| |
| |||||||
Log-Analyse und Auswertung: Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- OnlinebankingWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
04.02.2014, 12:15
| #1 |
| |  Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Hallo helfende Hand  mir ist aufgefallen, dass mein Laptop sich merkwürdig verhält! (Toshiba Satellite-Windows7-SP1-Firefox) es fing an, dass ich nicht mehr in meinen Internetoptionen reingekommen bin, über die Systemsteuerung! Des weiteren funzt auch der Firefox nicht mehr so wie ich es gewohnt bin! ich habe einige Websites in der Jumpliste von Firefox angeheftet, die ich immer auf diesen Weg angewählt habe um ein externen TAB zu öffnen & somit direkt auf meine angehefteten Sites zu landen. Egal aber wie oft ich den Firefox schon deinstalliert habe, leitet er mich immer wieder auf Google zurück. Ich habe mal einen Scan durchgeführt mit HitmanPro & der fand 3 Malware, 1 Riskware & auch einen Trojan namens eGdpSvc.exe! Alle sind z.Z. in Quarantäne  Was mich aber am meisten beängstigt ist, dass mir beim Onlinebanking erzählt wird, dass die Tan schon verbraucht ist! Deshalb wende ich mich an Euch, da ich aufs banking nicht verzichten kann! Hoffe alles richtig beachtet zu haben & hoffe mir kann geholfen werden?! LG Sanchoss Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Sascha & Nancy (administrator) on TOSHIBA on 04-02-2014 10:41:29
Running from C:\Users\Sascha & Nancy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft) C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-03-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [ProtectedNET] - C:\Users\Sascha & Nancy\Desktop\Laufwerk\Jappy Rang + Credit Hack by JiNNy.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Run: [logger] - wscript.exe //B "C:\Users\SASCHA~1\AppData\Local\Temp\logger.vbs" <===== ATTENTION
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Run: [AppsHat] - C:\Users\Sascha & Nancy\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: F - F:\Windows\StartFreeStyle.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {03692143-0ef0-11e3-b86b-00266ca80786} - H:\OriginInstaller.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b62b-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b632-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b65e-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {16737d40-ef63-11e2-bb4d-00266ca80786} - F:\Windows\StartFreeStyle.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {25143ae8-a14c-11e0-bd9d-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {25143aee-a14c-11e0-bd9d-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {41b933f8-27bd-11e1-90f6-00266ca80786} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {46866801-485f-11e1-8d41-00266ca80786} - F:\LGAutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {598939d1-1d9a-11e1-bab4-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {598939d6-1d9a-11e1-bab4-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {99948c1c-26f7-11e1-b79e-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {a9856250-36ba-11e2-947c-00266ca80786} - F:\zdata\cobi.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {f6528305-95ce-11e2-ade5-00266ca80786} - F:\setup.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => File Not Found
AppInit_DLLs: c:\progra~2\movies~1\safety~1\x64\safety~2.dll => File Not Found
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies toolbar\safetynut\safetycrt.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=1367078727
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = https://isearch.avg.com/?cid={D4128F4D-FFC4-4AD1-8D6B-8FA976F2493E}&mid=16cd0fb9c80147d1b59ad16f2a4cee75-ca2be2ccc0d80f6eca87e1d1dfbe0cd3c2f66768&lang=en&ds=ft011&pr=sa&d=2012-07-25 16:17:44&v=12.1.0.21&sap=hp
URLSearchHook: HKCU - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=7077985
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=7077985
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {178A504F-74E0-4342-9DF2-00A4A0B137F8} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={ED33D242-60D1-11E2-B3A9-00266CA80786}
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {5319BB5F-8644-FBC1-3546-685F8AE5B160} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=430&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3205709
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - {3F7E5C68-5C60-4FB5-B191-1B04DDDE8979} URL =
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL =
SearchScopes: HKCU - {6ADFBB29-55DE-4137-996D-31FE316578AF} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A5B9220D-875B-4C63-A4B1-AABF1D74E973}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default
FF Homepage: google.de
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\portaldosites.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Escamod - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\escamod@gmx.net0002.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-23]
FF Extension: Tab Mix Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-23]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
Chrome:
=======
CHR Extension: (Zoomex) - C:\Users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc [2013-01-28]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\SASCHA~1\AppData\Local\funmoods.crx [2013-01-28]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\SASCHA~1\AppData\Local\funmoods-speeddial.crx [2012-07-28]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2012-07-28]
CHR HKCU\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKCU\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Sascha & Nancy\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Sascha & Nancy\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
==================== Services (Whitelisted) =================
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [200704 2006-08-11] (InterVideo Inc.)
R2 HeimdalSecureDNS; C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [93856 2013-11-06] (Microsoft)
R2 HeimdalService; C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [132768 2013-11-06] (CSIS Security Group)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1752488 2014-02-04] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 HPSLPSVC; C:\Users\SASCHA~1\AppData\Local\Temp\7zS4921\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2014-02-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-02-25] (WinISO.com)
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S1 pmplcahk; \??\C:\Windows\system32\drivers\pmplcahk.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-04 10:41 - 2014-02-04 10:42 - 00029727 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:41 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-04 10:39 - 2014-02-04 10:40 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Downloads\FRST64.exe
2014-02-04 10:37 - 2014-02-04 10:39 - 00000490 _____ () C:\Users\Sascha & Nancy\Downloads\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 10:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:41 - 2014-02-04 08:42 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:28 - 2014-02-04 08:29 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:12 - 2014-02-04 08:13 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-04 07:59 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-04 07:59 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-04 07:59 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-04 07:58 - 2014-02-04 07:59 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-01-30 12:55 - 2014-01-30 12:58 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:26 - 2014-02-02 14:21 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:22 - 2014-01-23 07:24 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-21 22:34 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-21 22:34 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-21 22:34 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-21 22:34 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-21 22:33 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-21 22:33 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-21 22:33 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-18 12:02 - 2014-02-02 16:44 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:23 - 2014-01-21 08:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 05:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:23 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:23 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:02 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-12 16:02 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-12 16:02 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-12 16:02 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-12 16:02 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-12 16:02 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-12 16:02 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-12 16:02 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-12 16:02 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-12 16:02 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-12 16:02 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-12 16:02 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-12 16:02 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-12 16:02 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-10 14:01 - 2014-01-10 14:02 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
==================== One Month Modified Files and Folders =======
2014-02-04 10:42 - 2014-02-04 10:41 - 00029727 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:42 - 2012-06-13 07:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 10:41 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-04 10:40 - 2014-02-04 10:39 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Downloads\FRST64.exe
2014-02-04 10:39 - 2014-02-04 10:37 - 00000490 _____ () C:\Users\Sascha & Nancy\Downloads\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:37 - 2011-06-09 16:52 - 00000000 ____D () C:\Users\Sascha & Nancy
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:33 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:33 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:31 - 2011-01-24 19:54 - 01786406 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 10:25 - 2013-10-05 18:42 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar
2014-02-04 10:25 - 2013-08-23 09:51 - 00031418 _____ () C:\Windows\setupact.log
2014-02-04 10:25 - 2013-01-12 14:07 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-04 10:25 - 2012-03-19 20:54 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 10:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 10:24 - 2013-10-05 18:43 - 00000000 ____D () C:\ProgramData\Wincert
2014-02-04 10:24 - 2011-10-21 19:25 - 00000000 ____D () C:\Program Files (x86)\BrowserCompanion
2014-02-04 10:24 - 2010-11-16 18:49 - 00806366 _____ () C:\Windows\PFRO.log
2014-02-04 10:16 - 2013-01-17 19:15 - 00000000 ____D () C:\Program Files (x86)\SweetIM
2014-02-04 10:15 - 2013-06-10 07:31 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Omiga Plus
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:57 - 2012-03-19 20:54 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-04 09:11 - 2011-06-10 22:52 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:59 - 2014-02-04 08:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:41 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:37 - 2012-10-21 11:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-04 08:34 - 2011-06-09 16:55 - 00113272 _____ () C:\Users\Sascha & Nancy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-04 08:33 - 2009-07-14 05:45 - 00432024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:29 - 2014-02-04 08:28 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ____D () C:\ProgramData\Skype
2014-02-04 08:24 - 2012-06-13 07:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 08:24 - 2012-06-13 07:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 08:24 - 2012-06-13 07:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:12 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2014-02-04 07:58 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:59 - 2012-06-22 11:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-04 07:55 - 2012-03-19 06:53 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-02-04 07:23 - 2011-06-10 08:54 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Adobe
2014-02-04 07:19 - 2013-01-21 18:38 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-04 07:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-02 16:44 - 2014-01-18 12:02 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-02-02 14:21 - 2014-01-25 12:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-30 12:58 - 2014-01-30 12:55 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:24 - 2014-01-23 07:22 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-23 07:24 - 2013-12-20 10:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:23 - 2011-09-23 06:51 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla
2014-01-21 10:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-21 08:32 - 2014-01-17 17:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-21 08:31 - 2011-01-24 20:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:29 - 2011-06-09 16:52 - 00000000 ___RD () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-21 08:29 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\ShellNew
2014-01-21 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-21 08:27 - 2009-07-14 03:34 - 00000419 _____ () C:\Windows\win.ini
2014-01-21 08:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 08:33 - 2011-09-03 08:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 18:33 - 2009-07-14 18:58 - 07533032 _____ () C:\Windows\system32\perfh007.dat
2014-01-17 18:33 - 2009-07-14 18:58 - 02331660 _____ () C:\Windows\system32\perfc007.dat
2014-01-17 18:33 - 2009-07-14 06:13 - 00005422 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-17 17:27 - 2013-12-05 09:12 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Rocco
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:26 - 2012-07-14 09:44 - 00000000 ____D () C:\Users\Sascha & Nancy\.gimp-2.8
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 22:20 - 2013-08-14 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:18 - 2011-06-13 14:57 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 15:25 - 2011-12-07 16:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Skype
2014-01-15 06:47 - 2012-12-27 15:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Mucke
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:16 - 2012-09-22 08:16 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\SH5
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:28 - 2013-03-19 06:35 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-12 15:52 - 2012-12-28 17:07 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-01-12 12:55 - 2013-12-02 10:33 - 00000000 ____D () C:\Program Files (x86)\Vector Magic
2014-01-12 12:55 - 2013-11-18 19:30 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-01-12 12:55 - 2010-11-16 18:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-10 14:02 - 2014-01-10 14:01 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
2014-01-07 06:07 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-06 20:38 - 2013-09-04 08:43 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\TKKG
Files to move or delete:
====================
C:\Users\Sascha & Nancy\AppData\Roaming\skype.ini
Some content of TEMP:
====================
C:\Users\Sascha & Nancy\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\Delta.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\DeltaTB.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\propsys.dll
C:\Users\Sascha & Nancy\AppData\Local\Temp\SHSetup.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\Uninstall.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\WSSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-17 05:43
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by Sascha & Nancy at 2014-02-04 10:42:54
Running from C:\Users\Sascha & Nancy\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.7.148 - Adobe Systems, Inc.)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: - )
ATI Catalyst Install Manager (Version: 3.0.769.0 - ATI Technologies, Inc.)
Battlefield 3™ (x32 Version: 1.0.0.0 - Electronic Arts)
Bluetooth Stack for Windows by Toshiba (Version: v7.10.16(T) - TOSHIBA CORPORATION)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bundled software uninstaller (x32 Version: - ) <==== ATTENTION
ccc-utility64 (Version: 2010.0426.2136.36953 - ATI) Hidden
CDBurnerXP (x32 Version: 4.5.2.4255 - CDBurnerXP)
Conexant Audio Driver For AMD HDMI Codec (Version: 4.98.26.0 - Conexant)
Conexant HD Audio (Version: 4.119.0.61 - Conexant)
ContentSAFER for Wizmax (x32 Version: - )
Convert AVI to MP4 1.3 (x32 Version: - convertavitomp3.com)
Free M4a to MP3 Converter 7.2 (x32 Version: - ManiacTools.com)
GIMP 2.8.8 (Version: 2.8.8 - The GIMP Team)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GotClip Downloader (x32 Version: - )
Heimdal (x32 Version: 1.8.2.531 - CSIS Security Group)
HitmanPro.Alert (Version: 2.0.9.34 - SurfRight B.V.)
IsoBuster 3.1 (x32 Version: 3.1 - Smart Projects)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (64-bit) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.0.0657.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MP4 To MP3 Converter V3.0.4 (x32 Version: - hxxp://www.MP4ToMP3Converter.net)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
OpenOffice 4.0.0 (x32 Version: 4.00.9702 - Apache Software Foundation)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
ScummVM 1.4.1 (x32 Version: - The ScummVM Team)
Secunia PSI (3.0.0.9016) (x32 Version: 3.0.0.9016 - Secunia)
Skype™ 6.3 (x32 Version: 6.3.105 - Skype Technologies S.A.)
swMSM (x32 Version: - )
Synaptics Pointing Device Driver (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Bulletin Board (Version: 1.6.08.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA PC Health Monitor (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (Version: 2.1.0.5 x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.16.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
WinISO (x32 Version: 6.3.0.4804 - WinISO Computing Inc.)
WinRAR 4.10 (64-Bit) (Version: 4.10.0 - win.rar GmbH)
==================== Restore Points =========================
19-01-2014 03:12:30 Windows Update
19-01-2014 22:41:31 Windows Update
21-01-2014 07:15:54 Windows Modules Installer
21-01-2014 07:24:33 Removed Microsoft Office Professional 2010
21-01-2014 21:33:37 Windows Update
25-01-2014 05:07:24 Windows Update
29-01-2014 04:26:20 Windows Update
01-02-2014 05:15:42 Windows Update
04-02-2014 06:17:43 Removed BlueStacks Notification Center
04-02-2014 06:26:53 Installed Java 7 Update 51 (64-bit)
04-02-2014 06:57:47 Installed Java 7 Update 51
04-02-2014 07:01:26 Windows Update
04-02-2014 08:11:27 Installed MSXML 4.0 SP3 Parser
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1CB99055-AEF9-4736-910E-B880E291399A} - System32\Tasks\Google Updater and Installer => C:\Users\Sascha & Nancy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {2511F56C-248C-49E9-845A-FA3FA079CACD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19] (Google Inc.)
Task: {355A8926-91EF-4759-955B-CC7D6534AEE9} - System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574} => Firefox.exe
Task: {385111CA-A7CC-4C7A-8A3F-99D88066D360} - System32\Tasks\{5425D119-CB66-4278-B098-0F2B3BF05957} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?LastError=1638
Task: {50998153-E4E4-45DA-932D-CBCFFCAF1FC0} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files (x86)\Omiga Plus\omigaplus.exe
Task: {73D72766-0297-4938-BC8B-5107E7884500} - System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B} => Firefox.exe
Task: {8452AD8E-AFE6-48B6-B76D-C2149944B79A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {89763217-B567-4E0C-B721-FC07BFBBB721} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {8C22F9A7-AFA6-4A32-8252-8ABFC51AAB3E} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {91103D62-B0B5-4821-BB0F-DDCA09B9986D} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-06-03] (TOSHIBA CORPORATION)
Task: {9373D6B4-C920-4062-973E-4681A74227F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated)
Task: {9DB225B5-E9C1-4F26-87A7-371F5AE9E922} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {AFEE71C3-20DB-4B88-8A38-3E5479394F0C} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {B6A906E2-509A-4485-883D-4D178D297138} - System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666} => Firefox.exe
Task: {E3CC1CA0-F795-462A-938B-E525D199C031} - System32\Tasks\{C5346126-C226-40CC-9DCA-680DFB303C33} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?LastError=1638
Task: {E5F7A0EF-A657-41BA-B8E6-B576AFFC978F} - System32\Tasks\DealPly => C:\Users\SASCHA~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E998ACB3-CFD6-4FA6-8A0F-4865DCC90CDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19] (Google Inc.)
Task: {ECB0868D-49A2-41D5-A0BF-7B17F27A4DEC} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {F0613224-7154-41D7-BE6E-8D46DE0265CE} - System32\Tasks\Funmoods => C:\Users\SASCHA~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {F944E880-8176-4831-AF7F-09AC34B7A74C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-04-23 13:58 - 2010-04-23 13:58 - 03409256 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2010-04-07 16:07 - 2010-04-07 16:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 13:26 - 2009-11-03 13:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-11-16 18:31 - 2009-06-22 14:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 19:08 - 2009-03-12 19:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 16:38 - 2009-07-25 16:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-03-17 16:01 - 2010-03-17 16:01 - 00578936 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2009-10-13 10:00 - 2009-10-13 10:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-01-24 19:59 - 2011-01-24 19:59 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-02-05 17:44 - 2010-02-05 17:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-23 07:24 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:33B04540
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D287FACF
AlternateDataStreams: C:\ProgramData\TEMP:D3A96964
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/04/2014 09:18:40 AM) (Source: Application Hang) (User: )
Description: Programm Au_.exe, Version 5.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 978
Startzeit: 01cf21800984bee6
Endzeit: 16
Anwendungspfad: C:\Users\SASCHA~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
Berichts-ID:
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
System errors:
=============
Error: (02/04/2014 10:27:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (02/04/2014 10:25:53 AM) (Source: ipnathlp) (User: )
Description: 192.168.178.20192.168.137.0255.255.255.0
Error: (02/04/2014 10:25:53 AM) (Source: ipnathlp) (User: )
Description:
Error: (02/04/2014 09:05:10 AM) (Source: DCOM) (User: )
Description: {A1CC28EB-258A-4B67-BBC2-4DD5D8AF4C8F}
Error: (02/04/2014 09:04:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (02/04/2014 09:02:31 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/04/2014 09:02:31 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.
