Quälende Werbung Rechts Unten

Cyberling2 · 07.07.2012, 21:17

Hallo!

Ich bin bei meiner Internetrecherche bezüglich der
quälenden Werbung rechts unten auf Euer Froum
gestossen und hoffe nun, dass ir mir helfen könnt.

Anbei die Auswertung mittels der OTL.exe

OTL.txt und Extras.txt musste ich als
Anhang schicken, das ich sonst die
Zeichengrenze überschritten hätte.

Danke im vorhinein
Cyberling2

markusg · 10.07.2012, 22:15

hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Cyberling2 · 11.07.2012, 00:29

Hallo markusg!

Danke für Deine Anwort.

tdss killer hat nichts gefunden.
Hast Du noch ne Idee?

Code:

ATTFilter

01:27:59.0132 6676	TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35
01:27:59.0522 6676	============================================================
01:27:59.0522 6676	Current date / time: 2012/07/11 01:27:59.0522
01:27:59.0522 6676	SystemInfo:
01:27:59.0522 6676	
01:27:59.0522 6676	OS Version: 6.1.7601 ServicePack: 1.0
01:27:59.0522 6676	Product type: Workstation
01:27:59.0522 6676	ComputerName: NB005
01:27:59.0522 6676	UserName: Walter
01:27:59.0522 6676	Windows directory: C:\windows
01:27:59.0522 6676	System windows directory: C:\windows
01:27:59.0522 6676	Running under WOW64
01:27:59.0522 6676	Processor architecture: Intel x64
01:27:59.0522 6676	Number of processors: 4
01:27:59.0522 6676	Page size: 0x1000
01:27:59.0522 6676	Boot type: Normal boot
01:27:59.0522 6676	============================================================
01:27:59.0956 6676	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:27:59.0965 6676	============================================================
01:27:59.0965 6676	\Device\Harddisk0\DR0:
01:27:59.0965 6676	MBR partitions:
01:27:59.0965 6676	Initialize success
01:27:59.0965 6676	============================================================
01:28:04.0943 5948	============================================================
01:28:04.0943 5948	Scan started
01:28:04.0943 5948	Mode: Manual; SigCheck; TDLFS; 
01:28:04.0943 5948	============================================================
01:28:05.0022 5948	1394ohci - ok
01:28:05.0042 5948	Accelerometer - ok
01:28:05.0048 5948	ACPI - ok
01:28:05.0053 5948	AcpiPmi - ok
01:28:05.0071 5948	acsock - ok
01:28:05.0076 5948	adp94xx - ok
01:28:05.0081 5948	adpahci - ok
01:28:05.0085 5948	adpu320 - ok
01:28:05.0090 5948	AeLookupSvc - ok
01:28:05.0100 5948	AESTFilters - ok
01:28:05.0111 5948	AFD - ok
01:28:05.0116 5948	AgereModemAudio - ok
01:28:05.0125 5948	AgereSoftModem - ok
01:28:05.0129 5948	agp440 - ok
01:28:05.0134 5948	ALG - ok
01:28:05.0137 5948	aliide - ok
01:28:05.0142 5948	amdide - ok
01:28:05.0145 5948	AmdK8 - ok
01:28:05.0149 5948	AmdPPM - ok
01:28:05.0152 5948	amdsata - ok
01:28:05.0156 5948	amdsbs - ok
01:28:05.0161 5948	amdxata - ok
01:28:05.0165 5948	AppID - ok
01:28:05.0169 5948	AppIDSvc - ok
01:28:05.0186 5948	Appinfo - ok
01:28:05.0206 5948	Apple Mobile Device - ok
01:28:05.0211 5948	AppMgmt - ok
01:28:05.0216 5948	arc - ok
01:28:05.0220 5948	arcsas - ok
01:28:05.0238 5948	aspnet_state - ok
01:28:05.0248 5948	AsyncMac - ok
01:28:05.0255 5948	atapi - ok
01:28:05.0259 5948	AudioEndpointBuilder - ok
01:28:05.0263 5948	AudioSrv - ok
01:28:05.0266 5948	AX88772 - ok
01:28:05.0272 5948	AxInstSV - ok
01:28:05.0275 5948	b06bdrv - ok
01:28:05.0296 5948	b57nd60a - ok
01:28:05.0303 5948	BDESVC - ok
01:28:05.0307 5948	Beep - ok
01:28:05.0324 5948	BFE - ok
01:28:05.0328 5948	BITS - ok
01:28:05.0332 5948	blbdrive - ok
01:28:05.0337 5948	Bonjour Service - ok
01:28:05.0341 5948	bowser - ok
01:28:05.0352 5948	BR.AS.VersionChangerService - ok
01:28:05.0380 5948	BrAuthorizationSvcx - ok
01:28:05.0386 5948	BrDiskImageSvcx - ok
01:28:05.0391 5948	BrFiltLo - ok
01:28:05.0394 5948	BrFiltUp - ok
01:28:05.0398 5948	Browser - ok
01:28:05.0403 5948	Brserid - ok
01:28:05.0408 5948	BrSerWdm - ok
01:28:05.0412 5948	BrUsbMdm - ok
01:28:05.0417 5948	BrUsbSer - ok
01:28:05.0438 5948	BthEnum - ok
01:28:05.0443 5948	BTHMODEM - ok
01:28:05.0447 5948	BthPan - ok
01:28:05.0454 5948	BTHPORT - ok
01:28:05.0458 5948	bthserv - ok
01:28:05.0461 5948	BTHUSB - ok
01:28:05.0466 5948	btwaudio - ok
