| Cyberling2 | 12.07.2012 00:30 |
Hallo markusg!
Anbei die Combofix.txt Code:
ComboFix 12-07-11.03 - Walter 12.07.2012 0:35.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.43.1031.18.8119.5449 [GMT 2:00]
ausgeführt von:: c:\users\Walter\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\facemoods.com
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.crx
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.png
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsApp.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsEng.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\faCEmoodstlbr.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe
C:\Thumbs.db
c:\users\Walter\AppData\Local\assembly\tmp
c:\users\Walter\AppData\Roaming\.#
c:\windows\jestertb.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\SysWow64\drivers\str.sys
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-11 bis 2012-07-11 ))))))))))))))))))))))))))))))
.
.
2012-07-11 22:51 . 2012-07-11 22:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-11 22:51 . 2012-07-11 22:51 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-07-11 00:36 . 2012-07-11 00:36 -------- d-----w- c:\users\Walter\AppData\Roaming\Microsoft Robocopy GUI
2012-07-09 22:56 . 2012-07-09 22:57 -------- d-----w- C:\Privat
2012-07-07 22:58 . 2012-07-05 11:02 95744 ----a-w- c:\windows\system32\pdfcmon.dll
2012-07-07 22:58 . 2012-07-07 22:58 -------- d-----w- c:\program files (x86)\PDFCreator
2012-07-07 22:58 . 1998-07-06 16:55 158208 ----a-w- c:\windows\SysWow64\MSCMCDE.DLL
2012-07-07 22:58 . 1998-07-05 23:00 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2012-07-02 06:39 . 2012-07-02 07:11 -------- d-----w- c:\users\Walter\.jenny
2012-06-17 23:26 . 2012-06-17 23:26 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-17 23:26 . 2012-06-17 23:26 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-14 22:49 . 2012-06-14 22:49 -------- d-----w- c:\users\Walter\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2059-09-15 22:17 . 2011-10-04 12:20 44032 ----a-w- c:\windows\SysWow64\temp.027
2028-10-15 22:17 . 2011-10-04 12:20 1101312 ----a-w- c:\windows\SysWow64\temp.026
2012-07-07 10:36 . 2012-04-04 08:46 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-07 10:36 . 2011-06-01 20:53 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-06 10:30 . 2012-03-28 07:13 16014 ----a-w- c:\users\Walter\advanced_ip_scanner_MAC.bin
2012-05-05 13:37 . 2012-04-14 08:37 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-27 11:27 . 2012-06-05 16:31 8047424 ----a-w- c:\windows\system32\nvcuda.dll
2012-04-27 11:27 . 2012-06-05 16:31 5925184 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-04-27 11:27 . 2012-06-05 16:31 2873664 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-04-27 11:27 . 2012-06-05 16:31 2673984 ----a-w- c:\windows\system32\nvcuvid.dll
2012-04-27 11:27 . 2012-06-05 16:31 25626432 ----a-w- c:\windows\system32\nvoglv64.dll
2012-04-27 11:27 . 2012-06-05 16:31 25224512 ----a-w- c:\windows\system32\nvcompiler.dll
2012-04-27 11:27 . 2012-06-05 16:31 2518336 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-04-27 11:27 . 2012-06-05 16:31 2438464 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-04-27 11:27 . 2012-06-05 16:31 19510592 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-04-27 11:27 . 2012-06-05 16:31 17543488 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-04-27 11:27 . 2012-06-05 16:31 14398272 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-04-27 11:27 . 2012-05-18 22:53 1737536 ----a-w- c:\windows\system32\nvdispco64.dll
2012-04-27 11:27 . 2012-05-18 22:53 1466176 ----a-w- c:\windows\system32\nvgenco64.dll
2012-04-27 11:27 . 2010-12-04 04:45 7742784 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-04-27 11:27 . 2010-12-04 04:45 68928 ----a-w- c:\windows\system32\OpenCL.dll
2012-04-27 11:27 . 2010-12-04 04:45 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-04-27 11:27 . 2010-12-04 04:45 2324288 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-04-27 11:27 . 2010-02-19 04:11 9749312 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-04-27 11:27 . 2010-02-19 04:11 2685760 ----a-w- c:\windows\system32\nvapi64.dll
2012-04-27 11:27 . 2010-02-19 04:11 17675584 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-04-27 11:27 . 2010-02-19 04:11 15036736 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-04-27 09:51 . 2010-12-04 03:45 6103360 ----a-w- c:\windows\system32\nvcpl.dll
2012-04-27 09:49 . 2010-12-04 03:45 3092800 ----a-w- c:\windows\system32\nvsvc64.dll
2012-04-27 09:49 . 2010-12-04 03:45 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-04-27 09:49 . 2010-02-19 06:10 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-04-27 09:49 . 2012-06-05 08:28 55616 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-04-27 09:49 . 2010-12-04 03:45 850752 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-04-27 09:49 . 2010-12-04 03:45 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-04-27 09:49 . 2010-02-19 06:10 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-04-27 01:33 . 2012-04-27 01:33 417600 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-04-22 21:16 . 2012-04-22 21:16 767768 ----a-w- c:\users\Walter\AppData\Roaming\Microsoft\Windows\Templates\Transmiti.exe
1997-09-03 22:00 . 2010-12-20 16:54 311296 ----a-w- c:\program files (x86)\Common Files\msacc8.olb
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WizMouse"="c:\program files (x86)\WizMouse\WizMouse.exe" [2010-12-17 115504]
"NetSetMan"="c:\program files (x86)\NetSetMan\netsetman.exe" [2012-05-17 4966184]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-03 17417392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 287800]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-21 106496]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2009-11-04 111640]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-17 75048]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-08-01 115560]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2011-07-20 523216]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"ACPW05DE"="c:\program files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe" [2011-11-16 822384]
"ODMV3Tray"="c:\program files (x86)\Common Files\Hilscher\ODMV3\ODMTray.exe" [2011-04-26 73728]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 229376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-03-28 309184]
.