Error: (02/04/2014 09:02:12 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/04/2014 09:01:45 AM) (Source: ipnathlp) (User: )
Description: 192.168.178.20192.168.137.0255.255.255.0
Error: (02/04/2014 09:01:45 AM) (Source: ipnathlp) (User: )
Description:
Microsoft Office Sessions:
=========================
Error: (02/04/2014 09:18:40 AM) (Source: Application Hang)(User: )
Description: Au_.exe5.0.0.097801cf21800984bee616C:\Users\SASCHA~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
CodeIntegrity Errors:
===================================
Date: 2014-02-04 10:37:28.232
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 10:23:33.021
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 10:13:55.720
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 09:54:45.052
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 09:35:14.723
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 08:55:18.882
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 08:25:42.571
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-12-03 11:55:51.609
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-12-03 11:55:51.593
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 3957.86 MB
Available physical RAM: 2091.77 MB
Total Pagefile: 7913.9 MB
Available Pagefile: 5672.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (WINDOWS) (Fixed) (Total:232.73 GB) (Free:34.04 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.64 GB) (Free:207.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C5B28EA6)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
04.02.2014, 12:30
| #2 |
| /// Malwareteam   |  Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld 
__________________ |
|
04.02.2014, 14:26
| #3 | |
| /// Malwareteam | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Hallo Sanchoss,
__________________mein Name ist Jonas und ich werde dir bei deiner Bereinigung helfen. Diese kann mit viel Arbeit für dich verbunden sein. Bevor wir anfangen können, lies bitte die Bereinigungsregeln und Hinweise:  Regeln zum Ablauf der Bereinigung
Hinweise
Zitat:
Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter cmd: type "C:\Users\SASCHA~1\AppData\Local\Temp\logger.vbs"
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Scan mit Combofix
Poste folgende Logfiles in deiner nächsten Antwort:
__________________ |
|
04.02.2014, 17:38
| #4 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Erstmal Dankeschön für Deine Hilfe Muß noch eine Logdatei von Hitman posten & den viel zu großen Combofix-Scan. Hoffe doch ich brech mir nicht die Finger  FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Sascha & Nancy (administrator) on TOSHIBA on 04-02-2014 10:41:29
Running from C:\Users\Sascha & Nancy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft) C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-03-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [ProtectedNET] - C:\Users\Sascha & Nancy\Desktop\Laufwerk\Jappy Rang + Credit Hack by JiNNy.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Run: [logger] - wscript.exe //B "C:\Users\SASCHA~1\AppData\Local\Temp\logger.vbs" <===== ATTENTION
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Run: [AppsHat] - C:\Users\Sascha & Nancy\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: F - F:\Windows\StartFreeStyle.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {03692143-0ef0-11e3-b86b-00266ca80786} - H:\OriginInstaller.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b62b-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b632-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b65e-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {16737d40-ef63-11e2-bb4d-00266ca80786} - F:\Windows\StartFreeStyle.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {25143ae8-a14c-11e0-bd9d-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {25143aee-a14c-11e0-bd9d-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {41b933f8-27bd-11e1-90f6-00266ca80786} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {46866801-485f-11e1-8d41-00266ca80786} - F:\LGAutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {598939d1-1d9a-11e1-bab4-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {598939d6-1d9a-11e1-bab4-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {99948c1c-26f7-11e1-b79e-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {a9856250-36ba-11e2-947c-00266ca80786} - F:\zdata\cobi.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {f6528305-95ce-11e2-ade5-00266ca80786} - F:\setup.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => File Not Found
AppInit_DLLs: c:\progra~2\movies~1\safety~1\x64\safety~2.dll => File Not Found
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies toolbar\safetynut\safetycrt.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=1367078727
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = https://isearch.avg.com/?cid={D4128F4D-FFC4-4AD1-8D6B-8FA976F2493E}&mid=16cd0fb9c80147d1b59ad16f2a4cee75-ca2be2ccc0d80f6eca87e1d1dfbe0cd3c2f66768&lang=en&ds=ft011&pr=sa&d=2012-07-25 16:17:44&v=12.1.0.21&sap=hp
URLSearchHook: HKCU - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=7077985
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=7077985
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {178A504F-74E0-4342-9DF2-00A4A0B137F8} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={ED33D242-60D1-11E2-B3A9-00266CA80786}
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {5319BB5F-8644-FBC1-3546-685F8AE5B160} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=430&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3205709
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - {3F7E5C68-5C60-4FB5-B191-1B04DDDE8979} URL =
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL =
SearchScopes: HKCU - {6ADFBB29-55DE-4137-996D-31FE316578AF} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A5B9220D-875B-4C63-A4B1-AABF1D74E973}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default
FF Homepage: google.de
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\portaldosites.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Escamod - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\escamod@gmx.net0002.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-23]
FF Extension: Tab Mix Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-23]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
Chrome:
=======
CHR Extension: (Zoomex) - C:\Users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc [2013-01-28]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\SASCHA~1\AppData\Local\funmoods.crx [2013-01-28]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\SASCHA~1\AppData\Local\funmoods-speeddial.crx [2012-07-28]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2012-07-28]
CHR HKCU\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKCU\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Sascha & Nancy\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Sascha & Nancy\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
==================== Services (Whitelisted) =================
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [200704 2006-08-11] (InterVideo Inc.)
R2 HeimdalSecureDNS; C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [93856 2013-11-06] (Microsoft)
R2 HeimdalService; C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [132768 2013-11-06] (CSIS Security Group)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1752488 2014-02-04] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 HPSLPSVC; C:\Users\SASCHA~1\AppData\Local\Temp\7zS4921\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2014-02-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-02-25] (WinISO.com)
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S1 pmplcahk; \??\C:\Windows\system32\drivers\pmplcahk.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-04 10:41 - 2014-02-04 10:42 - 00029727 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:41 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-04 10:39 - 2014-02-04 10:40 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Downloads\FRST64.exe
2014-02-04 10:37 - 2014-02-04 10:39 - 00000490 _____ () C:\Users\Sascha & Nancy\Downloads\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 10:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:41 - 2014-02-04 08:42 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:28 - 2014-02-04 08:29 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:12 - 2014-02-04 08:13 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-04 07:59 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-04 07:59 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-04 07:59 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-04 07:58 - 2014-02-04 07:59 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-01-30 12:55 - 2014-01-30 12:58 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:26 - 2014-02-02 14:21 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:22 - 2014-01-23 07:24 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-21 22:34 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-21 22:34 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-21 22:34 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-21 22:34 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-21 22:33 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-21 22:33 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-21 22:33 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-18 12:02 - 2014-02-02 16:44 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:23 - 2014-01-21 08:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 05:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:23 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:23 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:02 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-12 16:02 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-12 16:02 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-12 16:02 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-12 16:02 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-12 16:02 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-12 16:02 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-12 16:02 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-12 16:02 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-12 16:02 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-12 16:02 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-12 16:02 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-12 16:02 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-12 16:02 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-10 14:01 - 2014-01-10 14:02 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
==================== One Month Modified Files and Folders =======
2014-02-04 10:42 - 2014-02-04 10:41 - 00029727 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:42 - 2012-06-13 07:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 10:41 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-04 10:40 - 2014-02-04 10:39 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Downloads\FRST64.exe
2014-02-04 10:39 - 2014-02-04 10:37 - 00000490 _____ () C:\Users\Sascha & Nancy\Downloads\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:37 - 2011-06-09 16:52 - 00000000 ____D () C:\Users\Sascha & Nancy
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:33 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:33 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:31 - 2011-01-24 19:54 - 01786406 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 10:25 - 2013-10-05 18:42 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar
2014-02-04 10:25 - 2013-08-23 09:51 - 00031418 _____ () C:\Windows\setupact.log
2014-02-04 10:25 - 2013-01-12 14:07 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-04 10:25 - 2012-03-19 20:54 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 10:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 10:24 - 2013-10-05 18:43 - 00000000 ____D () C:\ProgramData\Wincert
2014-02-04 10:24 - 2011-10-21 19:25 - 00000000 ____D () C:\Program Files (x86)\BrowserCompanion
2014-02-04 10:24 - 2010-11-16 18:49 - 00806366 _____ () C:\Windows\PFRO.log
2014-02-04 10:16 - 2013-01-17 19:15 - 00000000 ____D () C:\Program Files (x86)\SweetIM
2014-02-04 10:15 - 2013-06-10 07:31 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Omiga Plus
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:57 - 2012-03-19 20:54 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-04 09:11 - 2011-06-10 22:52 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:59 - 2014-02-04 08:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:41 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:37 - 2012-10-21 11:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-04 08:34 - 2011-06-09 16:55 - 00113272 _____ () C:\Users\Sascha & Nancy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-04 08:33 - 2009-07-14 05:45 - 00432024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:29 - 2014-02-04 08:28 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ____D () C:\ProgramData\Skype
2014-02-04 08:24 - 2012-06-13 07:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 08:24 - 2012-06-13 07:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 08:24 - 2012-06-13 07:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:12 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2014-02-04 07:58 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:59 - 2012-06-22 11:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-04 07:55 - 2012-03-19 06:53 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-02-04 07:23 - 2011-06-10 08:54 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Adobe
2014-02-04 07:19 - 2013-01-21 18:38 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-04 07:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-02 16:44 - 2014-01-18 12:02 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-02-02 14:21 - 2014-01-25 12:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-30 12:58 - 2014-01-30 12:55 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:24 - 2014-01-23 07:22 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-23 07:24 - 2013-12-20 10:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:23 - 2011-09-23 06:51 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla
2014-01-21 10:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-21 08:32 - 2014-01-17 17:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-21 08:31 - 2011-01-24 20:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:29 - 2011-06-09 16:52 - 00000000 ___RD () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-21 08:29 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\ShellNew
2014-01-21 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-21 08:27 - 2009-07-14 03:34 - 00000419 _____ () C:\Windows\win.ini
2014-01-21 08:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 08:33 - 2011-09-03 08:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 18:33 - 2009-07-14 18:58 - 07533032 _____ () C:\Windows\system32\perfh007.dat
2014-01-17 18:33 - 2009-07-14 18:58 - 02331660 _____ () C:\Windows\system32\perfc007.dat
2014-01-17 18:33 - 2009-07-14 06:13 - 00005422 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-17 17:27 - 2013-12-05 09:12 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Rocco
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:26 - 2012-07-14 09:44 - 00000000 ____D () C:\Users\Sascha & Nancy\.gimp-2.8
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 22:20 - 2013-08-14 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:18 - 2011-06-13 14:57 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 15:25 - 2011-12-07 16:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Skype
2014-01-15 06:47 - 2012-12-27 15:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Mucke
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:16 - 2012-09-22 08:16 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\SH5
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:28 - 2013-03-19 06:35 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-12 15:52 - 2012-12-28 17:07 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-01-12 12:55 - 2013-12-02 10:33 - 00000000 ____D () C:\Program Files (x86)\Vector Magic
2014-01-12 12:55 - 2013-11-18 19:30 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-01-12 12:55 - 2010-11-16 18:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-10 14:02 - 2014-01-10 14:01 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
2014-01-07 06:07 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-06 20:38 - 2013-09-04 08:43 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\TKKG
Files to move or delete:
====================
C:\Users\Sascha & Nancy\AppData\Roaming\skype.ini
Some content of TEMP:
====================
C:\Users\Sascha & Nancy\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\Delta.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\DeltaTB.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\propsys.dll
C:\Users\Sascha & Nancy\AppData\Local\Temp\SHSetup.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\Uninstall.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\WSSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-17 05:43
==================== End Of Log ============================
Code:
ATTFilter HitmanPro 3.7.9.212
www.hitmanpro.com
Computer name . . . . : TOSHIBA
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Toshiba\Sascha & Nancy
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2014-02-04 09:36:42
Scan mode . . . . . . : Normal (cancelled by user)
Scan duration . . . . : 11s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 0
Objects scanned . . . : 26.604
Files scanned . . . . : 26.604
Remnants scanned . . : 0 files / 0 keys
Code:
ATTFilter HitmanPro 3.7.9.212
www.hitmanpro.com
Computer name . . . . : TOSHIBA
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Toshiba\Sascha & Nancy
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2014-02-04 09:19:44
Scan mode . . . . . . : Normal
Scan duration . . . . : 10m 17s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 358
Objects scanned . . . : 3.026.702
Files scanned . . . . : 73.513
Remnants scanned . . : 1.893.340 files / 1.059.849 keys
Potential Unwanted Programs _________________________________________________
C:\Program Files (x86)\Conduit\ (Conduit)
C:\Program Files (x86)\Conduit\Community Alerts\ (Conduit)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (Conduit)
Size . . . . . . . : 638.560 bytes
Age . . . . . . . : 956.7 days (2011-06-23 15:20:46)
Entropy . . . . . : 6.4
SHA-256 . . . . . : F22E58CDFE94D4A5FBBF2795A743B167ED9923E289E14654631E0077DD306C1D
Product . . . . . : Alert
Publisher . . . . : Conduit Ltd.
Description . . . : Alert
Version . . . . . : 1.1.4.1
Copyright . . . . : Copyright © Conduit Ltd. 2011.
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : -15.0
C:\Program Files (x86)\Desk 365\ (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_bkg_list.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_list.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_settings.ini (PortalDoSites)
C:\Program Files (x86)\Desk 365\process_mgr.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\promote.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\recent.xml (PortalDoSites)
C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xml (PortalDoSites)
C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml (QVO6)
C:\ProgramData\Babylon\ (Babylon)
C:\ProgramData\BitGuard\ (SpeedUpMyPC)
C:\ProgramData\BrowserProtect\ (Claro)
C:\ProgramData\eSafe\ (PortalDoSites)
C:\ProgramData\eSafe\eDelayinfo.edb (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Local\Conduit\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\Local\funmoods.crx (Funmoods)
C:\Users\Sascha & Nancy\AppData\LocalLow\BabylonToolbar\ (Babylon)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ChromeExtData\bhnjjbcnbmjmhgpliahlamecmbejpaol\Repository\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ChromeExtData\bhnjjbcnbmjmhgpliahlamecmbejpaol\Repository\toolbar_initializing_logger.txt (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Delta\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchquband\ (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\ (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\dtx.ini (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\geoip.xml (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\guid.dat (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\preferences.dat (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\setupCfg.xml (SearchQU)
C:\Users\Sascha & Nancy\AppData\Roaming\Babylon\ (Babylon)
C:\Users\Sascha & Nancy\AppData\Roaming\Babylon\log_file.txt (Babylon)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\config.dat (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\angrybirds.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\Gmail.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\Gmail.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\Outlook.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\Outlook.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ESPN.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ESPN.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\BigFarm.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\gcalendar.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\pulse.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\pulse.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\Empire.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\Empire.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\components\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe (PortalDoSites)
Size . . . . . . . : 10.434.864 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:05:44)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0026D229EC08FD46A98269FA6BEC07E55E323B0812E2287DEA83293CD99A6A5C
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 2.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg_list.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_list.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_settings.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ConvertAVItoMP4_3608c453f63ef0987ec1af2784c0b2a3.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ConvertAVItoMP4_3608c453f63ef0987ec1af2784c0b2a3_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ESPN_a7b078f5f5f5b87efcef66ab5783cf9d_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_05920328ebb21254e7e74f9235dcff5f.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_05920328ebb21254e7e74f9235dcff5f_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\gcalendar_50b3e3c5fc202f0cfcae8032b2465c1b_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Google_60d75cb277f0c452fa60dba8350caf65_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_04815d8e8fa226b85855f4c5067ec336.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_04815d8e8fa226b85855f4c5067ec336_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iTunesIco_4fda50dc1c67cf69c2e2a4c919836dca.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iTunesIco_4fda50dc1c67cf69c2e2a4c919836dca_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\MediaMonkey_64ddd89894c1d19b439529d39b222e2a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\MediaMonkey_64ddd89894c1d19b439529d39b222e2a_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\pulse_b5a242da04cc06eacd02b1ca41e3583c_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_computer_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_control_panel_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_control_panel_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_downloads_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_my_documents_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_my_documents_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\process_mgr.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\337.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\barbie.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\computer_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\control_panel_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\facebook.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\facebook_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\GameCenter.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\google.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\google_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Google_60d75cb277f0c452fa60dba8350caf65.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\mario.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\my_document_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\twitter.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\twitter_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\v9.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\youtube.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\youtube_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\replacegc (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_104.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_107.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_175.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\shell32.dll_21.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.10.15.exe (PortalDoSites)
Size . . . . . . . : 3.063.376 bytes
Age . . . . . . . : 273.2 days (2013-05-07 04:25:13)
Entropy . . . . . : 8.0
SHA-256 . . . . . : C69BDB7644772F0F29E3CE9E83217FCFA02AFCD200DA0BFD3ADDADC51D403557
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.10.15.6766
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.11.16.exe (PortalDoSites)
Size . . . . . . . : 3.609.168 bytes
Age . . . . . . . : 271.6 days (2013-05-08 18:22:24)
Entropy . . . . . : 8.0
SHA-256 . . . . . : B903D5152DA2C72E82751061A116224C8794B0BBDFF2B8FB7C53C005F32A6AE3
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.11.16.6883
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.12.16.exe (PortalDoSites)
Size . . . . . . . : 3.269.200 bytes
Age . . . . . . . : 241.2 days (2013-06-08 03:57:56)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 4F5555D62A8D66C986AE84EE8BAD09EEE3F773597B4CC19EB152F70C43FA93B1
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.12.16.7354
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.9.6.exe (PortalDoSites)
Size . . . . . . . : 3.055.184 bytes
Age . . . . . . . : 274.2 days (2013-05-06 04:14:15)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 733DAD37B2B775030EFF13D5D13337B42107C6336E7AE4356E2141E34560D839
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.9.6.6497
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r0.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r1.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r2.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r3.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r4.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r5.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r6.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r7.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r8.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r9.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\dp.exe (PortalDoSites)
Size . . . . . . . : 847.352 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 520D61A009E6B75030E7621B58F1A88B0A60F043BB0A903D25AAB8DEBAD07E9C
Product . . . . . : DealPly
Publisher . . . . : DealPly Technologies Ltd.
Description . . . : DealPly
Version . . . . . : 4.8.6.3
Copyright . . . . : Copyright © 2013 DealPly Technologies Ltd
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\eXQ.exe (PortalDoSites)
Size . . . . . . . : 698.424 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 6.5
SHA-256 . . . . . : A0BAA3EBE4FA2E4CF3112D136C7ADD22E0B1531FAC5830A0A78D16A12B5A808A
Product . . . . . : eXQ Control
Publisher . . . . : eXQ Co., Ltd.
Description . . . : eXQ Control 1.0.2.2379
Version . . . . . : 1.0.2.2379
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -7.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\QType_setup_last_version.exe (PortalDoSites)
Size . . . . . . . : 8.189.816 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 8.0
SHA-256 . . . . . : A47C2B4D99AE44E938D56DAC238F0EB2F5BC9B613782593CE58CD5DFFB698F41
Product . . . . . : QType
Description . . . : Quickly type(english) 1.2.0.182
Version . . . . . : 1.2.0.182
Copyright . . . . : Copyright (C) 2012-2013,Bejing Elex Technology Co.,Ltd.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -3.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\dp.exe (PortalDoSites)
Size . . . . . . . : 847.352 bytes
Age . . . . . . . : 250.9 days (2013-05-29 12:15:00)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 520D61A009E6B75030E7621B58F1A88B0A60F043BB0A903D25AAB8DEBAD07E9C
Product . . . . . : DealPly
Publisher . . . . : DealPly Technologies Ltd.
Description . . . : DealPly
Version . . . . . : 4.8.6.3
Copyright . . . . : Copyright © 2013 DealPly Technologies Ltd
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\eXQ.exe (PortalDoSites)
Size . . . . . . . : 610.304 bytes
Age . . . . . . . : 250.9 days (2013-05-29 12:15:00)
Entropy . . . . . : 6.7
SHA-256 . . . . . : C9915799894DC8383356890E2085E0316FB454C18376E9BCD14557215FF365AE
Fuzzy . . . . . . : 6.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\WinZipper.exe (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\Desk365.exe (PortalDoSites)
Size . . . . . . . : 4.179.024 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 8.0
SHA-256 . . . . . : EFBB2A1C46511EEFCF1C1868BA055690DB6124FB9CFA1CD1752D405ECB997752
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.10.15.6766
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\eXQ.exe (PortalDoSites)
Size . . . . . . . : 691.256 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 6A5E4B1880081AD2C2D4436F63FF51A461A5D2A05182AF35E8DDB3EA19853B30
Product . . . . . : eXQ Control
Publisher . . . . : eXQ Co., Ltd.