01:28:05.0470 5948	btwavdt - ok
01:28:05.0474 5948	btwdins - ok
01:28:05.0478 5948	btwl2cap - ok
01:28:05.0482 5948	btwrchid - ok
01:28:05.0499 5948	ccEvtMgr - ok
01:28:05.0504 5948	ccSetMgr - ok
01:28:05.0508 5948	cdfs - ok
01:28:05.0511 5948	cdrom - ok
01:28:05.0515 5948	CertPropSvc - ok
01:28:05.0519 5948	CHIPDRIVE USB SmartCardReader - ok
01:28:05.0525 5948	circlass - ok
01:28:05.0529 5948	CLFS - ok
01:28:05.0533 5948	clr_optimization_v2.0.50727_32 - ok
01:28:05.0537 5948	clr_optimization_v2.0.50727_64 - ok
01:28:05.0544 5948	clr_optimization_v4.0.30319_32 - ok
01:28:05.0548 5948	clr_optimization_v4.0.30319_64 - ok
01:28:05.0553 5948	CmBatt - ok
01:28:05.0557 5948	cmdide - ok
01:28:05.0561 5948	CNG - ok
01:28:05.0579 5948	CodeMeter.exe - ok
01:28:05.0591 5948	Com4QLBEx - ok
01:28:05.0595 5948	Compbatt - ok
01:28:05.0600 5948	CompositeBus - ok
01:28:05.0604 5948	COMSysApp - ok
01:28:05.0608 5948	crcdisk - ok
01:28:05.0615 5948	CryptSvc - ok
01:28:05.0619 5948	CSC - ok
01:28:05.0624 5948	CscService - ok
01:28:05.0630 5948	ctxusbm - ok
01:28:05.0636 5948	DcomLaunch - ok
01:28:05.0640 5948	DEBridge - ok
01:28:05.0644 5948	defragsvc - ok
01:28:05.0648 5948	DfsC - ok
01:28:05.0652 5948	Dhcp - ok
01:28:05.0657 5948	discache - ok
01:28:05.0660 5948	Disk - ok
01:28:05.0664 5948	DNE - ok
01:28:05.0667 5948	Dnscache - ok
01:28:05.0672 5948	dot3svc - ok
01:28:05.0676 5948	DpHost - ok
01:28:05.0680 5948	DPS - ok
01:28:05.0684 5948	drmkaud - ok
01:28:05.0689 5948	DS1410D - ok
01:28:05.0693 5948	DXGKrnl - ok
01:28:05.0695 5948	e1kexpress - ok
01:28:05.0701 5948	EapHost - ok
01:28:05.0705 5948	ebdrv - ok
01:28:05.0709 5948	eeCtrl - ok
01:28:05.0713 5948	EFS - ok
01:28:05.0717 5948	ehRecvr - ok
01:28:05.0721 5948	ehSched - ok
01:28:05.0725 5948	elxstor - ok
01:28:05.0738 5948	EraserUtilRebootDrv - ok
01:28:05.0742 5948	ErrDev - ok
01:28:05.0750 5948	EventSystem - ok
01:28:05.0755 5948	exfat - ok
01:28:05.0759 5948	fastfat - ok
01:28:05.0762 5948	Fax - ok
01:28:05.0766 5948	fdc - ok
01:28:05.0770 5948	fdPHost - ok
01:28:05.0776 5948	FDResPub - ok
01:28:05.0780 5948	FileInfo - ok
01:28:05.0784 5948	Filetrace - ok
01:28:05.0788 5948	flpydisk - ok
01:28:05.0792 5948	FltMgr - ok
01:28:05.0795 5948	FontCache - ok
01:28:05.0800 5948	FontCache3.0.0.0 - ok
01:28:05.0804 5948	FsDepends - ok
01:28:05.0808 5948	Fs_Rec - ok
01:28:05.0818 5948	FTDIBUS - ok
01:28:05.0823 5948	FTSER2K - ok
01:28:05.0827 5948	fvevol - ok
01:28:05.0831 5948	gagp30kx - ok
01:28:05.0834 5948	GEARAspiWDM - ok
01:28:05.0839 5948	gpsvc - ok
01:28:05.0844 5948	gupdate - ok
01:28:05.0862 5948	gupdatem - ok
01:28:05.0865 5948	hcw85cir - ok
01:28:05.0870 5948	HdAudAddService - ok
01:28:05.0874 5948	HDAudBus - ok
01:28:05.0879 5948	HECIx64 - ok
01:28:05.0882 5948	HidBatt - ok
01:28:05.0886 5948	HidBth - ok
01:28:05.0891 5948	HidIr - ok
01:28:05.0894 5948	hidserv - ok
01:28:05.0898 5948	HidUsb - ok
01:28:05.0902 5948	hkmsvc - ok
01:28:05.0906 5948	HomeGroupListener - ok
01:28:05.0911 5948	HomeGroupProvider - ok
01:28:05.0924 5948	HP Power Assistant Service - ok
01:28:05.0931 5948	HP ProtectTools Service - ok
01:28:05.0935 5948	HP Support Assistant Service - ok
01:28:05.0940 5948	HP Wireless Assistant Service - ok
01:28:05.0945 5948	Hp.Skyroom.Windows.Service - ok
01:28:05.0949 5948	HPDayStarterService - ok
01:28:05.0954 5948	HPDrvMntSvc.exe - ok
01:28:05.0958 5948	hpdskflt - ok
01:28:05.0962 5948	HpFkCryptService - ok
01:28:05.0966 5948	HpqKbFiltr - ok
01:28:05.0971 5948	hpqwmiex - ok
01:28:05.0975 5948	HpSAMD - ok
01:28:05.0981 5948	hpsrv - ok
01:28:05.0986 5948	HTTP - ok
01:28:05.0990 5948	hwpolicy - ok
01:28:05.0994 5948	i8042prt - ok
01:28:05.0998 5948	IAANTMON - ok
01:28:06.0001 5948	iaStor - ok
01:28:06.0005 5948	iaStorV - ok
01:28:06.0009 5948	idsvc - ok
01:28:06.0012 5948	iirsp - ok
01:28:06.0015 5948	IKEEXT - ok
01:28:06.0032 5948	Intel(R) PROSet Monitoring Service - ok
01:28:06.0035 5948	intelide - ok
01:28:06.0040 5948	intelppm - ok
01:28:06.0044 5948	IPBusEnum - ok
01:28:06.0049 5948	IpFilterDriver - ok
01:28:06.0053 5948	iphlpsvc - ok
01:28:06.0057 5948	IPMIDRV - ok