c:\users\Walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockFree\ObjectDock.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-30 1082656]
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2011-12-16 8186256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 TwkMs;CHIPDRIVE Mouse Adapter; [x]
R1 PBUS;PBUS; [x]
R1 SWIPsec;SonicWALL IPsec Driver;c:\windows\system32\Drivers\SWIPsec.sys [2009-03-05 99352]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 136176]
R2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
R2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-10-29 79360]
R2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-12-11 55808]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys [2011-07-20 94864]
R3 BR.AS.VersionChangerService;BR.AS.VersionChangerService;c:\windows\SysWOW64\BR.AS.VersionChangerService.exe [2009-07-15 155648]
R3 BrDiskImageSvcx;B&R Disk Image;d:\bur\Automation\PVI\V3.00.02\PVI\Tools\PviTransfer\BrDiskImageSvc.exe [2011-11-15 61952]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 35104]
R3 CHIPDRIVE USB SmartCardReader;CHIPDRIVE USB SmartCardReader;c:\windows\system32\DRIVERS\TwkUsb2K.sys [x]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 136176]
R3 IwUSB;IwUSB;c:\windows\system32\Drivers\iwusb_x64.sys [2009-10-07 47104]
R3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\DRIVERS\USBMAC64.SYS [2009-12-07 55296]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 ncplelhp;WatchGuard Secure Client NDIS6 Driver;c:\windows\system32\DRIVERS\ncplelhp.sys [2010-02-23 151272]
R3 NTGUARD;NTGUARD;c:\program files (x86)\IKARUS\virus.utilities\bin\ntguard_x64.sys [x]
R3 OCTsvcLenzeDigitec;OCTsvcLenzeDigitec;c:\program files (x86)\Lenze\Lenze Digitec OPC Tunnel\OCTsvc.exe [x]
R3 ODMV3;ODMV3;c:\program files (x86)\Common Files\Hilscher\ODMV3\ODMV3.exe [2011-04-26 364544]
R3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2011-09-12 53312]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys [2011-09-07 70016]
R3 SilvrLnk;SilverLink (USB GraphLink) Cable;c:\windows\system32\DRIVERS\silvrlnk.sys [2009-09-10 129536]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 SWVNIC;SonicWALL Virtual Miniport;c:\windows\system32\DRIVERS\swvnic.sys [2009-03-04 24600]
R3 TIGLUSB;TiglUsb.Sys TI-GRAPH/DIRECT LINK USB driver;c:\windows\system32\Drivers\TIGLUSB.sys [2006-05-24 30208]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TWKSER2K;CHIPDRIVE Serial SmartCardReader;c:\windows\system32\DRIVERS\TWKSER2K.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys [2010-09-02 17408]
R3 vpcuxd;USB-Virtualisierungsstubdienst;c:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-01-18 68440]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-05 1255736]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]
R4 SQLAgent$IMES;SQL Server-Agent (IMES);c:\program files (x86)\Arec\Imes21\Database\MSSQL10.IMES\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2012-03-19 89536]
S1 RsvLock;RsvLock; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/18 20:06];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2011-09-22 13:38 146928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-11-07 89600]
S2 BrAuthorizationSvcx;B&R Authorization;d:\bur\Automation\AsTools\BrAuthorization\BrAuthorizationSvc.exe [2008-12-18 40960]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-12-16 2368912]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-10-19 32768]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 Hp.Skyroom.Windows.Service;HP SkyRoom;c:\program files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [2009-11-20 124984]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-06-14 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-01 281192]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2012-03-12 190120]
S2 MSSQL$IMES;SQL Server (IMES);c:\program files (x86)\Arec\Imes21\Database\MSSQL10.IMES\MSSQL\Binn\sqlservr.exe [2011-09-22 43028328]
S2 NA_Service;NetAccess Service;c:\windows\system32\NA_Service.exe [2009-09-11 105472]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2012-03-28 47632]
S2 rgsender;Remote Graphics Sender Service;c:\program files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [2009-11-19 379904]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-04-27 382272]
S2 SWGVCSvc;SonicWALL Global VPN Client Service;c:\program files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe [2009-03-05 284696]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2011-03-17 2025336]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2011-07-20 468432]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-02-01 704512]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-21 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-21 177152]
S3 NxDrv;SonicWALL NetExtender Adapter;c:\windows\system32\DRIVERS\NxDrv.sys [2009-10-21 24264]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 rismcx64;RICOH Smart Card Reader;c:\windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WTNetUSB;W&T USB Redirector;c:\windows\system32\DRIVERS\WTNetUSB.sys [2010-11-16 107544]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 10:37]
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 10:37]
.