Description . . . : eXQ Control 1.0.2.2219
Version . . . . . : 1.0.2.2219
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -7.0
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\ (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\UpdateProc\ (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\UpdateProc\gup_dt.dat (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\5472.ico (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\DeltaTB.exe (Conduit)
Size . . . . . . . : 773.104 bytes
Age . . . . . . . : 308.9 days (2013-04-01 12:20:10)
Entropy . . . . . : 8.0
SHA-256 . . . . . : E4F1009192F163AACAFC3AC23F3FBCE358122040A5DBF99B86C9F4CAC9809ECC
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 7.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\EBB77268-338F-4C6A-8590-AD88FED26F4A (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\OCBrowserHelper_1.0.5.112.dll (Conduit)
Size . . . . . . . : 433.448 bytes
Age . . . . . . . : 308.9 days (2013-04-01 12:20:10)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0A81DF9C6C3D5754ABF518599552ECBE56224FF74F6A731896B259602D68DC75
Product . . . . . : OpenCandy Install Helper
Publisher . . . . : OpenCandy
Description . . . : OpenCandy Install Helper
Version . . . . . : 1.0.0.2
Copyright . . . . : (c) 2011 OpenCandy. All rights reserved.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\5375.ico (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\conduitinstaller.exe (Conduit)
Size . . . . . . . : 222.384 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:49)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 06C28E552761E40B584BD1C6A661AEE55336444AAB80034D3A1069AD31A72D3A
Publisher . . . . : Conduit
Version . . . . . : 5.5.1.14
Copyright . . . . : Conduit Ltd.
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\ConduitRBCB_p1v1.exe (Conduit)
Size . . . . . . . : 685.400 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:43)
Entropy . . . . . : 8.0
SHA-256 . . . . . : F35CF861C7729350E774599279FF314999AD600BE1FD658EDDBFF3BAD9DC10D5
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 7.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\EBB77268-338F-4C6A-8590-AD88FED26F4A (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\OCBrowserHelper_1.0.5.112.dll (Conduit)
Size . . . . . . . : 433.448 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:49)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0A81DF9C6C3D5754ABF518599552ECBE56224FF74F6A731896B259602D68DC75
Product . . . . . : OpenCandy Install Helper
Publisher . . . . : OpenCandy
Description . . . : OpenCandy Install Helper
Version . . . . . : 1.0.0.2
Copyright . . . . : (c) 2011 OpenCandy. All rights reserved.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
HKLM\SOFTWARE\Classes\AppID\BrowserConnection.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\DnsBHO.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1\ (SearchQU)
HKLM\SOFTWARE\Classes\BrowserConnection.Loader\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}\ (SearchQU)
HKLM\SOFTWARE\Classes\DnsBHO.BHO.1\ (SearchQU)
HKLM\SOFTWARE\Classes\DnsBHO.BHO\ (SearchQU)
HKLM\SOFTWARE\Classes\f\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.dskBnd.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.dskBnd\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoodsApp.appCore\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}\ (SearchQU)
HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}\ (SearchQU)
HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}\ (Funmoods)
HKLM\SOFTWARE\Classes\Prod.cap\ (Claro)
HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player)
HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\ (SearchQU)
HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}\ (Funmoods)
HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\BrowserConnection.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\DnsBHO.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}\ (Rocketfuel)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}\ (SearchQU)
HKLM\SOFTWARE\DataMngr\ (SearchQU)
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} (FLV Player)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player)
HKLM\SOFTWARE\Wow6432Node\Babylon\ (Babylon)
HKLM\SOFTWARE\Wow6432Node\babylontoolbar\ (Babylon)
HKLM\SOFTWARE\Wow6432Node\Conduit\ (Rocketfuel)
HKLM\SOFTWARE\Wow6432Node\DataMngr\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Delta\ (SpeedUpMyPC)
HKLM\SOFTWARE\Wow6432Node\deskSvc\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\hdcode\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} (FLV Player)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\portaldositesSoftware\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\qvo6Software\ (QVO6)
HKLM\SOFTWARE\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}\ (FLV Player)
HKLM\SYSTEM\ControlSet001\services\eventlog\Application\desksvc\ (PortalDoSites)
HKLM\SYSTEM\ControlSet002\services\eventlog\Application\desksvc\ (PortalDoSites)
HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\desksvc\ (PortalDoSites)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\AppDataLow\Software\Smartbar\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\BabSolution\ (SpeedUpMyPC)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Blabbers\ (Blabbers)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Conduit\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Datamngr\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\DataMngr_Toolbar\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\delta LTD\ (Delta Search)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Delta\ (SpeedUpMyPC)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Funmoods\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0},\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ (Yontoo)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Smartbar\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Softonic\ (Softonic)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
|
|
04.02.2014, 18:02
| #5 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Den Scan von Combofix muß ich wohl in 4-5 postings abliefern... Code:
ATTFilter HitmanPro 3.7.9.212
www.hitmanpro.com
Computer name . . . . : TOSHIBA
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Toshiba\Sascha & Nancy
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2014-02-04 08:43:00
Scan mode . . . . . . : Normal
Scan duration . . . . : 10m 14s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes
Threats . . . . . . . : 5
Traces . . . . . . . : 391
Objects scanned . . . : 3.017.049
Files scanned . . . . : 73.344
Remnants scanned . . : 1.884.795 files / 1.058.910 keys
Malware _____________________________________________________________________
C:\ProgramData\InstallMate\{17A65193-2086-406B-A280-68A4CC457365}\_Setupx.dll -> Quarantined
Size . . . . . . . : 58.368 bytes
Age . . . . . . . : 372.0 days (2013-01-28 09:42:51)
Entropy . . . . . : 6.4
SHA-256 . . . . . : 75585E46CDD212C0341EB2363B5DF105D3783407DAC4BC52946DE8E70791431A
> Kaspersky . . . . : not-a-virus:HEUR:Downloader.Win32.AdLoad.u
Fuzzy . . . . . . : 98.0
C:\Users\Sascha & Nancy\AppData\Local\Temp\OptimizerPro.exe -> Quarantined
Size . . . . . . . : 5.807.696 bytes
Age . . . . . . . : 121.6 days (2013-10-05 18:42:22)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 6656A02E13BB770B8410AAF1E4D605253625F7A6435B4EC8D1F0E4843DF49A17
Product
Publisher
Description
Version . . . . . : 3.0.1.0
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Bitdefender . . . : Application.OptimizerPro.A
Fuzzy . . . . . . : 99.0
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe -> Quarantined
Size . . . . . . . : 93.728 bytes
Age . . . . . . . : 274.0 days (2013-05-06 08:44:02)
Entropy . . . . . : 6.5
SHA-256 . . . . . : FBE35B275676164D6771087FCA59AFF7CA667647FAB1EE466C94ED00AEFDA455
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Bitdefender . . . : Adware.DealPly.H
Fuzzy . . . . . . : 99.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\eGdpSvc.exe -> Quarantined
Size . . . . . . . : 969.280 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 7.9
SHA-256 . . . . . : A2CE3C318D4280281E2B5E029FAB980470CF88D2D17274B01B83FEDFE09A41D0
Product . . . . . : eSafe Security Control
Publisher . . . . : eSafe Security Co., Ltd.
Description . . . : eSafe Security Control 1.0.0.1982
Version . . . . . : 1.0.0.1982
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : Trojan.Win32.Staser.fv
Fuzzy . . . . . . : 101.0
C:\Users\Sascha & Nancy\Downloads\FLVPlayerSetup-8MayreM.exe -> PendingDelete
Size . . . . . . . : 167.440 bytes
Age . . . . . . . : 155.7 days (2013-09-01 15:12:47)
Entropy . . . . . : 7.6
SHA-256 . . . . . : B0C60CDCDBA53DA637410EB9F6DF74E4E18B343E1BF8417D46B9B5DB9C2CDD55
Product
Publisher
Description . . . : Powered by BetterInstaller
Version . . . . . : 2.1.0.0
Copyright
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.NSIS.Agent.aq
Fuzzy . . . . . . : 104.0
Potential Unwanted Programs _________________________________________________
C:\Program Files (x86)\Conduit\ (Conduit)
C:\Program Files (x86)\Conduit\Community Alerts\ (Conduit)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (Conduit)
Size . . . . . . . : 638.560 bytes
Age . . . . . . . : 956.7 days (2011-06-23 15:20:46)
Entropy . . . . . : 6.4
SHA-256 . . . . . : F22E58CDFE94D4A5FBBF2795A743B167ED9923E289E14654631E0077DD306C1D
Product . . . . . : Alert
Publisher . . . . : Conduit Ltd.
Description . . . : Alert
Version . . . . . : 1.1.4.1
Copyright . . . . : Copyright © Conduit Ltd. 2011.
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : -15.0
C:\Program Files (x86)\Desk 365\ (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_bkg_list.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_list.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_settings.ini (PortalDoSites)
C:\Program Files (x86)\Desk 365\process_mgr.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\promote.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\recent.xml (PortalDoSites)
C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xml (PortalDoSites)
C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml (QVO6)
C:\ProgramData\Babylon\ (Babylon)
C:\ProgramData\BitGuard\ (SpeedUpMyPC)
C:\ProgramData\BrowserProtect\ (Claro)
C:\ProgramData\eSafe\ (PortalDoSites)
C:\ProgramData\eSafe\eDelayinfo.edb (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Local\Conduit\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\Local\funmoods.crx (Funmoods)
C:\Users\Sascha & Nancy\AppData\LocalLow\BabylonToolbar\ (Babylon)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ChromeExtData\bhnjjbcnbmjmhgpliahlamecmbejpaol\Repository\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ChromeExtData\bhnjjbcnbmjmhgpliahlamecmbejpaol\Repository\toolbar_initializing_logger.txt (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Delta\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchquband\ (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\ (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\dtx.ini (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\geoip.xml (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\guid.dat (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\preferences.dat (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\setupCfg.xml (SearchQU)
C:\Users\Sascha & Nancy\AppData\Roaming\Babylon\ (Babylon)
C:\Users\Sascha & Nancy\AppData\Roaming\Babylon\log_file.txt (Babylon)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\config.dat (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\angrybirds.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\Gmail.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\Gmail.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\Outlook.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\Outlook.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ESPN.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ESPN.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\BigFarm.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\gcalendar.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\pulse.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\pulse.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\Empire.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\Empire.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\components\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe (PortalDoSites)
Size . . . . . . . : 10.434.864 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:05:44)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0026D229EC08FD46A98269FA6BEC07E55E323B0812E2287DEA83293CD99A6A5C
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 2.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg_list.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_list.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_settings.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ConvertAVItoMP4_3608c453f63ef0987ec1af2784c0b2a3.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ConvertAVItoMP4_3608c453f63ef0987ec1af2784c0b2a3_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ESPN_a7b078f5f5f5b87efcef66ab5783cf9d_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_05920328ebb21254e7e74f9235dcff5f.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_05920328ebb21254e7e74f9235dcff5f_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\gcalendar_50b3e3c5fc202f0cfcae8032b2465c1b_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Google_60d75cb277f0c452fa60dba8350caf65_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_04815d8e8fa226b85855f4c5067ec336.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_04815d8e8fa226b85855f4c5067ec336_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iTunesIco_4fda50dc1c67cf69c2e2a4c919836dca.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iTunesIco_4fda50dc1c67cf69c2e2a4c919836dca_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\MediaMonkey_64ddd89894c1d19b439529d39b222e2a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\MediaMonkey_64ddd89894c1d19b439529d39b222e2a_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\pulse_b5a242da04cc06eacd02b1ca41e3583c_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_computer_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_control_panel_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_control_panel_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_downloads_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_my_documents_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_my_documents_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\process_mgr.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\337.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\barbie.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\computer_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\control_panel_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\facebook.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\facebook_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\GameCenter.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\google.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\google_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Google_60d75cb277f0c452fa60dba8350caf65.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\mario.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\my_document_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\twitter.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\twitter_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\v9.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\youtube.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\youtube_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\replacegc (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_104.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_107.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_175.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\shell32.dll_21.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.10.15.exe (PortalDoSites)
Size . . . . . . . : 3.063.376 bytes
Age . . . . . . . : 273.2 days (2013-05-07 04:25:13)
Entropy . . . . . : 8.0
SHA-256 . . . . . : C69BDB7644772F0F29E3CE9E83217FCFA02AFCD200DA0BFD3ADDADC51D403557
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.10.15.6766
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.11.16.exe (PortalDoSites)
Size . . . . . . . : 3.609.168 bytes
Age . . . . . . . : 271.6 days (2013-05-08 18:22:24)
Entropy . . . . . : 8.0
SHA-256 . . . . . : B903D5152DA2C72E82751061A116224C8794B0BBDFF2B8FB7C53C005F32A6AE3
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.11.16.6883
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.12.16.exe (PortalDoSites)
Size . . . . . . . : 3.269.200 bytes
Age . . . . . . . : 241.2 days (2013-06-08 03:57:56)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 4F5555D62A8D66C986AE84EE8BAD09EEE3F773597B4CC19EB152F70C43FA93B1
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.12.16.7354
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.9.6.exe (PortalDoSites)
Size . . . . . . . : 3.055.184 bytes
Age . . . . . . . : 274.2 days (2013-05-06 04:14:15)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 733DAD37B2B775030EFF13D5D13337B42107C6336E7AE4356E2141E34560D839
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.9.6.6497
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r0.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r1.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r2.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r3.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r4.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r5.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r6.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r7.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r8.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r9.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\dp.exe (PortalDoSites)
Size . . . . . . . : 847.352 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 520D61A009E6B75030E7621B58F1A88B0A60F043BB0A903D25AAB8DEBAD07E9C
Product . . . . . : DealPly
Publisher . . . . : DealPly Technologies Ltd.
Description . . . : DealPly
Version . . . . . : 4.8.6.3
Copyright . . . . : Copyright © 2013 DealPly Technologies Ltd
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\eXQ.exe (PortalDoSites)
Size . . . . . . . : 698.424 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 6.5
SHA-256 . . . . . : A0BAA3EBE4FA2E4CF3112D136C7ADD22E0B1531FAC5830A0A78D16A12B5A808A
Product . . . . . : eXQ Control
Publisher . . . . : eXQ Co., Ltd.
Description . . . : eXQ Control 1.0.2.2379
Version . . . . . : 1.0.2.2379
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -7.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\QType_setup_last_version.exe (PortalDoSites)
Size . . . . . . . : 8.189.816 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 8.0
SHA-256 . . . . . : A47C2B4D99AE44E938D56DAC238F0EB2F5BC9B613782593CE58CD5DFFB698F41
Product . . . . . : QType
Description . . . : Quickly type(english) 1.2.0.182
Version . . . . . : 1.2.0.182
Copyright . . . . : Copyright (C) 2012-2013,Bejing Elex Technology Co.,Ltd.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -3.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\dp.exe (PortalDoSites)
Size . . . . . . . : 847.352 bytes
Age . . . . . . . : 250.9 days (2013-05-29 12:15:00)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 520D61A009E6B75030E7621B58F1A88B0A60F043BB0A903D25AAB8DEBAD07E9C
Product . . . . . : DealPly
Publisher . . . . : DealPly Technologies Ltd.
Description . . . : DealPly
Version . . . . . : 4.8.6.3
Copyright . . . . : Copyright © 2013 DealPly Technologies Ltd
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\eXQ.exe (PortalDoSites)
Size . . . . . . . : 610.304 bytes
Age . . . . . . . : 250.9 days (2013-05-29 12:15:00)
Entropy . . . . . : 6.7
SHA-256 . . . . . : C9915799894DC8383356890E2085E0316FB454C18376E9BCD14557215FF365AE
Fuzzy . . . . . . : 6.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\WinZipper.exe (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\Desk365.exe (PortalDoSites)
Size . . . . . . . : 4.179.024 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 8.0
SHA-256 . . . . . : EFBB2A1C46511EEFCF1C1868BA055690DB6124FB9CFA1CD1752D405ECB997752
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.10.15.6766
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\eXQ.exe (PortalDoSites)
Size . . . . . . . : 691.256 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 6A5E4B1880081AD2C2D4436F63FF51A461A5D2A05182AF35E8DDB3EA19853B30
Product . . . . . : eXQ Control
Publisher . . . . : eXQ Co., Ltd.
Description . . . : eXQ Control 1.0.2.2219
Version . . . . . : 1.0.2.2219
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -7.0
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\ (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\UpdateProc\ (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\UpdateProc\gup_dt.dat (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\5472.ico (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\DeltaTB.exe (Conduit)
Size . . . . . . . : 773.104 bytes
Age . . . . . . . : 308.8 days (2013-04-01 12:20:10)
Entropy . . . . . : 8.0
SHA-256 . . . . . : E4F1009192F163AACAFC3AC23F3FBCE358122040A5DBF99B86C9F4CAC9809ECC
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 7.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\EBB77268-338F-4C6A-8590-AD88FED26F4A (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\OCBrowserHelper_1.0.5.112.dll (Conduit)
Size . . . . . . . : 433.448 bytes
Age . . . . . . . : 308.8 days (2013-04-01 12:20:10)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0A81DF9C6C3D5754ABF518599552ECBE56224FF74F6A731896B259602D68DC75
Product . . . . . : OpenCandy Install Helper
Publisher . . . . : OpenCandy
Description . . . : OpenCandy Install Helper
Version . . . . . : 1.0.0.2
Copyright . . . . : (c) 2011 OpenCandy. All rights reserved.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\5375.ico (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\conduitinstaller.exe (Conduit)
Size . . . . . . . : 222.384 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:49)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 06C28E552761E40B584BD1C6A661AEE55336444AAB80034D3A1069AD31A72D3A
Publisher . . . . : Conduit
Version . . . . . : 5.5.1.14
Copyright . . . . : Conduit Ltd.
