HKCU-Run-Nero MediaHome 4 - c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
.
.
"ImagePath"="system32\drivers\
[verify-U]-driver.sys"
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\[verify-U]_System]
"ImagePath"="system32\drivers\
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FotoManager10Deluxe.8.alb"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.032"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.amr"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ani"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.arw"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bay"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bmp"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bw"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bwf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cel"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cr2"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.crw"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cs1"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cur"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcr"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcx"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dib"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djv"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djvu"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dng"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.emf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.eps"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.erf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fff"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.flc"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fli"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.gif"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gsm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.gsm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.hdr"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icn"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ico"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iff"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ilbm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.int"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.inta"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iw4"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2c"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2k"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jif"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jp2"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpc"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpe"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpeg"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpg"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpk"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpx"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.lbm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.m15"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.m1a"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.m2a"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.m75"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mef"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mos"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mpv"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mrw"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.nef"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.orf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pbm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcd"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pct"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcx"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pef"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pgm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pic"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pics"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pict"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pix"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.png"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ppm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psd"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psp"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pspimage"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.qcp"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.qtpf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.raf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ras"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.raw"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgb"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgba"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rle"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rsb"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sdv"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sfil"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sgi"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.smf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.smi"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.smil"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sml"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sr2"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.srf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.swa"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tga"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.thm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tif"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tiff"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ulw"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10o"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10p"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10pf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.vfw"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbmp"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wmf"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xbm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xif"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xmp"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xpm"
.
[HKEY_USERS\S-1-5-21-2231011767-925043079-103270863-1000\Software\SecuROM\License information*]
"datasecu"=hex:f9,75,db,dc,3c,97,2d,19,46,8b,fb,2a,74,e9,c0,0f,16,6d,a4,60,96,
a9,74,ae,90,e2,36,ea,05,f7,de,c5,3a,f7,e5,dc,3c,5a,53,64,1f,28,5e,53,2b,d7,\
"rkeysecu"=hex:1d,7e,ea,a9,54,cf,57,85,98,b5,cd,ea,55,fe,b5,30
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\T*w*o*n*k*y*B*e*a*m*"!\Internet Explorer]
"Path"="c:\\Program Files (x86)\\PacketVideo\\TwonkyBeam\\Internet Explorer"
"Language"="1031"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\windows\SysWOW64\bgsvcgen.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\program files (x86)\TwonkyMedia\TwonkyMediaServer.exe
c:\program files (x86)\Philips Display\SmartControl II\DTHtml.exe
c:\program files (x86)\AOL 9.0 VR\waol.exe
c:\program files (x86)\Brownie\brpjp04a.exe
c:\program files (x86)\Portrait Displays\Pivot Software\floater.exe
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
c:\progra~2\SQUEEZ~1\server\SQUEEZ~3.EXE
c:\program files (x86)\AOL 9.0 VR\shellmon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-12-04 20:57:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-12-04 19:57
.
Vor Suchlauf: 23 Verzeichnis(se), 42.321.633.280 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 44.688.683.008 Bytes frei
.
- - End Of File - - CFE8F0AE25F12E3610B20E0B6D099EDD
04.12.2011, 21:04
Baum-Darstellung