01:28:06.0061 5948	IPNAT - ok
01:28:06.0065 5948	iPod Service - ok
01:28:06.0069 5948	IRENUM - ok
01:28:06.0074 5948	isapnp - ok
01:28:06.0078 5948	iScsiPrt - ok
01:28:06.0084 5948	IwUSB - ok
01:28:06.0088 5948	kbdclass - ok
01:28:06.0092 5948	kbdhid - ok
01:28:06.0095 5948	KeyIso - ok
01:28:06.0101 5948	KSecDD - ok
01:28:06.0105 5948	KSecPkg - ok
01:28:06.0110 5948	ksthunk - ok
01:28:06.0113 5948	KtmRm - ok
01:28:06.0117 5948	LanmanServer - ok
01:28:06.0120 5948	LanmanWorkstation - ok
01:28:06.0132 5948	LiveUpdate - ok
01:28:06.0136 5948	lltdio - ok
01:28:06.0140 5948	lltdsvc - ok
01:28:06.0145 5948	lmhosts - ok
01:28:06.0149 5948	LMS - ok
01:28:06.0154 5948	LSI_FC - ok
01:28:06.0158 5948	LSI_SAS - ok
01:28:06.0162 5948	LSI_SAS2 - ok
01:28:06.0166 5948	LSI_SCSI - ok
01:28:06.0170 5948	luafv - ok
01:28:06.0174 5948	Mcx2Svc - ok
01:28:06.0178 5948	megasas - ok
01:28:06.0183 5948	MegaSR - ok
01:28:06.0188 5948	MMCSS - ok
01:28:06.0191 5948	Modem - ok
01:28:06.0196 5948	monitor - ok
01:28:06.0200 5948	MOSUMAC - ok
01:28:06.0204 5948	mouclass - ok
01:28:06.0208 5948	mouhid - ok
01:28:06.0212 5948	mountmgr - ok
01:28:06.0223 5948	MozillaMaintenance - ok
01:28:06.0227 5948	mpio - ok
01:28:06.0231 5948	mpsdrv - ok
01:28:06.0235 5948	MpsSvc - ok
01:28:06.0239 5948	MRxDAV - ok
01:28:06.0243 5948	mrxsmb - ok
01:28:06.0247 5948	mrxsmb10 - ok
01:28:06.0251 5948	mrxsmb20 - ok
01:28:06.0255 5948	msahci - ok
01:28:06.0258 5948	msdsm - ok
01:28:06.0262 5948	MSDTC - ok
01:28:06.0270 5948	Msfs - ok
01:28:06.0273 5948	mshidkmdf - ok
01:28:06.0278 5948	msisadrv - ok
01:28:06.0282 5948	MSiSCSI - ok
01:28:06.0285 5948	msiserver - ok
01:28:06.0289 5948	MSKSSRV - ok
01:28:06.0294 5948	msloop - ok
01:28:06.0298 5948	MSPCLOCK - ok
01:28:06.0302 5948	MSPQM - ok
01:28:06.0306 5948	MsRPC - ok
01:28:06.0311 5948	mssmbios - ok
01:28:06.0315 5948	MSSQL$IMES - ok
01:28:06.0318 5948	MSSQLServerADHelper100 - ok
01:28:06.0321 5948	MSTEE - ok
01:28:06.0325 5948	MTConfig - ok
01:28:06.0329 5948	Mup - ok
01:28:06.0333 5948	napagent - ok
01:28:06.0337 5948	NativeWifiP - ok
01:28:06.0342 5948	NAVENG - ok
01:28:06.0346 5948	NAVEX15 - ok
01:28:06.0351 5948	NA_Service - ok
01:28:06.0355 5948	ncplelhp - ok
01:28:06.0358 5948	NDIS - ok
01:28:06.0363 5948	NdisCap - ok
01:28:06.0367 5948	NdisTapi - ok
01:28:06.0372 5948	Ndisuio - ok
01:28:06.0376 5948	NdisWan - ok
01:28:06.0380 5948	NDProxy - ok
01:28:06.0384 5948	NetBIOS - ok
01:28:06.0388 5948	NetBT - ok
01:28:06.0392 5948	Netlogon - ok
01:28:06.0397 5948	Netman - ok
01:28:06.0401 5948	NetMsmqActivator - ok
01:28:06.0406 5948	NetPipeActivator - ok
01:28:06.0410 5948	netprofm - ok
01:28:06.0414 5948	NetTcpActivator - ok
01:28:06.0418 5948	NetTcpPortSharing - ok
01:28:06.0422 5948	NETw5s64 - ok
01:28:06.0426 5948	nfrd960 - ok
01:28:06.0439 5948	NlaSvc - ok
01:28:06.0443 5948	npf - ok
01:28:06.0447 5948	Npfs - ok
01:28:06.0451 5948	nsi - ok
01:28:06.0455 5948	nsiproxy - ok
01:28:06.0460 5948	NSNDIS5 - ok
01:28:06.0466 5948	Ntfs - ok
01:28:06.0470 5948	NTGUARD - ok
01:28:06.0476 5948	Null - ok
01:28:06.0479 5948	nusb3hub - ok
01:28:06.0484 5948	nusb3xhc - ok
01:28:06.0487 5948	nvlddmkm - ok
01:28:06.0491 5948	nvraid - ok
01:28:06.0496 5948	nvstor - ok
01:28:06.0500 5948	nvsvc - ok
01:28:06.0504 5948	nv_agp - ok
01:28:06.0510 5948	NxDrv - ok
01:28:06.0515 5948	OCTsvcLenzeDigitec - ok
01:28:06.0519 5948	ODMV3 - ok
01:28:06.0522 5948	ohci1394 - ok
01:28:06.0526 5948	OpcEnum - ok
01:28:06.0530 5948	ose - ok
01:28:06.0536 5948	p2pimsvc - ok
01:28:06.0540 5948	p2psvc - ok
01:28:06.0544 5948	PAC7302 - ok
01:28:06.0548 5948	Parport - ok
01:28:06.0552 5948	partmgr - ok
01:28:06.0558 5948	PBUS - ok
01:28:06.0562 5948	PcaSvc - ok
01:28:06.0565 5948	pci - ok
01:28:06.0569 5948	pciide - ok
01:28:06.0574 5948	pcmcia - ok
01:28:06.0577 5948	pcw - ok
01:28:06.0582 5948	PdiService - ok
01:28:06.0586 5948	PEAUTH - ok
01:28:06.0589 5948	PeerDistSvc - ok
01:28:06.0594 5948	PerfHost - ok
01:28:06.0605 5948	pla - ok
01:28:06.0610 5948	PlugPlay - ok
01:28:06.0614 5948	PNRPAutoReg - ok
01:28:06.0618 5948	PNRPsvc - ok
01:28:06.0623 5948	Point64 - ok
01:28:06.0628 5948	PolicyAgent - ok