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\ConduitRBCB_p1v1.exe (Conduit)
Size . . . . . . . : 685.400 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:43)
Entropy . . . . . : 8.0
SHA-256 . . . . . : F35CF861C7729350E774599279FF314999AD600BE1FD658EDDBFF3BAD9DC10D5
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 7.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\EBB77268-338F-4C6A-8590-AD88FED26F4A (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\OCBrowserHelper_1.0.5.112.dll (Conduit)
Size . . . . . . . : 433.448 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:49)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0A81DF9C6C3D5754ABF518599552ECBE56224FF74F6A731896B259602D68DC75
Product . . . . . : OpenCandy Install Helper
Publisher . . . . : OpenCandy
Description . . . : OpenCandy Install Helper
Version . . . . . : 1.0.0.2
Copyright . . . . : (c) 2011 OpenCandy. All rights reserved.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
HKLM\SOFTWARE\Classes\AppID\BrowserConnection.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\DnsBHO.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1\ (SearchQU)
HKLM\SOFTWARE\Classes\BrowserConnection.Loader\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}\ (SearchQU)
HKLM\SOFTWARE\Classes\DnsBHO.BHO.1\ (SearchQU)
HKLM\SOFTWARE\Classes\DnsBHO.BHO\ (SearchQU)
HKLM\SOFTWARE\Classes\f\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.dskBnd.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.dskBnd\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoodsApp.appCore\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}\ (SearchQU)
HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}\ (SearchQU)
HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}\ (Funmoods)
HKLM\SOFTWARE\Classes\Prod.cap\ (Claro)
HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player)
HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\ (SearchQU)
HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}\ (Funmoods)
HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\BrowserConnection.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\DnsBHO.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}\ (Rocketfuel)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}\ (SearchQU)
HKLM\SOFTWARE\DataMngr\ (SearchQU)
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} (FLV Player)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player)
HKLM\SOFTWARE\Wow6432Node\Babylon\ (Babylon)
HKLM\SOFTWARE\Wow6432Node\babylontoolbar\ (Babylon)
HKLM\SOFTWARE\Wow6432Node\Conduit\ (Rocketfuel)
HKLM\SOFTWARE\Wow6432Node\DataMngr\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Delta\ (SpeedUpMyPC)
HKLM\SOFTWARE\Wow6432Node\deskSvc\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\hdcode\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} (FLV Player)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\portaldositesSoftware\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\qvo6Software\ (QVO6)
HKLM\SOFTWARE\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}\ (FLV Player)
HKLM\SYSTEM\ControlSet001\services\eventlog\Application\desksvc\ (PortalDoSites)
HKLM\SYSTEM\ControlSet002\services\eventlog\Application\desksvc\ (PortalDoSites)
HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\desksvc\ (PortalDoSites)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\AppDataLow\Software\Smartbar\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\BabSolution\ (SpeedUpMyPC)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Blabbers\ (Blabbers)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Conduit\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Datamngr\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\DataMngr_Toolbar\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\delta LTD\ (Delta Search)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Delta\ (SpeedUpMyPC)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Funmoods\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0},\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ (Yontoo)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Smartbar\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Softonic\ (Softonic)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
Cookies _____________________________________________________________________
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\30RUCLMJ.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\B3CW2I4L.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\BGFX3H42.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\CHV900MU.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\D8WE7DM9.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\IP8P5SQD.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\LJZ8DE8F.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\Q2GPC0AQ.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\QI5GMA44.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\R1BCH5L3.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\X0NL0LI6.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:ad.zanox.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:apmebf.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:de.sitestat.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:deutschepostag.112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:doubleclick.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:emjcd.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:mediaplex.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:oracle.112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:paypal.112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:rakuten.112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:statcounter.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:stats.paypal.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:www.etracker.de
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:www.googleadservices.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:xiti.com
Code:
ATTFilter ComboFix 14-02-03.01 - Sascha & Nancy 04.02.2014 14:54:21.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3958.1475 [GMT 1:00]
ausgeführt von:: c:\users\Sascha & Nancy\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\sqlite3.dll
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_1
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_2
c:\programdata\TOSHIBA
c:\programdata\TOSHIBA\C11DACE4-A272-487e-83EB-32BF198C5E5D\dat0.bin
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dckev
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.mck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile-CMSM.txt
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile.txt
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def-V.dck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dckev
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.mck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database.dat
c:\programdata\TOSHIBA\SmartFaceV\FaceRecogLog\FaceRecogLog
c:\programdata\TOSHIBA\SmartFaceV\SmartFaceVCam.ini
c:\programdata\TOSHIBA\SmartFaceV\SmartFaceVSetting.ini
c:\programdata\TOSHIBA\SmartFaceV\SmartFaceVWatcher.ini
c:\programdata\TOSHIBA\SmartFaceV\Users\userdata.dat
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\51063fafda1a49.26654052.js
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\background.html
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\content.js
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\lsdb.js
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\manifest.json
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\sqlite.js
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Sascha & Nancy\AppData\Roaming\337
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\ebase.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\app_close.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\app_max.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\app_min.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\app_restore.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\wallpaper_resource.xml
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\window.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\en_us\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\es_es\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\pt_br\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\tr_tr\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\zh_tw\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\layout\default\dp_appwnd.xml
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\layout\default\msgbox.xml
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\libpng.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\main
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\msvcp100.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\msvcr100.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\ouilibnl.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\plusapp.exe
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\style\wallpaper_style.xml
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\TrayDownloader.exe
c:\users\Sascha & Nancy\AppData\Roaming\Koala
c:\users\Sascha & Nancy\AppData\Roaming\Koala\config.xml
c:\users\Sascha & Nancy\AppData\Roaming\Koala\eula
c:\users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Templates\NVE-3.1.0.25_no_yt.exe
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml.bak
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml.bak
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\Board.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\board1.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c110.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c20.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c50.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r4_c70.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c100.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c40.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Help_Top000000.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\IMG_2866000000.jpg
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\BulletinBoardLog.txt
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\GettingStartedData.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\screenshot.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml.bak
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Share.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\ToshibaBoardSettings.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\1394Test.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\1394Test.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cddrivetest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cddrivetest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\chkpc.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\chkpc.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cputest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\dialtonetest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\dialtonetest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\DISPLAYTest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\DISPLAYTest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\disptest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\fddtest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\fddtest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\hddrivetest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\hddrivetest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\Logs\Test Bericht
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\memtest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\MODEMTest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\MODEMTest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\NETTest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\NETTest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\PCMCIATest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\PCMCIATest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\USBTest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\USBTest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbeminfo.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbemQFE.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbemSoundDev.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUAppData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUFileData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Exception.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUAppData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUFileData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.setting.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\012cb269-5017-48fb-b82c-eeab139e9d64.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\01eb3b9d-e085-408d-bbdc-6af0bc01e190.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0485ee96-7b3d-44a3-ab34-bddd06c33d04.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\05981274-02e9-43c9-804d-a378cd782218.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\07ea537f-38b9-4432-bdbd-de6ff53197c2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0825ad34-c619-4f95-abad-62473cc5ff86.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\08fc6404-d0ed-41e1-b16c-157bbf979885.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0be73a9d-1ec3-4db5-9f88-5115c8567fff.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0ce5d205-74a5-4549-a6a5-f0403d76623f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0dd911bf-b1e6-490e-927c-137bf1c1a6ad.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e2b30bf-22a6-44ae-9098-8c6249be82aa.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e2fc6f2-dca0-494f-81f4-10f9d365d923.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e73cd29-8a5c-4fbc-b64e-205a311a4813.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\105c0a19-ba43-4598-b77d-48789615371e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\10a586d2-86d4-43be-ac7c-06dff5e0b4c1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\116582cf-ea86-41ad-9df7-a8a073a807d6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11b562ec-7258-4d29-9c97-ab6c70960f25.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11b7581e-c973-481a-8de1-3ff4fdf069f6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11c0388e-a02f-424c-af50-e4e190ae27ed.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1258f620-b02b-49fe-b64a-f35609087239.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\13714d91-9b7d-4735-9a26-a081bc0ee8bc.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\13e0a46b-49e3-4a95-a025-8ceaecdc565c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\15fcb673-6ca6-439e-b9d4-4b8f3c4e5b57.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\166276f3-8a98-4cd5-b5b8-bb6d6548907f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1713f213-3eb2-4f83-a3ea-87ab8c47f3f2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1c40bc9a-7284-4c79-9936-b3b2e8209dc4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1e0d2d7a-d7ad-4872-8e53-fda478502f7f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1f4edc29-b9d5-4ab1-9911-759792c91fd2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1f8b7a2d-d7e4-4034-a92b-21189d4b785c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\22252cd3-4ce5-466f-a66c-06bcb01dc296.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\234325f3-8e02-4fe6-8d3d-9af16fa146d3.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\236bf208-da64-4672-907b-f9f27e3d53ec.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\23e085c3-3685-49c6-9aef-e0a68a9e8dc6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\24895d38-8ad8-4fdb-8d1d-f82b0dd3e216.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26295d27-9c29-449d-a0f6-d08ab019a412.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26588f0b-5dc5-44d3-933a-aca16bed0833.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26657709-5e90-4462-8b34-2e4a37e45c4b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\27c6038b-aa8d-4c8a-ad23-14815fd828b8.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2847a211-a1ab-48f6-9904-3cd2bbb2a490.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\28f64a7f-4bc6-4aee-88ff-5286789156ad.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2a31e9d9-6080-470b-8ad4-9eca7d913838.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2adb8040-567c-4bac-adf6-4c01ecb0e731.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2aeb2214-3a0f-4918-b323-0e14effe82bb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2bc7b66f-7897-4641-ab0c-af666d82ee82.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2be17cf1-7d4d-4ff6-bfc1-4261fa46c731.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2e56b539-734b-424f-b0db-1222258c8aae.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2f1f3fa4-2ba6-4d65-8286-c1dbb6445b16.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\307daf94-dc71-468a-ae2d-e43ff2d606f1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\31a35f6c-38aa-4c94-8635-8bcade248944.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\31c1a3bf-a2a9-4e61-89e0-12ad356261a4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\32143b1f-dd4c-4614-8511-f44d3c37c798.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\33ef72e4-3a3c-4168-95ee-69b999f3dc50.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\34025ab2-9d28-42be-84d8-a1d73b60ad18.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\357dce9d-6a30-4730-bb20-cf0c0fc650f4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\35d3ec51-424d-4d15-9d59-ad7f0554bd23.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\362d06ca-6ee3-4f9f-a7d9-0939c91fad48.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3721ef84-adf6-487a-bf5f-543cac2cb4ec.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\37fcc561-d0c6-4a27-bd96-1c6ae4a7bd28.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\388d4ac5-b1e6-4ebd-bfcf-8537f385f096.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\38f9ba70-490f-487d-a4c3-cbe4fbac20e0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\393de2f5-2776-41ad-a7bd-7198bc797408.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\39f7415e-cdf2-43a1-ae34-893d6603300c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3a0670b4-914c-4e8b-93cd-8d7cb942e28f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3b2bf223-6da6-4008-8149-61cea1779795.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3f74f6f7-8e6b-4ad2-852d-7a9fe415ba6d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\40b50b44-803d-44ec-9560-eb92b57ea3cc.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\40df5f98-464f-4fb6-ad59-25be62557f1e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\43a173bc-54ac-4ca8-9133-39dc4bb09ed5.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\44c5d09f-056f-4564-9023-0ff0c833ffcb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\44d3bf05-b9d8-4840-99a3-6431a5918d0a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\45551e4e-fc40-40dd-9e52-a4cad5937a79.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\46e96372-6341-4286-bc90-bc50bcc621db.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\473b0d3a-0ca3-41b2-a791-d5c7c621c088.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\479ac8d4-12d8-400a-b2eb-9189303a898f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\48a7731e-743b-4646-ab65-fb38afc2ee3b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\495b54b4-cb5c-42c2-9032-df3592cb2204.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\49ab966d-1130-41db-8d5c-5bb5251f7c74.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4b06871b-d080-4c48-b8b7-4cb8e2ba61d2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4baccb9c-e21e-43b2-bb24-b836cf0fb77a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4c02164a-fba5-4333-903a-333bbe40849e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4d3d6683-2fed-4d65-aa9f-83392f4cf290.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4fb94aa1-1d37-4bde-a016-27553c0526b4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\503c49cc-7cdb-4fa1-a0fa-c6f68a548b17.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\50bef3ea-f148-4ac7-a96a-eb2ab119c76d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\515d35c8-faf3-4aa9-a475-5b7d1f202006.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\54bddaaf-c62d-44e3-8b7e-c44d0a4b238d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\561ac496-8929-4bac-af19-f57251c933f7.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5644d63f-ad16-43fb-9236-538768beef82.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\56a0ceb6-e292-4be1-b2c4-0c35965d3d0e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\56cec41d-1ab6-4290-b8c2-7dda878d2226.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\57aeeddb-ce93-4c02-8ab2-151c61d2e7f1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\57f861e8-0e96-486a-9764-a9050d56cd17.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\58881de7-618f-46fc-951d-4370637c43ca.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\589581dd-10a9-4036-b477-e31a01aa4930.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5913b47b-bd3b-4082-bddc-89e24281509a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5ba0dbb7-2e22-4857-a03f-04fe7c8d33a6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5baa9f08-31b7-4503-8132-b94738aff13e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5c2f7309-1539-4691-a2cd-5424309be77b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5c4f6108-7bf2-433e-bbda-0f3d534c403e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5d2f87a2-0018-4dd5-8d34-220a5dfcbd70.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5de8cae9-7592-49c8-85ea-186d68f31fbb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5e61e893-0cbd-4442-a7b0-b89a2f31ff9c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5e740978-b9b1-4426-b68e-7a6399ec63dc.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5ebf5a19-5416-4e16-8b23-633aacb0516d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\61f9b6eb-6202-41e7-932d-184876aa8439.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\622e0716-53b8-4624-b358-b0595ef46e81.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6458f5ba-5585-4140-b30b-89af971a3ce9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\65cfffce-8aed-4774-8ead-5517fd56c3b2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\660e031b-51d4-49a4-8ec1-e1f8033da8df.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\677dc705-a4f1-43fe-8031-a45b4c6463f5.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6948104b-dcc1-4a3b-b829-33376a0f0dbb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\69618347-995a-431d-81e4-11d3a21ecef7.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b113dc4-d60e-4ab7-8f80-5bc3a577f08b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b22287e-33a5-4a76-bd2b-14badcd16cce.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b569990-324b-433b-8913-658ebb071916.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b9263a5-d282-49c6-affc-e158f198c509.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6bb60d78-094e-4346-8922-52a4da5a5a9a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6d0ba5ba-5ba0-40b3-8455-a3ba8de0a994.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6d8c7a70-8266-4f84-a917-af4335a6cffb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6f5a312f-c628-4eb8-9b20-d40c17f71018.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\70094552-0be7-46af-b2f5-e48fda1647fe.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\70250457-8ffa-4eb9-96f1-e213c089e128.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7173aed9-2529-4db1-b121-6bf32afa1c4f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7692d40d-dc2b-4f55-b837-372d92b38bfb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\778ffb2f-31a1-4403-8935-86b98aa780ac.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7794a29a-bd48-409a-ba08-c77a436ccbb4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\77d84240-cbad-414f-9c5f-85296546ac84.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\77e63912-2364-4ef9-acc8-956a0b72285b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\78937aa3-3e04-4231-a16e-355aadf98719.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\789a6f63-a6ca-4d6d-b98d-627ec52ff842.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7b0bdae8-8a46-411f-9657-4c9ad94805fa.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7bf8d10a-e4f5-4ba6-8eb7-5d531af47f0c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7eb46b15-97dd-4027-830a-0f834bcb4984.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\802bd575-c2b2-4a5f-bf7f-8317d76c7b6f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\80308d0e-9f6e-468e-a9e1-fa7f769713ad.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\805b70dd-07c6-4bcb-b15e-2890037cb01f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8216c306-2f3c-4bdf-ab22-160ef6cd6bdf.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\82af9b6d-3e8b-49b0-8aa9-2ea8fca81083.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\84e04d6d-f4c0-47a5-bfb9-5e10e9a191d1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\85dfe300-08e2-4d47-b5f3-4061458c12c4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8777937a-37df-4d28-9910-bcc5caaf4332.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\87b4aec7-410f-4cbd-b43b-b3ca7ad0676e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\89f68abd-9a6f-480e-aab5-037511323b30.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8a81cac4-d3c4-4f91-9330-47754d359df2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8af96b9b-ddd2-47b9-8d15-4e62b212e80a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8bc59ff7-31d3-4789-8118-103dd6938ede.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8c5c81f3-b376-4b8b-bc37-375cc9cad816.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8cb6fb64-48b4-4270-aa4a-8241af283785.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8d1e1620-b405-4a25-9e40-6d3c0b3910d7.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8d790e07-db37-48f6-9cde-60a871397d16.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8e2f19db-ea5d-40ca-b7dd-26210c6443b2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8fd5a45e-8f05-4ed6-b848-8d5363e2c2c9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9009a268-489f-49b2-825f-8971261e0fe8.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\900e3db4-5989-4933-a349-351bef47a7bd.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\92934aba-3abb-4c28-991a-61fc771acc77.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9785131f-a413-4dfa-8695-39c531da80d1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\97e2a3e5-77bd-4892-9fb8-5aa94eaa4add.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\97e50b72-98ab-41ef-baeb-9f6a51b29119.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9834dae9-390a-4c2e-9ef7-4c6331a3019c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\98a38be4-5be4-4d56-a608-1a7d38f3b569.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\98b16b22-57ec-460e-8c27-3098bec85dc8.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\99af28f3-6646-4ab9-889f-a28be3246a07.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9a5d80e8-fe85-46cf-afa7-6e3513da925e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9e4fa622-091f-4e3f-9876-aff815e4b91e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9e6b91f9-2a6d-422d-b492-6bf6df7aac8d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9eab6ea3-6471-4aee-b8c6-00417e5f66d2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a09d750d-b00c-4639-a0ed-454d04d122d6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a0a32a21-8088-4ccd-a679-7023279c8d43.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a0daf90d-1796-4eef-950d-23d8926a418e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a389dc59-793b-4b03-b543-dc1554b851a9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a3e538b0-ae9d-4d2c-bb7e-82cacfb7e034.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a5a860ee-6351-4823-94cc-a90ab6ab8e22.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a648a04c-6b2a-448b-a38f-60973fe38f98.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a65f01ec-ee54-4282-9d06-4d1228be8636.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ab77cd47-f22d-4061-8618-8a77d5ea7fb2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad148ef6-5ec5-4508-ab71-db0b3e52c9e3.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad28aa0c-9d02-4de0-81b2-37d697cf407a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad44745b-e45c-425e-b75e-c93c4c1678b6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b05685c7-4759-4a36-a712-b3b68d5b997f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b07c2a20-f0ee-4c0f-9ae1-9bf92acb2fd7.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b217b4d0-1ea8-4c13-b22c-1a57fb6c3656.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b2f51970-0c7e-443d-8a3d-0d090db9c1ad.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b34cb097-bc3b-4ed0-a268-a81641475f44.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b47ca70a-7b3e-47f6-94fd-04a82a812faa.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b4ad9b39-a925-411c-9257-5317de38c43d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b4dcb516-d92b-41d5-9b2c-38f01a312a33.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b5aaf37c-a10f-441a-9d42-fe2aaa1990d3.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b64a244d-67a3-4377-942e-ce613bc9fe3c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b7ee901e-9d2a-4686-9062-66bbfbcf4a42.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b843c77a-9176-4c41-9ac6-fb8284229e59.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b87abfdd-99f2-4cee-8374-b5e3cf1ff29f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b988acbc-3cf6-4ca0-b783-96f358030232.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bacbc4a4-15cd-4f71-b86d-e00c6706af01.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bbc70069-82fc-409a-8028-4fb096b42630.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd2c87c0-b355-4eee-8f78-704351a9cb9e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd49d8c7-80eb-4584-a837-42f3a6b5d862.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd82aa01-9714-40ed-bf1c-b2eb8bd4706d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bda30f22-acbd-47a2-aaba-c62dd4e8b1c5.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bdcc18e5-794a-486a-80d2-53cb535ae1be.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be073235-0f8a-43b2-a4a2-3e6d02c02b47.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be788a1b-2e0a-44ce-a669-e5b787beaa8b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be8743c2-5add-43f0-a565-de4f8b6e39db.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bfc4a6a6-1739-407d-b87c-af3c9eb5ab42.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c0c22d8f-7a86-4c74-8581-52caf880f794.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c0cf4f90-cd60-4757-a2e5-5d99b26fb834.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c15c1caa-f11b-4d04-bde7-f221c605b0f6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c20643cf-465b-4b7c-939d-bc13552ddbc0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c4274673-e2af-4073-a904-16996d717aeb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c44572f4-e5fb-480f-a092-1a92682a0921.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c5805a90-445e-4f5d-ba5d-a4301175900e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c6149441-afd8-47f2-bec9-8a87da91ec66.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c6408267-d35a-4c75-80dc-e287d2623a4c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c72aa6fc-55b0-4fde-812b-752e975b8bfd.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c911b72f-3f30-49b3-817f-fdbe77b4f806.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ca77d85b-84ad-4c0f-a46a-b1256dceeb09.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\caeff903-89ec-4f5e-ad72-7336723f3817.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cba71b78-cbdc-4462-97a9-f9b14c6a351e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cd20eb31-d9f7-40e7-b80c-43c304de0a08.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cd5e6b43-e13e-4973-a0b9-bc73a2407600.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ceb570ec-fff3-4d61-8ed6-4dfb6886403c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d01112d8-ecc5-4893-97b0-f833362dfaf2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d0444ba0-0ee0-4582-a9c5-fe95f7c9bd7d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d218efa4-a33d-4884-a711-87dd31b86d2d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d28c7378-cef4-49a3-8b9e-23f97913cfd9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d33da0ba-7bab-48d4-b7c6-00f93bc2caf9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d37b7bb6-dc73-4e9e-a342-aeb22fbf7f91.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d3e2a15c-ec27-4506-a0d2-ecc5728e43fc.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d44b3f5d-e2f9-4b64-a7c4-4829e76fc747.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d461205c-c0ee-406d-b0ff-2cfd3b69d3d0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d56402bb-e8b1-42fc-a6ee-9d61856cd2a2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d5a7763d-1a87-4ffc-a339-559910401724.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d6196911-b6d3-447c-b823-19d541c3cd24.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d6f56658-453a-4a16-bfab-5af733a49fd9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d7f23f30-b744-449b-84c9-5b6e8143f6da.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\da51d6b0-b96a-4730-9702-645b422d151b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\df10f224-3a42-4922-8f71-6c5ed5199c98.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\dfb35b77-ecf6-45b8-97ec-f09552020d60.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e070f596-72aa-484c-8f65-6905612ddd99.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1432d1a-2c0a-4b21-b66c-c7eae315ff7f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1a0e70b-c932-4dd9-9f5f-ed73df1740d0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1af67b5-f9b6-4cab-adcd-501d3a12c846.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e34b7e81-2094-42c1-b591-07906238a8fe.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e5367c43-fe2c-4266-8f9b-751c754d5cb3.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e53c9836-14f8-453a-92de-8f0b9c7e5afe.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e5565435-ffa9-455f-b570-b8580fa281c2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e595a4c8-8ee9-4f14-9c89-b2c29cafad97.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e829d56d-4f0e-48eb-868e-3e531f43426b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e8c3f912-3bef-4f2b-908d-2fd3d502b2ab.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e96c959b-2964-4a2b-88b9-a8c3c329d04b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\eac321e2-0518-40db-9e82-57293db4bf49.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ecbf9389-8c68-4085-bd6d-441420ba4238.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\edf17e9a-2c1a-4635-9431-b0c6c079cbe8.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee0c0dc3-400d-4fb8-9887-f20b6fc9b0e0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee2965b4-f57f-4479-b6bd-23879994050b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee9be351-67d3-40cc-b231-dc26bb20ebe9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\eeac15af-8c81-4ae3-b99f-fe602161c3ea.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ef916e33-274c-44c3-9a5e-ed2bed79be05.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f1305f9e-e7a5-4a23-a75b-125850fd2429.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f1493e7c-d162-40aa-9ff2-eccbab4832fb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f180e9b7-ed95-4ab7-981d-b026b050ab11.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f28db5f2-500b-45a5-9c08-89fb3d36c4b0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f316bb3c-4a45-4506-bcc1-097b37c99ddb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f31fa173-68b5-4792-9abd-4a03af8e5a4b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f33a2758-5de8-4a0b-abe0-b9c7602e047d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f344e2d4-0f2b-40d3-bc52-bf35cfd774fe.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f3d55941-15e6-4d23-accf-b87cab83fba5.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f412b387-4e81-4db3-8ddd-400fe3852232.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f4491798-c9a2-44bb-a32f-7fcaa2deec20.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f4eaed98-8f38-47b8-843a-e44024438575.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f5595d4f-3542-4904-aaed-95b89d55d279.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f5c007de-26cd-4e54-90fd-867076adf7b0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f896f61b-efc6-4313-9518-3ab800e1bf14.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f8a1df4e-d8a3-4568-a87c-08a3eba5496d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f94ba19c-e9b2-4312-84e5-e04c3b9eee04.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f99beb76-688a-4c1c-91ce-c2527b715910.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fc0ee807-e844-449a-ba2e-9b6735dd1700.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fc7fcacc-d859-4fe9-800b-03ee236aaec0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fcb037cf-2ca3-4cac-b1fa-1eac5fe12f96.png
c:\users\Sascha & Nancy\videos\layout.bin
c:\users\Sascha & Nancy\videos\Setup.exe
c:\windows\UA000073.DLL
D:\install.exe
|
|
04.02.2014, 18:05
| #6 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- OnlinebankingCode:
ATTFilter .