2012-07-10 c:\windows\Tasks\HPCeeScheduleForWalter.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 11:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2010-04-05 186904]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"SonicWALLNetExtender"="c:\program files (x86)\SonicWALL\SSL-VPN\NetExtender\NEGui.exe" [2010-06-22 1103744]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-11-07 489472]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-04-27 1694016]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2012-03-14 15232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.babylon.com/?AF=109958&babsrc=HP_ss&mntrId=e838735300000000000002004c4f4f50
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 172.16.48.2
TCP: Interfaces\{ABB5DBA0-9F93-4AD2-B690-DAE054317E0E}\74163747E65647A7: DhcpNameServer = 178.15.89.147
TCP: Interfaces\{ABB5DBA0-9F93-4AD2-B690-DAE054317E0E}\C414E413F523: DhcpNameServer = 82.139.223.34 81.92.15.34
DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} - hxxps://80.150.130.178/CACHE/stc/1/binaries/vpnweb.cab
FF - ProfilePath - c:\users\Walter\AppData\Roaming\Mozilla\Firefox\Profiles\arcp2orw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.at/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=109958&babsrc=adbartrp&mntrId=e838735300000000000002004c4f4f50&q=
FF - prefs.js: network.proxy.type - 255
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109958
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - e838735300000000000002004c4f4f50
FF - user.js: extensions.BabylonToolbar_i.hardId - e838735300000000000002004c4f4f50
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15452
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:16
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-LightScribe Control Panel - c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
Wow6432Node-HKCU-Run-Sony PC Companion - c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
Wow6432Node-HKLM-Run-UnlockerAssistant - c:\program files (x86)\Unlocker\UnlockerAssistant.exe
Wow6432Node-HKLM-Run-ASuite - e:\launcher\ASuite.exe
Wow6432Node-HKLM-Run-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
SafeBoot-Symantec Antvirus
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Automation Studio AS2.7.0 Deutsch - d:\bur\Automation\As27000de\Uninstall_Automation Studio AS2.7.0
AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.032"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.abr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.amr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.apd"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.arw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bay"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.bmp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bwf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cel"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cr2"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.crw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cs1"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.dcx"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.dib"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djv"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djvu"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dng"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.emf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.eps"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.erf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fff"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.flc"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fli"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fpx"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.gif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.hdr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icn"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iff"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ilbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.int"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.inta"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iw4"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2c"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2k"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jbr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jfif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jp2"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpc"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jpe"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jpeg"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jpg"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpk"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpx"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.kar"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.kdc"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.lbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m15"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m1a"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m2a"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m75"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mef"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mos"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mpv"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mrw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nef"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nrw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.orf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcd"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pct"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.pcx"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pef"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pgm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.pic"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pics"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pict"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pix"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.png"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ppm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psd"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspbrush"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspimage"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.qcp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.qtpf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.raf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ras"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.raw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgb"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgba"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.rle"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rsb"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rw2"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rwl"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sdv"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sfil"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sgi"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.smf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.smi"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.smil"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sml"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sr2"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.swa"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.tga"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.thm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.tif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.tiff"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ulw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.v30po"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.v30pp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.v30ppf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40po\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40po"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40pp\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40pp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40ppf\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40ppf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.vfw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.wbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.wbmp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.wmf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.xif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�9*]
"7040111900063D11C8EF10054038389C"="C?\\windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-12 01:20:34
ComboFix-quarantined-files.txt 2012-07-11 23:20
.
Vor Suchlauf: 26 Verzeichnis(se), 90.521.935.872 Bytes frei
Nach Suchlauf: 33 Verzeichnis(se), 95.657.373.696 Bytes frei
.
- - End Of File - - C87CDEAEF4182CC80B9F180790C16A52
Danke für die Unterstützung
Cyberling2 |