01:28:06.0634 5948	Power - ok
01:28:06.0638 5948	PptpMiniport - ok
01:28:06.0642 5948	Processor - ok
01:28:06.0647 5948	ProfSvc - ok
01:28:06.0651 5948	ProtectedStorage - ok
01:28:06.0655 5948	Psched - ok
01:28:06.0659 5948	PSSDK42 - ok
01:28:06.0663 5948	ql2300 - ok
01:28:06.0667 5948	ql40xx - ok
01:28:06.0671 5948	QWAVE - ok
01:28:06.0675 5948	QWAVEdrv - ok
01:28:06.0679 5948	RapiMgr - ok
01:28:06.0683 5948	RasAcd - ok
01:28:06.0687 5948	RasAgileVpn - ok
01:28:06.0691 5948	RasAuto - ok
01:28:06.0694 5948	Rasl2tp - ok
01:28:06.0698 5948	RasMan - ok
01:28:06.0702 5948	RasPppoe - ok
01:28:06.0705 5948	RasSstp - ok
01:28:06.0709 5948	rdbss - ok
01:28:06.0712 5948	rdpbus - ok
01:28:06.0715 5948	RDPCDD - ok
01:28:06.0722 5948	RDPDR - ok
01:28:06.0727 5948	RDPENCDD - ok
01:28:06.0733 5948	RDPREFMP - ok
01:28:06.0737 5948	RDPWD - ok
01:28:06.0741 5948	rdyboost - ok
01:28:06.0744 5948	RemoteAccess - ok
01:28:06.0748 5948	RemoteRegistry - ok
01:28:06.0751 5948	RFCOMM - ok
01:28:06.0756 5948	rgsender - ok
01:28:06.0760 5948	rimmptsk - ok
01:28:06.0766 5948	rimspci - ok
01:28:06.0771 5948	rimsptsk - ok
01:28:06.0777 5948	risdpcie - ok
01:28:06.0782 5948	rismcx64 - ok
01:28:06.0787 5948	rismxdp - ok
01:28:06.0792 5948	rixdpcie - ok
01:28:06.0797 5948	rpcapd - ok
01:28:06.0801 5948	RpcEptMapper - ok
01:28:06.0805 5948	RpcLocator - ok
01:28:06.0810 5948	RpcSs - ok
01:28:06.0813 5948	rspndr - ok
01:28:06.0817 5948	RsvLock - ok
01:28:06.0821 5948	s0017bus - ok
01:28:06.0825 5948	s0017mdfl - ok
01:28:06.0829 5948	s0017mdm - ok
01:28:06.0833 5948	s0017mgmt - ok
01:28:06.0837 5948	s0017nd5 - ok
01:28:06.0841 5948	s0017obex - ok
01:28:06.0845 5948	s0017unic - ok
01:28:06.0849 5948	s3cap - ok
01:28:06.0852 5948	S3XXx64 - ok
01:28:06.0857 5948	SafeBoot - ok
01:28:06.0861 5948	SamSs - ok
01:28:06.0865 5948	SbAlg - ok
01:28:06.0869 5948	SbFsLock - ok
01:28:06.0873 5948	sbp2port - ok
01:28:06.0877 5948	SCardSvr - ok
01:28:06.0882 5948	scfilter - ok
01:28:06.0886 5948	Schedule - ok
01:28:06.0890 5948	SCPolicySvc - ok
01:28:06.0894 5948	sdbus - ok
01:28:06.0899 5948	SDRSVC - ok
01:28:06.0903 5948	secdrv - ok
01:28:06.0907 5948	seclogon - ok
01:28:06.0911 5948	SENS - ok
01:28:06.0914 5948	SensrSvc - ok
01:28:06.0918 5948	Serenum - ok
01:28:06.0921 5948	Serial - ok
01:28:06.0926 5948	sermouse - ok
01:28:06.0935 5948	SessionEnv - ok
01:28:06.0939 5948	sffdisk - ok
01:28:06.0943 5948	sffp_mmc - ok
01:28:06.0947 5948	sffp_sd - ok
01:28:06.0951 5948	sfloppy - ok
01:28:06.0954 5948	SharedAccess - ok
01:28:06.0958 5948	ShellHWDetection - ok
01:28:06.0963 5948	SilvrLnk - ok
01:28:06.0967 5948	SiSRaid2 - ok
01:28:06.0971 5948	SiSRaid4 - ok
01:28:06.0975 5948	SkypeUpdate - ok
01:28:06.0979 5948	Smb - ok
01:28:06.0983 5948	SmcService - ok
01:28:06.0992 5948	SNAC - ok
01:28:07.0000 5948	SNMPTRAP - ok
01:28:07.0004 5948	SNP2UVC - ok
01:28:07.0013 5948	SONICWALL_NetExtender - ok
01:28:07.0018 5948	Sony PC Companion - ok
01:28:07.0023 5948	spldr - ok
01:28:07.0027 5948	Spooler - ok
01:28:07.0031 5948	sppsvc - ok
01:28:07.0034 5948	sppuinotify - ok
01:28:07.0037 5948	SQLAgent$IMES - ok
01:28:07.0041 5948	SQLBrowser - ok
01:28:07.0046 5948	SQLWriter - ok
01:28:07.0050 5948	SRTSP - ok
01:28:07.0053 5948	SRTSPL - ok
01:28:07.0057 5948	SRTSPX - ok
01:28:07.0061 5948	srv - ok
01:28:07.0064 5948	srv2 - ok
01:28:07.0067 5948	srvnet - ok
01:28:07.0071 5948	SSDPSRV - ok
01:28:07.0075 5948	SstpSvc - ok
01:28:07.0079 5948	STacSV - ok
01:28:07.0085 5948	Stereo Service - ok
01:28:07.0089 5948	stexstor - ok
01:28:07.0093 5948	STHDA - ok
01:28:07.0097 5948	stisvc - ok
01:28:07.0101 5948	storflt - ok
01:28:07.0105 5948	StorSvc - ok
01:28:07.0109 5948	storvsc - ok
01:28:07.0113 5948	swenum - ok
01:28:07.0117 5948	SWGVCSvc - ok
01:28:07.0120 5948	SWIPsec - ok
01:28:07.0124 5948	swprv - ok
01:28:07.0127 5948	SWVNIC - ok
01:28:07.0131 5948	Symantec AntiVirus - ok
01:28:07.0144 5948	SymEvent - ok
01:28:07.0147 5948	SynTP - ok
01:28:07.0151 5948	SysMain - ok
01:28:07.0155 5948	TabletInputService - ok
01:28:07.0161 5948	TapiSrv - ok
01:28:07.0165 5948	TBS - ok
01:28:07.0168 5948	Tcpip - ok