.
((((((((((((((((((((((( Dateien erstellt von 2014-01-04 bis 2014-02-04 ))))))))))))))))))))))))))))))
.
.
2014-02-04 14:36 . 2014-02-04 14:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-04 14:25 . 2014-02-04 14:25 -------- d-----w- c:\users\Sascha & Nancy\AppData\Roaming\TOSHIBA
2014-02-04 10:03 . 2014-02-04 10:03 -------- d-----w- c:\program files\HitmanPro
2014-02-04 09:41 . 2014-02-04 13:42 -------- d-----w- C:\FRST
2014-02-04 09:03 . 2014-02-04 09:03 -------- d-----w- c:\users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 09:02 . 2014-02-04 09:02 -------- d-----w- c:\programdata\Malwarebytes
2014-02-04 09:02 . 2014-02-04 09:02 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-04 09:02 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-04 08:37 . 2014-02-04 08:37 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75DAD2A7-0F7A-4F65-8939-E8D2A6F97D83}\offreg.dll
2014-02-04 08:08 . 2014-02-04 08:08 -------- d-----w- c:\program files\iPod
2014-02-04 08:08 . 2014-02-04 08:09 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 08:08 . 2014-02-04 08:09 -------- d-----w- c:\program files\iTunes
2014-02-04 08:08 . 2014-02-04 08:09 -------- d-----w- c:\program files (x86)\iTunes
2014-02-04 08:08 . 2014-02-04 08:08 -------- d-----w- c:\users\Default\AppData\Roaming\Apple Computer
2014-02-04 08:08 . 2014-02-04 08:08 -------- d-----w- c:\users\Default\AppData\Local\Apple Computer
2014-02-04 07:42 . 2014-02-04 07:59 -------- d-----w- c:\programdata\HitmanPro
2014-02-04 07:29 . 2014-02-04 07:29 -------- d-s---w- c:\windows\SysWow64\Microsoft
2014-02-04 07:28 . 2014-02-04 07:29 -------- d-----w- c:\program files (x86)\OpenOffice 4
2014-02-04 07:27 . 2014-02-04 07:27 -------- d-----w- c:\programdata\CSIS
2014-02-04 07:27 . 2014-02-04 07:27 -------- d-----w- c:\program files (x86)\Heimdal
2014-02-04 07:25 . 2014-02-04 07:25 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-02-04 07:17 . 2014-02-04 07:17 -------- d-----w- c:\users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 07:17 . 2014-02-04 07:17 -------- d-----w- c:\program files (x86)\Secunia
2014-02-04 07:13 . 2014-02-04 07:13 533424 ----a-w- c:\windows\SysWow64\hmpalert.dll
2014-02-04 07:13 . 2014-02-04 07:13 488104 ----a-w- c:\windows\system32\hmpalert.dll
2014-02-04 07:13 . 2014-02-04 07:13 17416 ----a-w- c:\windows\system32\drivers\hmpalert.sys
2014-02-04 07:13 . 2014-02-04 07:13 -------- d-----w- c:\program files (x86)\HitmanPro.Alert
2014-02-04 07:01 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75DAD2A7-0F7A-4F65-8939-E8D2A6F97D83}\mpengine.dll
2014-02-04 06:59 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-04 06:27 . 2014-02-04 06:27 312744 ----a-w- c:\windows\system32\javaws.exe
2014-02-04 06:27 . 2014-02-04 06:27 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-02-04 06:27 . 2014-02-04 06:27 189352 ----a-w- c:\windows\system32\javaw.exe
2014-02-04 06:27 . 2014-02-04 06:27 189352 ----a-w- c:\windows\system32\java.exe
2014-02-04 06:27 . 2014-02-04 06:27 -------- d-----w- c:\program files\Java
2014-02-03 05:46 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-30 11:55 . 2014-01-30 11:58 -------- d-----w- c:\programdata\BlueStacksSetup
2014-01-25 11:23 . 2014-01-25 11:23 -------- d-----w- c:\program files (x86)\GotClip
2014-01-23 06:31 . 2014-01-12 15:01 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0D1839D3-5915-4785-9DAE-77DA76C5D54D}\gapaengine.dll
2014-01-23 06:22 . 2013-12-06 00:16 874312 ----a-w- c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2014-01-23 06:22 . 2013-12-05 19:41 22370928 ----a-w- c:\program files (x86)\Mozilla Firefox\xul.dll
2014-01-23 06:22 . 2013-12-05 19:37 276592 ----a-w- c:\program files (x86)\Mozilla Firefox\updater.exe
2014-01-23 06:22 . 2013-12-05 19:37 153712 ----a-w- c:\program files (x86)\Mozilla Firefox\softokn3.dll
2014-01-23 06:22 . 2013-12-05 19:37 18544 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-container.exe
2014-01-23 06:22 . 2013-12-05 19:37 92272 ----a-w- c:\program files (x86)\Mozilla Firefox\nssdbm3.dll
2014-01-23 06:22 . 2013-12-05 19:37 393840 ----a-w- c:\program files (x86)\Mozilla Firefox\nssckbi.dll
2014-01-23 06:22 . 2013-12-05 19:37 1776240 ----a-w- c:\program files (x86)\Mozilla Firefox\nss3.dll
2014-01-23 06:22 . 2013-12-05 19:34 302192 ----a-w- c:\program files (x86)\Mozilla Firefox\freebl3.dll
2014-01-23 06:22 . 2013-12-05 19:34 275568 ----a-w- c:\program files (x86)\Mozilla Firefox\firefox.exe
2014-01-23 06:22 . 2013-12-05 19:34 117360 ----a-w- c:\program files (x86)\Mozilla Firefox\crashreporter.exe
2014-01-23 06:22 . 2013-12-05 19:34 20080 ----a-w- c:\program files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2014-01-21 21:33 . 2013-10-25 06:17 15404032 ----a-w- c:\windows\system32\ieframe.dll
2014-01-21 21:33 . 2013-10-25 06:18 19271168 ----a-w- c:\windows\system32\mshtml.dll
2014-01-19 02:04 . 2014-01-19 02:04 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-01-17 16:23 . 2014-01-17 16:23 -------- d-----w- c:\users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-17 16:23 . 2014-01-21 07:32 -------- d-----w- c:\programdata\Microsoft Help
2014-01-15 04:23 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 04:23 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 04:23 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 04:23 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 04:23 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 04:23 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 04:23 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 04:23 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 04:23 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-04 07:24 . 2012-06-13 06:15 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-04 07:24 . 2012-06-13 06:15 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-19 07:33 . 2011-09-03 07:38 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-15 21:18 . 2011-06-13 13:57 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-06 14:47 . 2013-12-06 14:47 18456 ----a-w- c:\windows\system32\drivers\psi_mf_amd64.sys
2013-11-23 18:26 . 2013-12-12 13:29 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 13:29 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-12 13:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-12 13:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-26 102400]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-6-28 2721184]
Heimdal.lnk - c:\program files (x86)\Heimdal\Client\HeimdalAgent.exe [2013-11-6 1170080]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R1 pmplcahk;pmplcahk;c:\windows\system32\drivers\pmplcahk.sys;c:\windows\SYSNATIVE\drivers\pmplcahk.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys;c:\windows\SYSNATIVE\DRIVERS\ASPI32.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 HeimdalSecureDNS;Heimdal Secure DNS Service;c:\program files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe;c:\program files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [x]
S2 HeimdalService;Heimdal Service;c:\program files (x86)\Heimdal\Service\HeimdalAgentService.exe;c:\program files (x86)\Heimdal\Service\HeimdalAgentService.exe [x]
S2 hmpalert;HitmanPro.Alert Support Driver;c:\windows\system32\drivers\hmpalert.sys;c:\windows\SYSNATIVE\drivers\hmpalert.sys [x]
S2 hmpalertsvc;HitmanPro.Alert Service;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WinisoCDBus;WinISO Virtual CD Drive;c:\windows\system32\drivers\WinisoCDBus.sys;c:\windows\SYSNATIVE\drivers\WinisoCDBus.sys [x]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys;c:\windows\SYSNATIVE\drivers\CHDMI64.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PWLDIPOW
*Deregistered* - pwldipow
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 07:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Sascha & Nancy\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{A5B9220D-875B-4C63-A4B1-AABF1D74E973}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{62d40876-df18-411f-9d34-a9dd7a197bc5} - (no file)
Toolbar-Locked - (no file)
Toolbar-{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - (no file)
Toolbar-10 - (no file)
Toolbar-!{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file)
Wow6432Node-HKCU-Run-AppsHat - c:\users\Sascha & Nancy\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
Wow6432Node-HKLM-Run-ProtectedNET - c:\users\Sascha & Nancy\Desktop\Laufwerk\Jappy Rang + Credit Hack by JiNNy.exe
Wow6432Node-HKLM-Run-NPSStartup - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - c:\progra~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000\Software\SecuROM\License information*]
"datasecu"=hex:03,95,f1,c1,3b,2e,06,99,bc,29,33,e4,07,9b,1e,9f,42,9e,6b,d3,c6,
3e,68,d8,18,2f,80,fd,1c,28,25,1f,54,31,08,b5,57,0e,af,b6,f8,31,a1,a5,71,2e,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\GAMES\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\games\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
Code:
ATTFilter .
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_70"
.
|
|
04.02.2014, 18:07
| #7 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- OnlinebankingCode:
ATTFilter .
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_70"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_71"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_71"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_71"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-02-04 17:07:52
ComboFix-quarantined-files.txt 2014-02-04 16:07
.
Vor Suchlauf: 21 Verzeichnis(se), 36.428.292.096 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 39.299.223.552 Bytes frei
.
- - End Of File - - 6E1CC6F38F24E517FCC31B776756EC21
|
|
05.02.2014, 16:24
| #8 |
| /// Malwareteam | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Du hast Schritt 1 beim vorherigen Post nicht ganz richtig ausgeführt, bzw. mir das falsche Logfile gepostet. Falls du den Fix ausgeführt hast, poste mir noch das richtige Logfile. Schritt 1 Combofix-Skript
Schritt 2 Bitte deinstalliere folgende Programme:
Windows XP: Start -> Systemsteuerung -> Kategorieansicht auswählen (falls nicht voreingestellt) -> Softwareund wähle die angegeben Programme aus. Drücke Entfernen (Windows XP) oder Deinstallieren (Windows Vista/7). Schritt 3 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Starte noch einmal FRST.
Poste folgende Logfiles in deiner nächsten Antwort:
__________________ Gruß, Jonas |
|
05.02.2014, 17:49
| #9 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Hoffe doch der ist korrekt? Bin dann erstmal am ausführen  Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2014
Ran by Sascha & Nancy at 2014-02-04 14:42:11 Run:1
Running from C:\Users\Sascha & Nancy\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
cmd: type "C:\Users\SASCHA~1\AppData\Local\Temp\logger.vbs"
*****************
========= type "C:\Users\SASCHA~1\AppData\Local\Temp\logger.vbs" =========
Das System kann die angegebene Datei nicht finden.
========= End of CMD: =========
==== End of Fixlog ====
Code:
ATTFilter C:\Qoobox\Quarantine\c\programdata\TOSHIBA\C11DACE4-A272-487e-83EB-32BF198C5E5D\dat0.bin -> C:\programdata\TOSHIBA\C11DACE4-A272-487e-83EB-32BF198C5E5D\dat0.bin
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\SmartFaceVCam.ini -> C:\programdata\TOSHIBA\SmartFaceV\SmartFaceVCam.ini
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\SmartFaceVSetting.ini -> C:\programdata\TOSHIBA\SmartFaceV\SmartFaceVSetting.ini
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\SmartFaceVWatcher.ini -> C:\programdata\TOSHIBA\SmartFaceV\SmartFaceVWatcher.ini
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database.dat -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database.dat
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dck -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dck
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dckev -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dckev
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.mck -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.mck
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile-CMSM.txt -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile-CMSM.txt
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile.txt -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile.txt
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def-V.dck -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def-V.dck
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dck -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dck
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dckev -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dckev
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.mck -> C:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.mck
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\FaceRecogLog\FaceRecogLog -> C:\programdata\TOSHIBA\SmartFaceV\FaceRecogLog\FaceRecogLog
C:\Qoobox\Quarantine\c\programdata\TOSHIBA\SmartFaceV\Users\userdata.dat -> C:\programdata\TOSHIBA\SmartFaceV\Users\userdata.dat
17 Datei(en) kopiert
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml.bak -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml.bak
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\BulletinBoardLog.txt -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\BulletinBoardLog.txt
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\GettingStartedData.xml -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\GettingStartedData.xml
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\screenshot.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\screenshot.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml.bak -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml.bak
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Share.xml -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Share.xml
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\ToshibaBoardSettings.xml -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\ToshibaBoardSettings.xml
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\board1.xml -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\board1.xml
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c110.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c110.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c20.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c20.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c50.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c50.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r4_c70.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r4_c70.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c100.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c100.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c40.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c40.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Help_Top000000.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Help_Top000000.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\IMG_2866000000.jpg -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\IMG_2866000000.jpg
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml.bak -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml.bak
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\Board.xml -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\Board.xml
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\1394Test.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\1394Test.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\1394Test.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\1394Test.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cddrivetest.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cddrivetest.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cddrivetest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cddrivetest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\chkpc.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\chkpc.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\chkpc.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\chkpc.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cputest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cputest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\dialtonetest.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\dialtonetest.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\dialtonetest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\dialtonetest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\DISPLAYTest.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\DISPLAYTest.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\DISPLAYTest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\DISPLAYTest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\disptest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\disptest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\fddtest.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\fddtest.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\fddtest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\fddtest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\hddrivetest.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\hddrivetest.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\hddrivetest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\hddrivetest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\memtest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\memtest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\MODEMTest.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\MODEMTest.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\MODEMTest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\MODEMTest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\NETTest.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\NETTest.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\NETTest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\NETTest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\PCMCIATest.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\PCMCIATest.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\PCMCIATest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\PCMCIATest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\USBTest.csv -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\USBTest.csv
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\USBTest.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\USBTest.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbeminfo.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbeminfo.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbemQFE.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbemQFE.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbemSoundDev.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbemSoundDev.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\Logs\Test Bericht -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\Logs\Test Bericht
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Exception.log -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Exception.log
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUAppData.dat -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUAppData.dat
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUFileData.dat -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUFileData.dat
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.setting.xml -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.setting.xml
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUAppData.dat -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUAppData.dat
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUFileData.dat -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUFileData.dat
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\012cb269-5017-48fb-b82c-eeab139e9d64.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\012cb269-5017-48fb-b82c-eeab139e9d64.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\01eb3b9d-e085-408d-bbdc-6af0bc01e190.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\01eb3b9d-e085-408d-bbdc-6af0bc01e190.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0485ee96-7b3d-44a3-ab34-bddd06c33d04.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0485ee96-7b3d-44a3-ab34-bddd06c33d04.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\05981274-02e9-43c9-804d-a378cd782218.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\05981274-02e9-43c9-804d-a378cd782218.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\07ea537f-38b9-4432-bdbd-de6ff53197c2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\07ea537f-38b9-4432-bdbd-de6ff53197c2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0825ad34-c619-4f95-abad-62473cc5ff86.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0825ad34-c619-4f95-abad-62473cc5ff86.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\08fc6404-d0ed-41e1-b16c-157bbf979885.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\08fc6404-d0ed-41e1-b16c-157bbf979885.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0be73a9d-1ec3-4db5-9f88-5115c8567fff.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0be73a9d-1ec3-4db5-9f88-5115c8567fff.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0ce5d205-74a5-4549-a6a5-f0403d76623f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0ce5d205-74a5-4549-a6a5-f0403d76623f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0dd911bf-b1e6-490e-927c-137bf1c1a6ad.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0dd911bf-b1e6-490e-927c-137bf1c1a6ad.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e2b30bf-22a6-44ae-9098-8c6249be82aa.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e2b30bf-22a6-44ae-9098-8c6249be82aa.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e2fc6f2-dca0-494f-81f4-10f9d365d923.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e2fc6f2-dca0-494f-81f4-10f9d365d923.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e73cd29-8a5c-4fbc-b64e-205a311a4813.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e73cd29-8a5c-4fbc-b64e-205a311a4813.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\105c0a19-ba43-4598-b77d-48789615371e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\105c0a19-ba43-4598-b77d-48789615371e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\10a586d2-86d4-43be-ac7c-06dff5e0b4c1.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\10a586d2-86d4-43be-ac7c-06dff5e0b4c1.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\116582cf-ea86-41ad-9df7-a8a073a807d6.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\116582cf-ea86-41ad-9df7-a8a073a807d6.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11b562ec-7258-4d29-9c97-ab6c70960f25.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11b562ec-7258-4d29-9c97-ab6c70960f25.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11b7581e-c973-481a-8de1-3ff4fdf069f6.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11b7581e-c973-481a-8de1-3ff4fdf069f6.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11c0388e-a02f-424c-af50-e4e190ae27ed.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11c0388e-a02f-424c-af50-e4e190ae27ed.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1258f620-b02b-49fe-b64a-f35609087239.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1258f620-b02b-49fe-b64a-f35609087239.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\13714d91-9b7d-4735-9a26-a081bc0ee8bc.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\13714d91-9b7d-4735-9a26-a081bc0ee8bc.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\13e0a46b-49e3-4a95-a025-8ceaecdc565c.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\13e0a46b-49e3-4a95-a025-8ceaecdc565c.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\15fcb673-6ca6-439e-b9d4-4b8f3c4e5b57.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\15fcb673-6ca6-439e-b9d4-4b8f3c4e5b57.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\166276f3-8a98-4cd5-b5b8-bb6d6548907f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\166276f3-8a98-4cd5-b5b8-bb6d6548907f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1713f213-3eb2-4f83-a3ea-87ab8c47f3f2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1713f213-3eb2-4f83-a3ea-87ab8c47f3f2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1c40bc9a-7284-4c79-9936-b3b2e8209dc4.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1c40bc9a-7284-4c79-9936-b3b2e8209dc4.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1e0d2d7a-d7ad-4872-8e53-fda478502f7f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1e0d2d7a-d7ad-4872-8e53-fda478502f7f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1f4edc29-b9d5-4ab1-9911-759792c91fd2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1f4edc29-b9d5-4ab1-9911-759792c91fd2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1f8b7a2d-d7e4-4034-a92b-21189d4b785c.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1f8b7a2d-d7e4-4034-a92b-21189d4b785c.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\22252cd3-4ce5-466f-a66c-06bcb01dc296.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\22252cd3-4ce5-466f-a66c-06bcb01dc296.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\234325f3-8e02-4fe6-8d3d-9af16fa146d3.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\234325f3-8e02-4fe6-8d3d-9af16fa146d3.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\236bf208-da64-4672-907b-f9f27e3d53ec.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\236bf208-da64-4672-907b-f9f27e3d53ec.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\23e085c3-3685-49c6-9aef-e0a68a9e8dc6.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\23e085c3-3685-49c6-9aef-e0a68a9e8dc6.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\24895d38-8ad8-4fdb-8d1d-f82b0dd3e216.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\24895d38-8ad8-4fdb-8d1d-f82b0dd3e216.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26295d27-9c29-449d-a0f6-d08ab019a412.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26295d27-9c29-449d-a0f6-d08ab019a412.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26588f0b-5dc5-44d3-933a-aca16bed0833.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26588f0b-5dc5-44d3-933a-aca16bed0833.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26657709-5e90-4462-8b34-2e4a37e45c4b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26657709-5e90-4462-8b34-2e4a37e45c4b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\27c6038b-aa8d-4c8a-ad23-14815fd828b8.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\27c6038b-aa8d-4c8a-ad23-14815fd828b8.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2847a211-a1ab-48f6-9904-3cd2bbb2a490.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2847a211-a1ab-48f6-9904-3cd2bbb2a490.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\28f64a7f-4bc6-4aee-88ff-5286789156ad.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\28f64a7f-4bc6-4aee-88ff-5286789156ad.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2a31e9d9-6080-470b-8ad4-9eca7d913838.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2a31e9d9-6080-470b-8ad4-9eca7d913838.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2adb8040-567c-4bac-adf6-4c01ecb0e731.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2adb8040-567c-4bac-adf6-4c01ecb0e731.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2aeb2214-3a0f-4918-b323-0e14effe82bb.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2aeb2214-3a0f-4918-b323-0e14effe82bb.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2bc7b66f-7897-4641-ab0c-af666d82ee82.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2bc7b66f-7897-4641-ab0c-af666d82ee82.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2be17cf1-7d4d-4ff6-bfc1-4261fa46c731.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2be17cf1-7d4d-4ff6-bfc1-4261fa46c731.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2e56b539-734b-424f-b0db-1222258c8aae.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2e56b539-734b-424f-b0db-1222258c8aae.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2f1f3fa4-2ba6-4d65-8286-c1dbb6445b16.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2f1f3fa4-2ba6-4d65-8286-c1dbb6445b16.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\307daf94-dc71-468a-ae2d-e43ff2d606f1.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\307daf94-dc71-468a-ae2d-e43ff2d606f1.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\31a35f6c-38aa-4c94-8635-8bcade248944.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\31a35f6c-38aa-4c94-8635-8bcade248944.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\31c1a3bf-a2a9-4e61-89e0-12ad356261a4.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\31c1a3bf-a2a9-4e61-89e0-12ad356261a4.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\32143b1f-dd4c-4614-8511-f44d3c37c798.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\32143b1f-dd4c-4614-8511-f44d3c37c798.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\33ef72e4-3a3c-4168-95ee-69b999f3dc50.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\33ef72e4-3a3c-4168-95ee-69b999f3dc50.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\34025ab2-9d28-42be-84d8-a1d73b60ad18.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\34025ab2-9d28-42be-84d8-a1d73b60ad18.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\357dce9d-6a30-4730-bb20-cf0c0fc650f4.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\357dce9d-6a30-4730-bb20-cf0c0fc650f4.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\35d3ec51-424d-4d15-9d59-ad7f0554bd23.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\35d3ec51-424d-4d15-9d59-ad7f0554bd23.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\362d06ca-6ee3-4f9f-a7d9-0939c91fad48.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\362d06ca-6ee3-4f9f-a7d9-0939c91fad48.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3721ef84-adf6-487a-bf5f-543cac2cb4ec.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3721ef84-adf6-487a-bf5f-543cac2cb4ec.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\37fcc561-d0c6-4a27-bd96-1c6ae4a7bd28.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\37fcc561-d0c6-4a27-bd96-1c6ae4a7bd28.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\388d4ac5-b1e6-4ebd-bfcf-8537f385f096.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\388d4ac5-b1e6-4ebd-bfcf-8537f385f096.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\38f9ba70-490f-487d-a4c3-cbe4fbac20e0.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\38f9ba70-490f-487d-a4c3-cbe4fbac20e0.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\393de2f5-2776-41ad-a7bd-7198bc797408.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\393de2f5-2776-41ad-a7bd-7198bc797408.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\39f7415e-cdf2-43a1-ae34-893d6603300c.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\39f7415e-cdf2-43a1-ae34-893d6603300c.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3a0670b4-914c-4e8b-93cd-8d7cb942e28f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3a0670b4-914c-4e8b-93cd-8d7cb942e28f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3b2bf223-6da6-4008-8149-61cea1779795.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3b2bf223-6da6-4008-8149-61cea1779795.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3f74f6f7-8e6b-4ad2-852d-7a9fe415ba6d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3f74f6f7-8e6b-4ad2-852d-7a9fe415ba6d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\40b50b44-803d-44ec-9560-eb92b57ea3cc.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\40b50b44-803d-44ec-9560-eb92b57ea3cc.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\40df5f98-464f-4fb6-ad59-25be62557f1e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\40df5f98-464f-4fb6-ad59-25be62557f1e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\43a173bc-54ac-4ca8-9133-39dc4bb09ed5.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\43a173bc-54ac-4ca8-9133-39dc4bb09ed5.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\44c5d09f-056f-4564-9023-0ff0c833ffcb.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\44c5d09f-056f-4564-9023-0ff0c833ffcb.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\44d3bf05-b9d8-4840-99a3-6431a5918d0a.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\44d3bf05-b9d8-4840-99a3-6431a5918d0a.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\45551e4e-fc40-40dd-9e52-a4cad5937a79.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\45551e4e-fc40-40dd-9e52-a4cad5937a79.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\46e96372-6341-4286-bc90-bc50bcc621db.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\46e96372-6341-4286-bc90-bc50bcc621db.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\473b0d3a-0ca3-41b2-a791-d5c7c621c088.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\473b0d3a-0ca3-41b2-a791-d5c7c621c088.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\479ac8d4-12d8-400a-b2eb-9189303a898f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\479ac8d4-12d8-400a-b2eb-9189303a898f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\48a7731e-743b-4646-ab65-fb38afc2ee3b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\48a7731e-743b-4646-ab65-fb38afc2ee3b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\495b54b4-cb5c-42c2-9032-df3592cb2204.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\495b54b4-cb5c-42c2-9032-df3592cb2204.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\49ab966d-1130-41db-8d5c-5bb5251f7c74.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\49ab966d-1130-41db-8d5c-5bb5251f7c74.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4b06871b-d080-4c48-b8b7-4cb8e2ba61d2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4b06871b-d080-4c48-b8b7-4cb8e2ba61d2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4baccb9c-e21e-43b2-bb24-b836cf0fb77a.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4baccb9c-e21e-43b2-bb24-b836cf0fb77a.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4c02164a-fba5-4333-903a-333bbe40849e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4c02164a-fba5-4333-903a-333bbe40849e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4d3d6683-2fed-4d65-aa9f-83392f4cf290.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4d3d6683-2fed-4d65-aa9f-83392f4cf290.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4fb94aa1-1d37-4bde-a016-27553c0526b4.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4fb94aa1-1d37-4bde-a016-27553c0526b4.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\503c49cc-7cdb-4fa1-a0fa-c6f68a548b17.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\503c49cc-7cdb-4fa1-a0fa-c6f68a548b17.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\50bef3ea-f148-4ac7-a96a-eb2ab119c76d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\50bef3ea-f148-4ac7-a96a-eb2ab119c76d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\515d35c8-faf3-4aa9-a475-5b7d1f202006.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\515d35c8-faf3-4aa9-a475-5b7d1f202006.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\54bddaaf-c62d-44e3-8b7e-c44d0a4b238d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\54bddaaf-c62d-44e3-8b7e-c44d0a4b238d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\561ac496-8929-4bac-af19-f57251c933f7.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\561ac496-8929-4bac-af19-f57251c933f7.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5644d63f-ad16-43fb-9236-538768beef82.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5644d63f-ad16-43fb-9236-538768beef82.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\56a0ceb6-e292-4be1-b2c4-0c35965d3d0e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\56a0ceb6-e292-4be1-b2c4-0c35965d3d0e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\56cec41d-1ab6-4290-b8c2-7dda878d2226.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\56cec41d-1ab6-4290-b8c2-7dda878d2226.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\57aeeddb-ce93-4c02-8ab2-151c61d2e7f1.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\57aeeddb-ce93-4c02-8ab2-151c61d2e7f1.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\57f861e8-0e96-486a-9764-a9050d56cd17.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\57f861e8-0e96-486a-9764-a9050d56cd17.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\58881de7-618f-46fc-951d-4370637c43ca.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\58881de7-618f-46fc-951d-4370637c43ca.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\589581dd-10a9-4036-b477-e31a01aa4930.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\589581dd-10a9-4036-b477-e31a01aa4930.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5913b47b-bd3b-4082-bddc-89e24281509a.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5913b47b-bd3b-4082-bddc-89e24281509a.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5ba0dbb7-2e22-4857-a03f-04fe7c8d33a6.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5ba0dbb7-2e22-4857-a03f-04fe7c8d33a6.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5baa9f08-31b7-4503-8132-b94738aff13e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5baa9f08-31b7-4503-8132-b94738aff13e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5c2f7309-1539-4691-a2cd-5424309be77b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5c2f7309-1539-4691-a2cd-5424309be77b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5c4f6108-7bf2-433e-bbda-0f3d534c403e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5c4f6108-7bf2-433e-bbda-0f3d534c403e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5d2f87a2-0018-4dd5-8d34-220a5dfcbd70.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5d2f87a2-0018-4dd5-8d34-220a5dfcbd70.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5de8cae9-7592-49c8-85ea-186d68f31fbb.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5de8cae9-7592-49c8-85ea-186d68f31fbb.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5e61e893-0cbd-4442-a7b0-b89a2f31ff9c.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5e61e893-0cbd-4442-a7b0-b89a2f31ff9c.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5e740978-b9b1-4426-b68e-7a6399ec63dc.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5e740978-b9b1-4426-b68e-7a6399ec63dc.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5ebf5a19-5416-4e16-8b23-633aacb0516d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5ebf5a19-5416-4e16-8b23-633aacb0516d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\61f9b6eb-6202-41e7-932d-184876aa8439.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\61f9b6eb-6202-41e7-932d-184876aa8439.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\622e0716-53b8-4624-b358-b0595ef46e81.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\622e0716-53b8-4624-b358-b0595ef46e81.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6458f5ba-5585-4140-b30b-89af971a3ce9.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6458f5ba-5585-4140-b30b-89af971a3ce9.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\65cfffce-8aed-4774-8ead-5517fd56c3b2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\65cfffce-8aed-4774-8ead-5517fd56c3b2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\660e031b-51d4-49a4-8ec1-e1f8033da8df.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\660e031b-51d4-49a4-8ec1-e1f8033da8df.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\677dc705-a4f1-43fe-8031-a45b4c6463f5.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\677dc705-a4f1-43fe-8031-a45b4c6463f5.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6948104b-dcc1-4a3b-b829-33376a0f0dbb.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6948104b-dcc1-4a3b-b829-33376a0f0dbb.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\69618347-995a-431d-81e4-11d3a21ecef7.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\69618347-995a-431d-81e4-11d3a21ecef7.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b113dc4-d60e-4ab7-8f80-5bc3a577f08b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b113dc4-d60e-4ab7-8f80-5bc3a577f08b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b22287e-33a5-4a76-bd2b-14badcd16cce.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b22287e-33a5-4a76-bd2b-14badcd16cce.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b569990-324b-433b-8913-658ebb071916.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b569990-324b-433b-8913-658ebb071916.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b9263a5-d282-49c6-affc-e158f198c509.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b9263a5-d282-49c6-affc-e158f198c509.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6bb60d78-094e-4346-8922-52a4da5a5a9a.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6bb60d78-094e-4346-8922-52a4da5a5a9a.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6d0ba5ba-5ba0-40b3-8455-a3ba8de0a994.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6d0ba5ba-5ba0-40b3-8455-a3ba8de0a994.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6d8c7a70-8266-4f84-a917-af4335a6cffb.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6d8c7a70-8266-4f84-a917-af4335a6cffb.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6f5a312f-c628-4eb8-9b20-d40c17f71018.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6f5a312f-c628-4eb8-9b20-d40c17f71018.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\70094552-0be7-46af-b2f5-e48fda1647fe.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\70094552-0be7-46af-b2f5-e48fda1647fe.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\70250457-8ffa-4eb9-96f1-e213c089e128.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\70250457-8ffa-4eb9-96f1-e213c089e128.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7173aed9-2529-4db1-b121-6bf32afa1c4f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7173aed9-2529-4db1-b121-6bf32afa1c4f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7692d40d-dc2b-4f55-b837-372d92b38bfb.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7692d40d-dc2b-4f55-b837-372d92b38bfb.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\778ffb2f-31a1-4403-8935-86b98aa780ac.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\778ffb2f-31a1-4403-8935-86b98aa780ac.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7794a29a-bd48-409a-ba08-c77a436ccbb4.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7794a29a-bd48-409a-ba08-c77a436ccbb4.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\77d84240-cbad-414f-9c5f-85296546ac84.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\77d84240-cbad-414f-9c5f-85296546ac84.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\77e63912-2364-4ef9-acc8-956a0b72285b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\77e63912-2364-4ef9-acc8-956a0b72285b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\78937aa3-3e04-4231-a16e-355aadf98719.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\78937aa3-3e04-4231-a16e-355aadf98719.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\789a6f63-a6ca-4d6d-b98d-627ec52ff842.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\789a6f63-a6ca-4d6d-b98d-627ec52ff842.