01:28:07.0171 5948	TCPIP6 - ok
01:28:07.0176 5948	tcpipreg - ok
01:28:07.0181 5948	TDPIPE - ok
01:28:07.0185 5948	TDTCP - ok
01:28:07.0189 5948	tdx - ok
01:28:07.0194 5948	TeamViewer5 - ok
01:28:07.0199 5948	TeamViewer7 - ok
01:28:07.0203 5948	Teefer2 - ok
01:28:07.0207 5948	TermDD - ok
01:28:07.0212 5948	TermService - ok
01:28:07.0216 5948	Themes - ok
01:28:07.0220 5948	THREADORDER - ok
01:28:07.0225 5948	TIGLUSB - ok
01:28:07.0230 5948	TPM - ok
01:28:07.0235 5948	TrkWks - ok
01:28:07.0239 5948	TrustedInstaller - ok
01:28:07.0245 5948	tssecsrv - ok
01:28:07.0251 5948	TsUsbFlt - ok
01:28:07.0255 5948	tunnel - ok
01:28:07.0260 5948	TwkMs - ok
01:28:07.0264 5948	TWKSER2K - ok
01:28:07.0268 5948	uagp35 - ok
01:28:07.0272 5948	udfs - ok
01:28:07.0281 5948	UI0Detect - ok
01:28:07.0285 5948	uliagpkx - ok
01:28:07.0289 5948	umbus - ok
01:28:07.0293 5948	UmPass - ok
01:28:07.0297 5948	UmRdpService - ok
01:28:07.0301 5948	UnlockerDriver5 - ok
01:28:07.0305 5948	UNS - ok
01:28:07.0309 5948	upnphost - ok
01:28:07.0320 5948	usbaudio - ok
01:28:07.0325 5948	usbccgp - ok
01:28:07.0329 5948	usbcir - ok
01:28:07.0333 5948	usbehci - ok
01:28:07.0336 5948	usbhub - ok
01:28:07.0339 5948	usbohci - ok
01:28:07.0342 5948	usbprint - ok
01:28:07.0346 5948	USBSTOR - ok
01:28:07.0350 5948	usbuhci - ok
01:28:07.0354 5948	usbvideo - ok
01:28:07.0359 5948	UxSms - ok
01:28:07.0362 5948	VaultSvc - ok
01:28:07.0367 5948	vcsFPService - ok
01:28:07.0371 5948	vdrvroot - ok
01:28:07.0375 5948	vds - ok
01:28:07.0378 5948	vga - ok
01:28:07.0382 5948	VgaSave - ok
01:28:07.0386 5948	vhdmp - ok
01:28:07.0390 5948	viaide - ok
01:28:07.0393 5948	vmbus - ok
01:28:07.0396 5948	VMBusHID - ok
01:28:07.0402 5948	vnet - ok
01:28:07.0406 5948	volmgr - ok
01:28:07.0410 5948	volmgrx - ok
01:28:07.0414 5948	volsnap - ok
01:28:07.0419 5948	vpcbus - ok
01:28:07.0423 5948	vpcnfltr - ok
01:28:07.0428 5948	vpcusb - ok
01:28:07.0433 5948	vpcuxd - ok
01:28:07.0437 5948	vpcvmm - ok
01:28:07.0441 5948	vpnagent - ok
01:28:07.0446 5948	vpnva - ok
01:28:07.0450 5948	vsmraid - ok
01:28:07.0455 5948	VSPerfDrv100 - ok
01:28:07.0460 5948	VSS - ok
01:28:07.0464 5948	vwifibus - ok
01:28:07.0469 5948	vwififlt - ok
01:28:07.0473 5948	vwifimp - ok
01:28:07.0476 5948	W32Time - ok
01:28:07.0482 5948	WacomPen - ok
01:28:07.0487 5948	WANARP - ok
01:28:07.0490 5948	Wanarpv6 - ok
01:28:07.0494 5948	WatAdminSvc - ok
01:28:07.0499 5948	wbengine - ok
01:28:07.0504 5948	WbioSrvc - ok
01:28:07.0509 5948	WcesComm - ok
01:28:07.0514 5948	wcncsvc - ok
01:28:07.0518 5948	WcsPlugInService - ok
01:28:07.0522 5948	Wd - ok
01:28:07.0525 5948	Wdf01000 - ok
01:28:07.0529 5948	WdiServiceHost - ok
01:28:07.0534 5948	WdiSystemHost - ok
01:28:07.0539 5948	WebClient - ok
01:28:07.0543 5948	Wecsvc - ok
01:28:07.0548 5948	wercplsupport - ok
01:28:07.0552 5948	WerSvc - ok
01:28:07.0557 5948	WfpLwf - ok
01:28:07.0560 5948	WIMMount - ok
01:28:07.0564 5948	WinDefend - ok
01:28:07.0571 5948	WinHttpAutoProxySvc - ok
01:28:07.0575 5948	Winmgmt - ok
01:28:07.0579 5948	WinRM - ok
01:28:07.0587 5948	WinUSB - ok
01:28:07.0591 5948	Wlansvc - ok
01:28:07.0597 5948	wlidsvc - ok
01:28:07.0602 5948	WmiAcpi - ok
01:28:07.0609 5948	wmiApSrv - ok
01:28:07.0614 5948	WMPNetworkSvc - ok
01:28:07.0619 5948	WPCSvc - ok
01:28:07.0623 5948	WPDBusEnum - ok
01:28:07.0627 5948	WPS - ok
01:28:07.0632 5948	WpsHelper - ok
01:28:07.0637 5948	ws2ifsl - ok
01:28:07.0640 5948	wscsvc - ok
01:28:07.0644 5948	WSearch - ok
01:28:07.0651 5948	WTNetUSB - ok
01:28:07.0657 5948	wuauserv - ok
01:28:07.0660 5948	WudfPf - ok
01:28:07.0665 5948	WUDFRd - ok
01:28:07.0669 5948	wudfsvc - ok
01:28:07.0674 5948	WwanSvc - ok
01:28:07.0683 5948	{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
01:28:07.0723 5948	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
01:28:08.0114 5948	\Device\Harddisk0\DR0 - ok
01:28:08.0115 5948	============================================================
01:28:08.0115 5948	Scan finished
01:28:08.0115 5948	============================================================
01:28:08.0128 5040	Detected object count: 0
01:28:08.0128 5040	Actual detected object count: 0