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7b0bdae8-8a46-411f-9657-4c9ad94805fa.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7b0bdae8-8a46-411f-9657-4c9ad94805fa.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7bf8d10a-e4f5-4ba6-8eb7-5d531af47f0c.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7bf8d10a-e4f5-4ba6-8eb7-5d531af47f0c.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7eb46b15-97dd-4027-830a-0f834bcb4984.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7eb46b15-97dd-4027-830a-0f834bcb4984.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\802bd575-c2b2-4a5f-bf7f-8317d76c7b6f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\802bd575-c2b2-4a5f-bf7f-8317d76c7b6f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\80308d0e-9f6e-468e-a9e1-fa7f769713ad.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\80308d0e-9f6e-468e-a9e1-fa7f769713ad.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\805b70dd-07c6-4bcb-b15e-2890037cb01f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\805b70dd-07c6-4bcb-b15e-2890037cb01f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8216c306-2f3c-4bdf-ab22-160ef6cd6bdf.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8216c306-2f3c-4bdf-ab22-160ef6cd6bdf.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\82af9b6d-3e8b-49b0-8aa9-2ea8fca81083.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\82af9b6d-3e8b-49b0-8aa9-2ea8fca81083.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\84e04d6d-f4c0-47a5-bfb9-5e10e9a191d1.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\84e04d6d-f4c0-47a5-bfb9-5e10e9a191d1.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\85dfe300-08e2-4d47-b5f3-4061458c12c4.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\85dfe300-08e2-4d47-b5f3-4061458c12c4.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8777937a-37df-4d28-9910-bcc5caaf4332.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8777937a-37df-4d28-9910-bcc5caaf4332.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\87b4aec7-410f-4cbd-b43b-b3ca7ad0676e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\87b4aec7-410f-4cbd-b43b-b3ca7ad0676e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\89f68abd-9a6f-480e-aab5-037511323b30.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\89f68abd-9a6f-480e-aab5-037511323b30.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8a81cac4-d3c4-4f91-9330-47754d359df2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8a81cac4-d3c4-4f91-9330-47754d359df2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8af96b9b-ddd2-47b9-8d15-4e62b212e80a.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8af96b9b-ddd2-47b9-8d15-4e62b212e80a.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8bc59ff7-31d3-4789-8118-103dd6938ede.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8bc59ff7-31d3-4789-8118-103dd6938ede.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8c5c81f3-b376-4b8b-bc37-375cc9cad816.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8c5c81f3-b376-4b8b-bc37-375cc9cad816.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8cb6fb64-48b4-4270-aa4a-8241af283785.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8cb6fb64-48b4-4270-aa4a-8241af283785.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8d1e1620-b405-4a25-9e40-6d3c0b3910d7.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8d1e1620-b405-4a25-9e40-6d3c0b3910d7.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8d790e07-db37-48f6-9cde-60a871397d16.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8d790e07-db37-48f6-9cde-60a871397d16.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8e2f19db-ea5d-40ca-b7dd-26210c6443b2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8e2f19db-ea5d-40ca-b7dd-26210c6443b2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8fd5a45e-8f05-4ed6-b848-8d5363e2c2c9.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8fd5a45e-8f05-4ed6-b848-8d5363e2c2c9.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9009a268-489f-49b2-825f-8971261e0fe8.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9009a268-489f-49b2-825f-8971261e0fe8.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\900e3db4-5989-4933-a349-351bef47a7bd.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\900e3db4-5989-4933-a349-351bef47a7bd.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\92934aba-3abb-4c28-991a-61fc771acc77.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\92934aba-3abb-4c28-991a-61fc771acc77.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9785131f-a413-4dfa-8695-39c531da80d1.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9785131f-a413-4dfa-8695-39c531da80d1.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\97e2a3e5-77bd-4892-9fb8-5aa94eaa4add.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\97e2a3e5-77bd-4892-9fb8-5aa94eaa4add.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\97e50b72-98ab-41ef-baeb-9f6a51b29119.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\97e50b72-98ab-41ef-baeb-9f6a51b29119.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9834dae9-390a-4c2e-9ef7-4c6331a3019c.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9834dae9-390a-4c2e-9ef7-4c6331a3019c.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\98a38be4-5be4-4d56-a608-1a7d38f3b569.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\98a38be4-5be4-4d56-a608-1a7d38f3b569.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\98b16b22-57ec-460e-8c27-3098bec85dc8.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\98b16b22-57ec-460e-8c27-3098bec85dc8.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\99af28f3-6646-4ab9-889f-a28be3246a07.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\99af28f3-6646-4ab9-889f-a28be3246a07.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9a5d80e8-fe85-46cf-afa7-6e3513da925e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9a5d80e8-fe85-46cf-afa7-6e3513da925e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9e4fa622-091f-4e3f-9876-aff815e4b91e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9e4fa622-091f-4e3f-9876-aff815e4b91e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9e6b91f9-2a6d-422d-b492-6bf6df7aac8d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9e6b91f9-2a6d-422d-b492-6bf6df7aac8d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9eab6ea3-6471-4aee-b8c6-00417e5f66d2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9eab6ea3-6471-4aee-b8c6-00417e5f66d2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a09d750d-b00c-4639-a0ed-454d04d122d6.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a09d750d-b00c-4639-a0ed-454d04d122d6.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a0a32a21-8088-4ccd-a679-7023279c8d43.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a0a32a21-8088-4ccd-a679-7023279c8d43.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a0daf90d-1796-4eef-950d-23d8926a418e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a0daf90d-1796-4eef-950d-23d8926a418e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a389dc59-793b-4b03-b543-dc1554b851a9.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a389dc59-793b-4b03-b543-dc1554b851a9.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a3e538b0-ae9d-4d2c-bb7e-82cacfb7e034.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a3e538b0-ae9d-4d2c-bb7e-82cacfb7e034.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a5a860ee-6351-4823-94cc-a90ab6ab8e22.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a5a860ee-6351-4823-94cc-a90ab6ab8e22.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a648a04c-6b2a-448b-a38f-60973fe38f98.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a648a04c-6b2a-448b-a38f-60973fe38f98.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a65f01ec-ee54-4282-9d06-4d1228be8636.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a65f01ec-ee54-4282-9d06-4d1228be8636.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ab77cd47-f22d-4061-8618-8a77d5ea7fb2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ab77cd47-f22d-4061-8618-8a77d5ea7fb2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad148ef6-5ec5-4508-ab71-db0b3e52c9e3.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad148ef6-5ec5-4508-ab71-db0b3e52c9e3.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad28aa0c-9d02-4de0-81b2-37d697cf407a.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad28aa0c-9d02-4de0-81b2-37d697cf407a.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad44745b-e45c-425e-b75e-c93c4c1678b6.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad44745b-e45c-425e-b75e-c93c4c1678b6.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b05685c7-4759-4a36-a712-b3b68d5b997f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b05685c7-4759-4a36-a712-b3b68d5b997f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b07c2a20-f0ee-4c0f-9ae1-9bf92acb2fd7.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b07c2a20-f0ee-4c0f-9ae1-9bf92acb2fd7.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b217b4d0-1ea8-4c13-b22c-1a57fb6c3656.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b217b4d0-1ea8-4c13-b22c-1a57fb6c3656.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b2f51970-0c7e-443d-8a3d-0d090db9c1ad.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b2f51970-0c7e-443d-8a3d-0d090db9c1ad.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b34cb097-bc3b-4ed0-a268-a81641475f44.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b34cb097-bc3b-4ed0-a268-a81641475f44.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b47ca70a-7b3e-47f6-94fd-04a82a812faa.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b47ca70a-7b3e-47f6-94fd-04a82a812faa.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b4ad9b39-a925-411c-9257-5317de38c43d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b4ad9b39-a925-411c-9257-5317de38c43d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b4dcb516-d92b-41d5-9b2c-38f01a312a33.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b4dcb516-d92b-41d5-9b2c-38f01a312a33.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b5aaf37c-a10f-441a-9d42-fe2aaa1990d3.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b5aaf37c-a10f-441a-9d42-fe2aaa1990d3.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b64a244d-67a3-4377-942e-ce613bc9fe3c.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b64a244d-67a3-4377-942e-ce613bc9fe3c.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b7ee901e-9d2a-4686-9062-66bbfbcf4a42.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b7ee901e-9d2a-4686-9062-66bbfbcf4a42.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b843c77a-9176-4c41-9ac6-fb8284229e59.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b843c77a-9176-4c41-9ac6-fb8284229e59.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b87abfdd-99f2-4cee-8374-b5e3cf1ff29f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b87abfdd-99f2-4cee-8374-b5e3cf1ff29f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b988acbc-3cf6-4ca0-b783-96f358030232.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b988acbc-3cf6-4ca0-b783-96f358030232.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bacbc4a4-15cd-4f71-b86d-e00c6706af01.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bacbc4a4-15cd-4f71-b86d-e00c6706af01.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bbc70069-82fc-409a-8028-4fb096b42630.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bbc70069-82fc-409a-8028-4fb096b42630.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd2c87c0-b355-4eee-8f78-704351a9cb9e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd2c87c0-b355-4eee-8f78-704351a9cb9e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd49d8c7-80eb-4584-a837-42f3a6b5d862.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd49d8c7-80eb-4584-a837-42f3a6b5d862.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd82aa01-9714-40ed-bf1c-b2eb8bd4706d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd82aa01-9714-40ed-bf1c-b2eb8bd4706d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bda30f22-acbd-47a2-aaba-c62dd4e8b1c5.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bda30f22-acbd-47a2-aaba-c62dd4e8b1c5.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bdcc18e5-794a-486a-80d2-53cb535ae1be.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bdcc18e5-794a-486a-80d2-53cb535ae1be.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be073235-0f8a-43b2-a4a2-3e6d02c02b47.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be073235-0f8a-43b2-a4a2-3e6d02c02b47.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be788a1b-2e0a-44ce-a669-e5b787beaa8b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be788a1b-2e0a-44ce-a669-e5b787beaa8b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be8743c2-5add-43f0-a565-de4f8b6e39db.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be8743c2-5add-43f0-a565-de4f8b6e39db.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bfc4a6a6-1739-407d-b87c-af3c9eb5ab42.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bfc4a6a6-1739-407d-b87c-af3c9eb5ab42.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c0c22d8f-7a86-4c74-8581-52caf880f794.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c0c22d8f-7a86-4c74-8581-52caf880f794.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c0cf4f90-cd60-4757-a2e5-5d99b26fb834.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c0cf4f90-cd60-4757-a2e5-5d99b26fb834.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c15c1caa-f11b-4d04-bde7-f221c605b0f6.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c15c1caa-f11b-4d04-bde7-f221c605b0f6.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c20643cf-465b-4b7c-939d-bc13552ddbc0.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c20643cf-465b-4b7c-939d-bc13552ddbc0.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c4274673-e2af-4073-a904-16996d717aeb.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c4274673-e2af-4073-a904-16996d717aeb.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c44572f4-e5fb-480f-a092-1a92682a0921.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c44572f4-e5fb-480f-a092-1a92682a0921.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c5805a90-445e-4f5d-ba5d-a4301175900e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c5805a90-445e-4f5d-ba5d-a4301175900e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c6149441-afd8-47f2-bec9-8a87da91ec66.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c6149441-afd8-47f2-bec9-8a87da91ec66.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c6408267-d35a-4c75-80dc-e287d2623a4c.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c6408267-d35a-4c75-80dc-e287d2623a4c.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c72aa6fc-55b0-4fde-812b-752e975b8bfd.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c72aa6fc-55b0-4fde-812b-752e975b8bfd.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c911b72f-3f30-49b3-817f-fdbe77b4f806.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c911b72f-3f30-49b3-817f-fdbe77b4f806.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ca77d85b-84ad-4c0f-a46a-b1256dceeb09.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ca77d85b-84ad-4c0f-a46a-b1256dceeb09.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\caeff903-89ec-4f5e-ad72-7336723f3817.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\caeff903-89ec-4f5e-ad72-7336723f3817.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cba71b78-cbdc-4462-97a9-f9b14c6a351e.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cba71b78-cbdc-4462-97a9-f9b14c6a351e.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cd20eb31-d9f7-40e7-b80c-43c304de0a08.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cd20eb31-d9f7-40e7-b80c-43c304de0a08.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cd5e6b43-e13e-4973-a0b9-bc73a2407600.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cd5e6b43-e13e-4973-a0b9-bc73a2407600.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ceb570ec-fff3-4d61-8ed6-4dfb6886403c.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ceb570ec-fff3-4d61-8ed6-4dfb6886403c.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d01112d8-ecc5-4893-97b0-f833362dfaf2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d01112d8-ecc5-4893-97b0-f833362dfaf2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d0444ba0-0ee0-4582-a9c5-fe95f7c9bd7d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d0444ba0-0ee0-4582-a9c5-fe95f7c9bd7d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d218efa4-a33d-4884-a711-87dd31b86d2d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d218efa4-a33d-4884-a711-87dd31b86d2d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d28c7378-cef4-49a3-8b9e-23f97913cfd9.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d28c7378-cef4-49a3-8b9e-23f97913cfd9.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d33da0ba-7bab-48d4-b7c6-00f93bc2caf9.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d33da0ba-7bab-48d4-b7c6-00f93bc2caf9.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d37b7bb6-dc73-4e9e-a342-aeb22fbf7f91.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d37b7bb6-dc73-4e9e-a342-aeb22fbf7f91.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d3e2a15c-ec27-4506-a0d2-ecc5728e43fc.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d3e2a15c-ec27-4506-a0d2-ecc5728e43fc.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d44b3f5d-e2f9-4b64-a7c4-4829e76fc747.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d44b3f5d-e2f9-4b64-a7c4-4829e76fc747.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d461205c-c0ee-406d-b0ff-2cfd3b69d3d0.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d461205c-c0ee-406d-b0ff-2cfd3b69d3d0.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d56402bb-e8b1-42fc-a6ee-9d61856cd2a2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d56402bb-e8b1-42fc-a6ee-9d61856cd2a2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d5a7763d-1a87-4ffc-a339-559910401724.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d5a7763d-1a87-4ffc-a339-559910401724.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d6196911-b6d3-447c-b823-19d541c3cd24.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d6196911-b6d3-447c-b823-19d541c3cd24.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d6f56658-453a-4a16-bfab-5af733a49fd9.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d6f56658-453a-4a16-bfab-5af733a49fd9.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d7f23f30-b744-449b-84c9-5b6e8143f6da.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d7f23f30-b744-449b-84c9-5b6e8143f6da.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\da51d6b0-b96a-4730-9702-645b422d151b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\da51d6b0-b96a-4730-9702-645b422d151b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\df10f224-3a42-4922-8f71-6c5ed5199c98.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\df10f224-3a42-4922-8f71-6c5ed5199c98.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\dfb35b77-ecf6-45b8-97ec-f09552020d60.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\dfb35b77-ecf6-45b8-97ec-f09552020d60.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e070f596-72aa-484c-8f65-6905612ddd99.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e070f596-72aa-484c-8f65-6905612ddd99.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1432d1a-2c0a-4b21-b66c-c7eae315ff7f.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1432d1a-2c0a-4b21-b66c-c7eae315ff7f.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1a0e70b-c932-4dd9-9f5f-ed73df1740d0.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1a0e70b-c932-4dd9-9f5f-ed73df1740d0.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1af67b5-f9b6-4cab-adcd-501d3a12c846.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1af67b5-f9b6-4cab-adcd-501d3a12c846.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e34b7e81-2094-42c1-b591-07906238a8fe.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e34b7e81-2094-42c1-b591-07906238a8fe.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e5367c43-fe2c-4266-8f9b-751c754d5cb3.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e5367c43-fe2c-4266-8f9b-751c754d5cb3.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e53c9836-14f8-453a-92de-8f0b9c7e5afe.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e53c9836-14f8-453a-92de-8f0b9c7e5afe.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e5565435-ffa9-455f-b570-b8580fa281c2.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e5565435-ffa9-455f-b570-b8580fa281c2.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e595a4c8-8ee9-4f14-9c89-b2c29cafad97.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e595a4c8-8ee9-4f14-9c89-b2c29cafad97.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e829d56d-4f0e-48eb-868e-3e531f43426b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e829d56d-4f0e-48eb-868e-3e531f43426b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e8c3f912-3bef-4f2b-908d-2fd3d502b2ab.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e8c3f912-3bef-4f2b-908d-2fd3d502b2ab.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e96c959b-2964-4a2b-88b9-a8c3c329d04b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e96c959b-2964-4a2b-88b9-a8c3c329d04b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\eac321e2-0518-40db-9e82-57293db4bf49.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\eac321e2-0518-40db-9e82-57293db4bf49.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ecbf9389-8c68-4085-bd6d-441420ba4238.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ecbf9389-8c68-4085-bd6d-441420ba4238.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\edf17e9a-2c1a-4635-9431-b0c6c079cbe8.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\edf17e9a-2c1a-4635-9431-b0c6c079cbe8.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee0c0dc3-400d-4fb8-9887-f20b6fc9b0e0.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee0c0dc3-400d-4fb8-9887-f20b6fc9b0e0.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee2965b4-f57f-4479-b6bd-23879994050b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee2965b4-f57f-4479-b6bd-23879994050b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee9be351-67d3-40cc-b231-dc26bb20ebe9.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee9be351-67d3-40cc-b231-dc26bb20ebe9.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\eeac15af-8c81-4ae3-b99f-fe602161c3ea.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\eeac15af-8c81-4ae3-b99f-fe602161c3ea.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ef916e33-274c-44c3-9a5e-ed2bed79be05.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ef916e33-274c-44c3-9a5e-ed2bed79be05.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f1305f9e-e7a5-4a23-a75b-125850fd2429.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f1305f9e-e7a5-4a23-a75b-125850fd2429.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f1493e7c-d162-40aa-9ff2-eccbab4832fb.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f1493e7c-d162-40aa-9ff2-eccbab4832fb.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f180e9b7-ed95-4ab7-981d-b026b050ab11.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f180e9b7-ed95-4ab7-981d-b026b050ab11.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f28db5f2-500b-45a5-9c08-89fb3d36c4b0.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f28db5f2-500b-45a5-9c08-89fb3d36c4b0.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f316bb3c-4a45-4506-bcc1-097b37c99ddb.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f316bb3c-4a45-4506-bcc1-097b37c99ddb.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f31fa173-68b5-4792-9abd-4a03af8e5a4b.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f31fa173-68b5-4792-9abd-4a03af8e5a4b.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f33a2758-5de8-4a0b-abe0-b9c7602e047d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f33a2758-5de8-4a0b-abe0-b9c7602e047d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f344e2d4-0f2b-40d3-bc52-bf35cfd774fe.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f344e2d4-0f2b-40d3-bc52-bf35cfd774fe.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f3d55941-15e6-4d23-accf-b87cab83fba5.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f3d55941-15e6-4d23-accf-b87cab83fba5.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f412b387-4e81-4db3-8ddd-400fe3852232.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f412b387-4e81-4db3-8ddd-400fe3852232.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f4491798-c9a2-44bb-a32f-7fcaa2deec20.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f4491798-c9a2-44bb-a32f-7fcaa2deec20.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f4eaed98-8f38-47b8-843a-e44024438575.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f4eaed98-8f38-47b8-843a-e44024438575.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f5595d4f-3542-4904-aaed-95b89d55d279.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f5595d4f-3542-4904-aaed-95b89d55d279.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f5c007de-26cd-4e54-90fd-867076adf7b0.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f5c007de-26cd-4e54-90fd-867076adf7b0.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f896f61b-efc6-4313-9518-3ab800e1bf14.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f896f61b-efc6-4313-9518-3ab800e1bf14.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f8a1df4e-d8a3-4568-a87c-08a3eba5496d.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f8a1df4e-d8a3-4568-a87c-08a3eba5496d.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f94ba19c-e9b2-4312-84e5-e04c3b9eee04.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f94ba19c-e9b2-4312-84e5-e04c3b9eee04.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f99beb76-688a-4c1c-91ce-c2527b715910.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f99beb76-688a-4c1c-91ce-c2527b715910.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fc0ee807-e844-449a-ba2e-9b6735dd1700.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fc0ee807-e844-449a-ba2e-9b6735dd1700.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fc7fcacc-d859-4fe9-800b-03ee236aaec0.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fc7fcacc-d859-4fe9-800b-03ee236aaec0.png
C:\Qoobox\Quarantine\c\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fcb037cf-2ca3-4cac-b1fa-1eac5fe12f96.png -> C:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fcb037cf-2ca3-4cac-b1fa-1eac5fe12f96.png
379 Datei(en) kopiert
|
|
05.02.2014, 17:52
| #10 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- OnlinebankingCode:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 05/02/2014 um 17:36:30
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sascha & Nancy - TOSHIBA
# Gestartet von : C:\Users\Sascha & Nancy\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\ClickIT
Ordner Gelöscht : C:\ProgramData\SoftSafe
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Zoomex
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\goforfiles
Ordner Gelöscht : C:\Program Files (x86)\Movies Toolbar
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Omiga Plus
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\sweetpacks bundle uninstaller
Ordner Gelöscht : C:\Program Files (x86)\Zoomex
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\LocalLow\Minibar
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\LocalLow\Searchqutoolbar
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\goforfiles
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Omiga Plus
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Searchprotect
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Toolplugin
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\yourfiledownloader
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\yo4cov2j.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\yo4cov2j.default\Extensions\software@loadtubes.com
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Sascha & Nancy\AppData\Local\funmoods-speeddial.crx
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Ask.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search the web.src
Datei Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\yo4cov2j.default\searchplugins\search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\yo4cov2j.default\user.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply
Datei Gelöscht : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Datei Gelöscht : C:\Windows\System32\Tasks\Funmoods
Datei Gelöscht : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk
Verknüpfung Desinfiziert : C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKCU\Software\5b57dddcbd6ee944
Schlüssel Gelöscht : HKLM\SOFTWARE\5b57dddcbd6ee944
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_caricature-studio_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_caricature-studio_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_monopoly-3_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_monopoly-3_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_skype-web-toolbar-for-firefox_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_skype-web-toolbar-for-firefox_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-89AF-189327213627}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\BlabbersToolbar
Schlüssel Gelöscht : HKCU\Software\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\incredibar.com
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\PrivitizeVPNInstallDates
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Somoto
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\V9
Schlüssel Gelöscht : HKCU\Software\Webplayer
Schlüssel Gelöscht : HKCU\Software\YourFileDownloader
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\HappyLyrics
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\smartbar
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\IB Updater
Schlüssel Gelöscht : HKLM\Software\incredibar.com
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\omigaplusSvc
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\portaldositesSoftware
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\V9Software
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\IB Updater
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16750
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\prefs.js ]
[ Datei : C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\yo4cov2j.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [37461 octets] - [05/02/2014 17:31:07]
AdwCleaner[S0].txt - [35097 octets] - [05/02/2014 17:36:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [35158 octets] ##########
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Sascha & Nancy (administrator) on TOSHIBA on 05-02-2014 17:42:04
Running from C:\Users\Sascha & Nancy\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft) C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-03-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableClock] 0
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKLM-x32 - {178A504F-74E0-4342-9DF2-00A4A0B137F8} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={ED33D242-60D1-11E2-B3A9-00266CA80786}
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {5319BB5F-8644-FBC1-3546-685F8AE5B160} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=430&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - {3F7E5C68-5C60-4FB5-B191-1B04DDDE8979} URL =
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL =
SearchScopes: HKCU - {6ADFBB29-55DE-4137-996D-31FE316578AF} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A5B9220D-875B-4C63-A4B1-AABF1D74E973}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default
FF Homepage: google.de
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Escamod - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\escamod@gmx.net0002.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-23]
FF Extension: Tab Mix Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKCU\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
==================== Services (Whitelisted) =================
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [200704 2006-08-11] (InterVideo Inc.)