sG
Cyberling2

markusg · 11.07.2012, 22:32

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Cyberling2 · 12.07.2012, 00:30

Hallo markusg!

Anbei die Combofix.txt

Code:

ATTFilter

ComboFix 12-07-11.03 - Walter 12.07.2012   0:35.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.8119.5449 [GMT 2:00]
ausgeführt von:: c:\users\Walter\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\facemoods.com
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.crx
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.png
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsApp.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsEng.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\faCEmoodstlbr.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe
C:\Thumbs.db
c:\users\Walter\AppData\Local\assembly\tmp
c:\users\Walter\AppData\Roaming\.#
c:\windows\jestertb.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\SysWow64\drivers\str.sys
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-06-11 bis 2012-07-11  ))))))))))))))))))))))))))))))
.
.
2012-07-11 22:51 . 2012-07-11 22:51	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-11 22:51 . 2012-07-11 22:51	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2012-07-11 00:36 . 2012-07-11 00:36	--------	d-----w-	c:\users\Walter\AppData\Roaming\Microsoft Robocopy GUI
2012-07-09 22:56 . 2012-07-09 22:57	--------	d-----w-	C:\Privat
2012-07-07 22:58 . 2012-07-05 11:02	95744	----a-w-	c:\windows\system32\pdfcmon.dll
2012-07-07 22:58 . 2012-07-07 22:58	--------	d-----w-	c:\program files (x86)\PDFCreator
2012-07-07 22:58 . 1998-07-06 16:55	158208	----a-w-	c:\windows\SysWow64\MSCMCDE.DLL
2012-07-07 22:58 . 1998-07-05 23:00	23552	----a-w-	c:\windows\SysWow64\MSMPIDE.DLL
2012-07-02 06:39 . 2012-07-02 07:11	--------	d-----w-	c:\users\Walter\.jenny
2012-06-17 23:26 . 2012-06-17 23:26	770384	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-17 23:26 . 2012-06-17 23:26	421200	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-14 22:49 . 2012-06-14 22:49	--------	d-----w-	c:\users\Walter\AppData\Local\Macromedia
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2059-09-15 22:17 . 2011-10-04 12:20	44032	----a-w-	c:\windows\SysWow64\temp.027
2028-10-15 22:17 . 2011-10-04 12:20	1101312	----a-w-	c:\windows\SysWow64\temp.026
2012-07-07 10:36 . 2012-04-04 08:46	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-07 10:36 . 2011-06-01 20:53	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-06 10:30 . 2012-03-28 07:13	16014	----a-w-	c:\users\Walter\advanced_ip_scanner_MAC.bin
2012-05-05 13:37 . 2012-04-14 08:37	8744608	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-27 11:27 . 2012-06-05 16:31	8047424	----a-w-	c:\windows\system32\nvcuda.dll
2012-04-27 11:27 . 2012-06-05 16:31	5925184	----a-w-	c:\windows\SysWow64\nvcuda.dll
2012-04-27 11:27 . 2012-06-05 16:31	2873664	----a-w-	c:\windows\system32\nvcuvenc.dll
2012-04-27 11:27 . 2012-06-05 16:31	2673984	----a-w-	c:\windows\system32\nvcuvid.dll
2012-04-27 11:27 . 2012-06-05 16:31	25626432	----a-w-	c:\windows\system32\nvoglv64.dll
2012-04-27 11:27 . 2012-06-05 16:31	25224512	----a-w-	c:\windows\system32\nvcompiler.dll
2012-04-27 11:27 . 2012-06-05 16:31	2518336	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2012-04-27 11:27 . 2012-06-05 16:31	2438464	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2012-04-27 11:27 . 2012-06-05 16:31	19510592	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2012-04-27 11:27 . 2012-06-05 16:31	17543488	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2012-04-27 11:27 . 2012-06-05 16:31	14398272	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2012-04-27 11:27 . 2012-05-18 22:53	1737536	----a-w-	c:\windows\system32\nvdispco64.dll
2012-04-27 11:27 . 2012-05-18 22:53	1466176	----a-w-	c:\windows\system32\nvgenco64.dll
2012-04-27 11:27 . 2010-12-04 04:45	7742784	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2012-04-27 11:27 . 2010-12-04 04:45	68928	----a-w-	c:\windows\system32\OpenCL.dll
2012-04-27 11:27 . 2010-12-04 04:45	61248	----a-w-	c:\windows\SysWow64\OpenCL.dll
2012-04-27 11:27 . 2010-12-04 04:45	2324288	----a-w-	c:\windows\SysWow64\nvapi.dll
2012-04-27 11:27 . 2010-02-19 04:11	9749312	----a-w-	c:\windows\system32\nvwgf2umx.dll
2012-04-27 11:27 . 2010-02-19 04:11	2685760	----a-w-	c:\windows\system32\nvapi64.dll
2012-04-27 11:27 . 2010-02-19 04:11	17675584	----a-w-	c:\windows\system32\nvd3dumx.dll
2012-04-27 11:27 . 2010-02-19 04:11	15036736	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2012-04-27 09:51 . 2010-12-04 03:45	6103360	----a-w-	c:\windows\system32\nvcpl.dll
2012-04-27 09:49 . 2010-12-04 03:45	3092800	----a-w-	c:\windows\system32\nvsvc64.dll
2012-04-27 09:49 . 2010-12-04 03:45	889664	----a-w-	c:\windows\system32\nvvsvc.exe
2012-04-27 09:49 . 2010-02-19 06:10	63296	----a-w-	c:\windows\system32\nvshext.dll
2012-04-27 09:49 . 2012-06-05 08:28	55616	----a-w-	c:\windows\system32\nv3dappshextr.dll
2012-04-27 09:49 . 2010-12-04 03:45	850752	----a-w-	c:\windows\system32\nv3dappshext.dll
2012-04-27 09:49 . 2010-12-04 03:45	118080	----a-w-	c:\windows\system32\nvmctray.dll
2012-04-27 09:49 . 2010-02-19 06:10	2561856	----a-w-	c:\windows\system32\nvsvcr.dll
2012-04-27 01:33 . 2012-04-27 01:33	417600	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2012-04-22 21:16 . 2012-04-22 21:16	767768	----a-w-	c:\users\Walter\AppData\Roaming\Microsoft\Windows\Templates\Transmiti.exe
1997-09-03 22:00 . 2010-12-20 16:54	311296	----a-w-	c:\program files (x86)\Common Files\msacc8.olb
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WizMouse"="c:\program files (x86)\WizMouse\WizMouse.exe" [2010-12-17 115504]
"NetSetMan"="c:\program files (x86)\NetSetMan\netsetman.exe" [2012-05-17 4966184]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-03 17417392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 287800]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-21 106496]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2009-11-04 111640]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-17 75048]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-08-01 115560]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2011-07-20 523216]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"ACPW05DE"="c:\program files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe" [2011-11-16 822384]
"ODMV3Tray"="c:\program files (x86)\Common Files\Hilscher\ODMV3\ODMTray.exe" [2011-04-26 73728]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 229376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-03-28 309184]
.
c:\users\Walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockFree\ObjectDock.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-30 1082656]
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2011-12-16 8186256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 TwkMs;CHIPDRIVE Mouse Adapter; [x]
R1 PBUS;PBUS; [x]
R1 SWIPsec;SonicWALL IPsec Driver;c:\windows\system32\Drivers\SWIPsec.sys [2009-03-05 99352]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 136176]
R2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
R2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-10-29 79360]
R2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-12-11 55808]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys [2011-07-20 94864]
R3 BR.AS.VersionChangerService;BR.AS.VersionChangerService;c:\windows\SysWOW64\BR.AS.VersionChangerService.exe [2009-07-15 155648]
R3 BrDiskImageSvcx;B&R Disk Image;d:\bur\Automation\PVI\V3.00.02\PVI\Tools\PviTransfer\BrDiskImageSvc.exe [2011-11-15 61952]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 35104]
R3 CHIPDRIVE USB SmartCardReader;CHIPDRIVE USB SmartCardReader;c:\windows\system32\DRIVERS\TwkUsb2K.sys [x]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 136176]
R3 IwUSB;IwUSB;c:\windows\system32\Drivers\iwusb_x64.sys [2009-10-07 47104]
R3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\DRIVERS\USBMAC64.SYS [2009-12-07 55296]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 ncplelhp;WatchGuard Secure Client NDIS6 Driver;c:\windows\system32\DRIVERS\ncplelhp.sys [2010-02-23 151272]
R3 NTGUARD;NTGUARD;c:\program files (x86)\IKARUS\virus.utilities\bin\ntguard_x64.sys [x]
R3 OCTsvcLenzeDigitec;OCTsvcLenzeDigitec;c:\program files (x86)\Lenze\Lenze Digitec OPC Tunnel\OCTsvc.exe [x]
R3 ODMV3;ODMV3;c:\program files (x86)\Common Files\Hilscher\ODMV3\ODMV3.exe [2011-04-26 364544]
R3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2011-09-12 53312]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys [2011-09-07 70016]
R3 SilvrLnk;SilverLink (USB GraphLink) Cable;c:\windows\system32\DRIVERS\silvrlnk.sys [2009-09-10 129536]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 SWVNIC;SonicWALL Virtual Miniport;c:\windows\system32\DRIVERS\swvnic.sys [2009-03-04 24600]
R3 TIGLUSB;TiglUsb.Sys TI-GRAPH/DIRECT LINK USB driver;c:\windows\system32\Drivers\TIGLUSB.sys [2006-05-24 30208]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TWKSER2K;CHIPDRIVE Serial SmartCardReader;c:\windows\system32\DRIVERS\TWKSER2K.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys [2010-09-02 17408]
R3 vpcuxd;USB-Virtualisierungsstubdienst;c:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-01-18 68440]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-05 1255736]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]
R4 SQLAgent$IMES;SQL Server-Agent (IMES);c:\program files (x86)\Arec\Imes21\Database\MSSQL10.IMES\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2012-03-19 89536]
S1 RsvLock;RsvLock; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/18 20:06];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2011-09-22 13:38 146928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-11-07 89600]
S2 BrAuthorizationSvcx;B&R Authorization;d:\bur\Automation\AsTools\BrAuthorization\BrAuthorizationSvc.exe [2008-12-18 40960]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-12-16 2368912]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-10-19 32768]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 Hp.Skyroom.Windows.Service;HP SkyRoom;c:\program files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [2009-11-20 124984]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-06-14 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-01 281192]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2012-03-12 190120]
S2 MSSQL$IMES;SQL Server (IMES);c:\program files (x86)\Arec\Imes21\Database\MSSQL10.IMES\MSSQL\Binn\sqlservr.exe [2011-09-22 43028328]
S2 NA_Service;NetAccess Service;c:\windows\system32\NA_Service.exe [2009-09-11 105472]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2012-03-28 47632]
S2 rgsender;Remote Graphics Sender Service;c:\program files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [2009-11-19 379904]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-04-27 382272]
S2 SWGVCSvc;SonicWALL Global VPN Client Service;c:\program files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe [2009-03-05 284696]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2011-03-17 2025336]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2011-07-20 468432]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-02-01 704512]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-21 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-21 177152]
S3 NxDrv;SonicWALL NetExtender Adapter;c:\windows\system32\DRIVERS\NxDrv.sys [2009-10-21 24264]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 rismcx64;RICOH Smart Card Reader;c:\windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WTNetUSB;W&T USB Redirector;c:\windows\system32\DRIVERS\WTNetUSB.sys [2010-11-16 107544]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 10:37]
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14 10:37]
.
2012-07-10 c:\windows\Tasks\HPCeeScheduleForWalter.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 11:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	99080	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	99080	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	99080	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	99080	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	99080	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	99080	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	99080	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	99080	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55	99080	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2010-04-05 186904]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"SonicWALLNetExtender"="c:\program files (x86)\SonicWALL\SSL-VPN\NetExtender\NEGui.exe" [2010-06-22 1103744]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-11-07 489472]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-04-27 1694016]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2012-03-14 15232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.babylon.com/?AF=109958&babsrc=HP_ss&mntrId=e838735300000000000002004c4f4f50
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 172.16.48.2
TCP: Interfaces\{ABB5DBA0-9F93-4AD2-B690-DAE054317E0E}\74163747E65647A7: DhcpNameServer = 178.15.89.147
TCP: Interfaces\{ABB5DBA0-9F93-4AD2-B690-DAE054317E0E}\C414E413F523: DhcpNameServer = 82.139.223.34 81.92.15.34
DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} - hxxps://80.150.130.178/CACHE/stc/1/binaries/vpnweb.cab
FF - ProfilePath - c:\users\Walter\AppData\Roaming\Mozilla\Firefox\Profiles\arcp2orw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.at/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=109958&babsrc=adbartrp&mntrId=e838735300000000000002004c4f4f50&q=
FF - prefs.js: network.proxy.type - 255
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109958
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - e838735300000000000002004c4f4f50
FF - user.js: extensions.BabylonToolbar_i.hardId - e838735300000000000002004c4f4f50
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15452
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:16
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-LightScribe Control Panel - c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
Wow6432Node-HKCU-Run-Sony PC Companion - c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
Wow6432Node-HKLM-Run-UnlockerAssistant - c:\program files (x86)\Unlocker\UnlockerAssistant.exe
Wow6432Node-HKLM-Run-ASuite - e:\launcher\ASuite.exe
Wow6432Node-HKLM-Run-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
SafeBoot-Symantec Antvirus
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Automation Studio AS2.7.0 Deutsch - d:\bur\Automation\As27000de\Uninstall_Automation Studio AS2.7.0
AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.032"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.abr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.amr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.apd"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.arw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bay"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.bmp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bwf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cel"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cr2"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.crw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cs1"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.dcx"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.dib"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djv"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djvu"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dng"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.emf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.eps"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.erf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fff"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.flc"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fli"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fpx"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.gif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.hdr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icn"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iff"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ilbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.int"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.inta"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iw4"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2c"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2k"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jbr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jfif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jp2"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpc"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jpe"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jpeg"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.jpg"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpk"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpx"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.kar"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.kdc"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.lbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m15"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m1a"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m2a"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m75"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mef"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mos"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mpv"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mrw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nef"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nrw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.orf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbr"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcd"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pct"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.pcx"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pef"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pgm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.pic"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pics"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pict"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pix"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.png"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ppm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psd"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspbrush"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspimage"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.qcp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.qtpf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.raf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ras"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.raw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgb"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgba"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.rle"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rsb"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rw2"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rwl"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sdv"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sfil"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sgi"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.smf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.smi"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.smil"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sml"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sr2"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.swa"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.tga"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.thm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.tif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.tiff"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ulw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.v30po"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.v30pp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.v30ppf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40po\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40po"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40pp\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40pp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40ppf\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40ppf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.vfw"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.wbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.wbmp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.wmf"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xbm"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
"Progid"="ACDSee Pro 5.xif"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (S-1-5-21-3666505791-3733807107-1117362460-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_USERS\S-1-5-21-3666505791-3733807107-1117362460-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\9*]
"7040111900063D11C8EF10054038389C"="C?\\windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-12  01:20:34
ComboFix-quarantined-files.txt  2012-07-11 23:20
.
Vor Suchlauf: 26 Verzeichnis(se), 90.521.935.872 Bytes frei
Nach Suchlauf: 33 Verzeichnis(se), 95.657.373.696 Bytes frei
.
- - End Of File - - C87CDEAEF4182CC80B9F180790C16A52

Danke für die Unterstützung
Cyberling2

markusg · 14.07.2012, 11:24

ist noch werbung aufgetreten?
lade den CCleaner standard:
CCleaner Download - CCleaner 3.20.1750
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Cyberling2 · 14.07.2012, 22:53

Hallo markusg!

Danke für Deine Mühe!
Bin noch am schauen (bin noch nicht sicher),
aber bis jetzt hatte ich keine Werbung mehr.

Vorerst Danke.
Ich hoffe, dass ich deine super Unterstützung
für so etwas nicht mehr baruche (nicht
falsch verstehen!).

lG
Cyberling2

10.07.2012, 22:15	#2
markusg /// Malware-holic	Quälende Werbung Rechts Unten hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten __________________ __________________

Quälende Werbung Rechts Unten

Plagegeister aller Art und deren Bekämpfung: Quälende Werbung Rechts Unten