R2 HeimdalSecureDNS; C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [93856 2013-11-06] (Microsoft)
R2 HeimdalService; C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [132768 2013-11-06] (CSIS Security Group)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1752488 2014-02-04] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 HPSLPSVC; C:\Users\SASCHA~1\AppData\Local\Temp\7zS4921\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2014-02-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-02-25] (WinISO.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S1 pmplcahk; \??\C:\Windows\system32\drivers\pmplcahk.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-05 17:39 - 2014-02-05 17:39 - 00035611 _____ () C:\Users\Sascha & Nancy\Desktop\AdwCleaner[S0].txt
2014-02-05 17:31 - 2014-02-05 17:40 - 00000000 ____D () C:\AdwCleaner
2014-02-05 17:30 - 2014-02-05 17:30 - 01166132 _____ () C:\Users\Sascha & Nancy\Desktop\adwcleaner.exe
2014-02-05 17:29 - 2014-02-05 17:29 - 00095965 _____ () C:\Users\Sascha & Nancy\Desktop\DeQuarantine.txt
2014-02-05 17:18 - 2014-02-05 17:19 - 00095965 _____ () C:\DeQuarantine.txt
2014-02-05 17:17 - 2014-02-05 17:19 - 00000000 ___SD () C:\ComboFix
2014-02-05 17:16 - 2014-02-05 17:16 - 00001555 _____ () C:\Users\Sascha & Nancy\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-02-05 17:15 - 2014-02-05 17:16 - 05180173 ____R (Swearware) C:\Users\Sascha & Nancy\Downloads\ComboFix.exe
2014-02-05 11:13 - 2014-02-05 11:13 - 00000000 _____ () C:\Users\Sascha & Nancy\Downloads\wondershare-photo-collage-studio_28037(1).exe
2014-02-05 11:12 - 2014-02-05 11:12 - 00000000 _____ () C:\Users\Sascha & Nancy\Downloads\wondershare-photo-collage-studio_28037.exe
2014-02-05 10:45 - 2014-02-05 10:45 - 00028672 ____H () C:\Users\Sascha & Nancy\Desktop\photothumb.db
2014-02-05 10:44 - 2014-02-05 10:51 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\PhotoScape
2014-02-05 10:43 - 2014-02-05 10:43 - 21331096 _____ (Mooii) C:\Users\Sascha & Nancy\Downloads\PhotoScape_V3.6.5.exe
2014-02-05 02:43 - 2014-02-05 17:18 - 00000000 ____D () C:\ProgramData\TOSHIBA
2014-02-05 02:43 - 2014-02-05 02:44 - 00260920 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-04 15:25 - 2014-02-05 17:18 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\TOSHIBA
2014-02-04 14:52 - 2014-02-05 17:18 - 00000000 ____D () C:\Qoobox
2014-02-04 14:52 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-04 14:52 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-04 14:51 - 2014-02-04 16:50 - 00000000 ____D () C:\Windows\erdnt
2014-02-04 14:19 - 2014-02-04 14:19 - 00005930 _____ () C:\Users\Sascha & Nancy\Downloads\Auktionsvorlage Nr. 037 - Kinder & Teens (ROLA-Design).txt
2014-02-04 11:03 - 2014-02-04 11:03 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-04 11:00 - 2014-02-04 11:00 - 00072651 _____ () C:\Users\Sascha & Nancy\Desktop\Gmer.txt
2014-02-04 10:44 - 2014-02-05 17:42 - 00020773 _____ () C:\Users\Sascha & Nancy\Desktop\FRST.txt
2014-02-04 10:43 - 2014-02-04 10:43 - 00021943 _____ () C:\Users\Sascha & Nancy\Desktop\Addition.txt
2014-02-04 10:42 - 2014-02-04 10:43 - 00021943 _____ () C:\Users\Sascha & Nancy\Downloads\Addition.txt
2014-02-04 10:42 - 2014-02-04 10:42 - 00380416 _____ () C:\Users\Sascha & Nancy\Downloads\Gmer-19357.exe
2014-02-04 10:41 - 2014-02-05 17:42 - 00000000 ____D () C:\FRST
2014-02-04 10:41 - 2014-02-04 10:43 - 00061317 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:39 - 2014-02-04 10:40 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Desktop\FRST64.exe
2014-02-04 10:37 - 2014-02-04 10:39 - 00000490 _____ () C:\Users\Sascha & Nancy\Desktop\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 10:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:41 - 2014-02-04 08:42 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:28 - 2014-02-04 08:29 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:12 - 2014-02-04 08:13 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-04 07:59 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-04 07:59 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-04 07:59 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-04 07:58 - 2014-02-04 07:59 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-01-30 12:55 - 2014-01-30 12:58 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:26 - 2014-02-05 13:21 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-25 12:23 - 2014-02-05 10:51 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:22 - 2014-01-23 07:24 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-21 22:34 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-21 22:34 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-21 22:34 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-21 22:34 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-21 22:33 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-21 22:33 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-21 22:33 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-18 12:02 - 2014-02-02 16:44 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:23 - 2014-01-21 08:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 05:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:23 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:23 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:02 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-12 16:02 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-12 16:02 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-12 16:02 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-12 16:02 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-12 16:02 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-12 16:02 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-12 16:02 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-12 16:02 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-12 16:02 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-12 16:02 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-12 16:02 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-12 16:02 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-12 16:02 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-10 14:01 - 2014-01-10 14:02 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
==================== One Month Modified Files and Folders =======
2014-02-05 17:43 - 2014-02-04 10:44 - 00020773 _____ () C:\Users\Sascha & Nancy\Desktop\FRST.txt
2014-02-05 17:42 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-05 17:42 - 2012-06-13 07:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 17:40 - 2014-02-05 17:31 - 00000000 ____D () C:\AdwCleaner
2014-02-05 17:39 - 2014-02-05 17:39 - 00035611 _____ () C:\Users\Sascha & Nancy\Desktop\AdwCleaner[S0].txt
2014-02-05 17:38 - 2013-08-23 09:51 - 00031530 _____ () C:\Windows\setupact.log
2014-02-05 17:38 - 2013-01-12 14:07 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-05 17:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-05 17:37 - 2011-01-24 19:54 - 01881483 _____ () C:\Windows\WindowsUpdate.log
2014-02-05 17:37 - 2010-11-16 18:49 - 00808404 _____ () C:\Windows\PFRO.log
2014-02-05 17:36 - 2013-12-20 10:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 17:36 - 2013-10-05 18:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-02-05 17:36 - 2011-06-09 16:55 - 00001163 _____ () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-05 17:30 - 2014-02-05 17:30 - 01166132 _____ () C:\Users\Sascha & Nancy\Desktop\adwcleaner.exe
2014-02-05 17:29 - 2014-02-05 17:29 - 00095965 _____ () C:\Users\Sascha & Nancy\Desktop\DeQuarantine.txt
2014-02-05 17:19 - 2014-02-05 17:18 - 00095965 _____ () C:\DeQuarantine.txt
2014-02-05 17:19 - 2014-02-05 17:17 - 00000000 ___SD () C:\ComboFix
2014-02-05 17:18 - 2014-02-05 02:43 - 00000000 ____D () C:\ProgramData\TOSHIBA
2014-02-05 17:18 - 2014-02-04 15:25 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\TOSHIBA
2014-02-05 17:18 - 2014-02-04 14:52 - 00000000 ____D () C:\Qoobox
2014-02-05 17:16 - 2014-02-05 17:16 - 00001555 _____ () C:\Users\Sascha & Nancy\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-02-05 17:16 - 2014-02-05 17:15 - 05180173 ____R (Swearware) C:\Users\Sascha & Nancy\Downloads\ComboFix.exe
2014-02-05 13:21 - 2014-01-25 12:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-02-05 11:13 - 2014-02-05 11:13 - 00000000 _____ () C:\Users\Sascha & Nancy\Downloads\wondershare-photo-collage-studio_28037(1).exe
2014-02-05 11:12 - 2014-02-05 11:12 - 00000000 _____ () C:\Users\Sascha & Nancy\Downloads\wondershare-photo-collage-studio_28037.exe
2014-02-05 10:51 - 2014-02-05 10:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\PhotoScape
2014-02-05 10:51 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-02-05 10:46 - 2013-12-05 09:12 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Rocco
2014-02-05 10:45 - 2014-02-05 10:45 - 00028672 ____H () C:\Users\Sascha & Nancy\Desktop\photothumb.db
2014-02-05 10:43 - 2014-02-05 10:43 - 21331096 _____ (Mooii) C:\Users\Sascha & Nancy\Downloads\PhotoScape_V3.6.5.exe
2014-02-05 10:42 - 2012-06-13 07:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 10:42 - 2012-06-13 07:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 10:42 - 2012-06-13 07:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 05:53 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-05 05:53 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-05 02:44 - 2014-02-05 02:43 - 00260920 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-04 17:13 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-04 16:50 - 2014-02-04 14:51 - 00000000 ____D () C:\Windows\erdnt
2014-02-04 15:40 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-04 14:19 - 2014-02-04 14:19 - 00005930 _____ () C:\Users\Sascha & Nancy\Downloads\Auktionsvorlage Nr. 037 - Kinder & Teens (ROLA-Design).txt
2014-02-04 11:03 - 2014-02-04 11:03 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-04 11:00 - 2014-02-04 11:00 - 00072651 _____ () C:\Users\Sascha & Nancy\Desktop\Gmer.txt
2014-02-04 10:43 - 2014-02-04 10:43 - 00021943 _____ () C:\Users\Sascha & Nancy\Desktop\Addition.txt
2014-02-04 10:43 - 2014-02-04 10:42 - 00021943 _____ () C:\Users\Sascha & Nancy\Downloads\Addition.txt
2014-02-04 10:43 - 2014-02-04 10:41 - 00061317 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:42 - 2014-02-04 10:42 - 00380416 _____ () C:\Users\Sascha & Nancy\Downloads\Gmer-19357.exe
2014-02-04 10:40 - 2014-02-04 10:39 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Desktop\FRST64.exe
2014-02-04 10:39 - 2014-02-04 10:37 - 00000490 _____ () C:\Users\Sascha & Nancy\Desktop\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:37 - 2011-06-09 16:52 - 00000000 ____D () C:\Users\Sascha & Nancy
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:24 - 2013-10-05 18:43 - 00000000 ____D () C:\ProgramData\Wincert
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:11 - 2011-06-10 22:52 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:59 - 2014-02-04 08:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:41 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:37 - 2012-10-21 11:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-04 08:34 - 2011-06-09 16:55 - 00113272 _____ () C:\Users\Sascha & Nancy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-04 08:33 - 2009-07-14 05:45 - 00432024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:29 - 2014-02-04 08:28 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ____D () C:\ProgramData\Skype
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:12 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2014-02-04 07:58 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:59 - 2012-06-22 11:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-04 07:55 - 2012-03-19 06:53 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-02-04 07:23 - 2011-06-10 08:54 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Adobe
2014-02-04 07:19 - 2013-01-21 18:38 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-04 07:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-02 16:44 - 2014-01-18 12:02 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-01-30 12:58 - 2014-01-30 12:55 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:24 - 2014-01-23 07:22 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:23 - 2011-09-23 06:51 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla
2014-01-21 10:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-21 08:32 - 2014-01-17 17:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-21 08:31 - 2011-01-24 20:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:29 - 2011-06-09 16:52 - 00000000 ___RD () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-21 08:29 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\ShellNew
2014-01-21 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-21 08:27 - 2009-07-14 03:34 - 00000419 _____ () C:\Windows\win.ini
2014-01-21 08:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 08:33 - 2011-09-03 08:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 18:33 - 2009-07-14 18:58 - 07533032 _____ () C:\Windows\system32\perfh007.dat
2014-01-17 18:33 - 2009-07-14 18:58 - 02331660 _____ () C:\Windows\system32\perfc007.dat
2014-01-17 18:33 - 2009-07-14 06:13 - 00005422 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:26 - 2012-07-14 09:44 - 00000000 ____D () C:\Users\Sascha & Nancy\.gimp-2.8
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 22:20 - 2013-08-14 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:18 - 2011-06-13 14:57 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 15:25 - 2011-12-07 16:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Skype
2014-01-15 06:47 - 2012-12-27 15:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Mucke
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:16 - 2012-09-22 08:16 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\SH5
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:28 - 2013-03-19 06:35 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-12 15:52 - 2012-12-28 17:07 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-01-12 12:55 - 2013-12-02 10:33 - 00000000 ____D () C:\Program Files (x86)\Vector Magic
2014-01-12 12:55 - 2013-11-18 19:30 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-01-12 12:55 - 2010-11-16 18:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-10 14:02 - 2014-01-10 14:01 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
2014-01-07 06:07 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-06 20:38 - 2013-09-04 08:43 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\TKKG
Files to move or delete:
====================
C:\Users\Sascha & Nancy\AppData\Roaming\skype.ini
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-17 05:43
==================== End Of Log ============================
--- --- --- |
|
05.02.2014, 20:20
| #11 | |
| /// Malwareteam | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- OnlinebankingZitat:
.Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {178A504F-74E0-4342-9DF2-00A4A0B137F8} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={ED33D242-60D1-11E2-B3A9-00266CA80786}
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {5319BB5F-8644-FBC1-3546-685F8AE5B160} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=430&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {3F7E5C68-5C60-4FB5-B191-1B04DDDE8979} URL =
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL =
SearchScopes: HKCU - {6ADFBB29-55DE-4137-996D-31FE316578AF} URL =
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\Users\Sascha & Nancy\AppData\Roaming\skype.ini
AlternateDataStreams: C:\ProgramData\TEMP:33B04540
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D287FACF
AlternateDataStreams: C:\ProgramData\TEMP:D3A96964
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2
Schritt 3 ESET Online Scanner
Schritt 4 Starte noch einmal FRST.
Sind die Probleme, die du in deinem ersten Post aufgelistet hast, verschwunden? Gibt es noch Probleme mit dem Rechner? Poste folgende Logfiles in deiner nächsten Antwort:
__________________ Gruß, Jonas |
|
06.02.2014, 10:54
| #12 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Hallo Jonas, ich hab das Gefühl als ob alles wieder beim alten ist! In den Internetoptionen komme ich wieder rein & auch der Firefox funtzt wieder über der Jumpliste  Banking mache ich natürlich erst wenn Du mir das OK gibst  h:Mein DVD Laufwerk ist nun nicht mehr auf den Computer (Arbeitsplatz) aufgelistet, in der Systemsteuerung ist er aber verzeichnet (ohne Ausrufezeichen). Bevor wir angefangen haben, wurde er mir zwar angezeigt hat aber keine DVD/CD´s abgespielt.  Nun gut, vlt. ist er ja auch einfach nur kaputt  Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2014
Ran by Sascha & Nancy at 2014-02-05 21:28:01 Run:2
Running from C:\Users\Sascha & Nancy\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {178A504F-74E0-4342-9DF2-00A4A0B137F8} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={ED33D242-60D1-11E2-B3A9-00266CA80786}
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {5319BB5F-8644-FBC1-3546-685F8AE5B160} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=430&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {3F7E5C68-5C60-4FB5-B191-1B04DDDE8979} URL =
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL =
SearchScopes: HKCU - {6ADFBB29-55DE-4137-996D-31FE316578AF} URL =
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\Users\Sascha & Nancy\AppData\Roaming\skype.ini
AlternateDataStreams: C:\ProgramData\TEMP:33B04540
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D287FACF
AlternateDataStreams: C:\ProgramData\TEMP:D3A96964
*****************
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473} => Key deleted successfully.
HKCR\CLSID\{52db1893-8a90-4192-aede-08e00b8f8473} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{178A504F-74E0-4342-9DF2-00A4A0B137F8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{178A504F-74E0-4342-9DF2-00A4A0B137F8} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{52db1893-8a90-4192-aede-08e00b8f8473} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{5319BB5F-8644-FBC1-3546-685F8AE5B160} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5319BB5F-8644-FBC1-3546-685F8AE5B160} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3F7E5C68-5C60-4FB5-B191-1B04DDDE8979} => Key deleted successfully.
HKCR\CLSID\{3F7E5C68-5C60-4FB5-B191-1B04DDDE8979} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473} => Key deleted successfully.
HKCR\CLSID\{52db1893-8a90-4192-aede-08e00b8f8473} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6ADFBB29-55DE-4137-996D-31FE316578AF} => Key deleted successfully.
HKCR\CLSID\{6ADFBB29-55DE-4137-996D-31FE316578AF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
C:\Users\Sascha & Nancy\AppData\Roaming\skype.ini => Moved successfully.
C:\ProgramData\TEMP => ":33B04540" ADS removed successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":D287FACF" ADS removed successfully.
C:\ProgramData\TEMP => ":D3A96964" ADS removed successfully.
==== End of Fixlog ====
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.05.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16750 Sascha & Nancy :: TOSHIBA [Administrator] Schutz: Aktiviert 05.02.2014 21:31:51 mbam-log-2014-02-05 (21-31-51).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 216977 Laufzeit: 7 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Sascha & Nancy\Downloads\PhotoScape_V3.6.5.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6f48e50d747c9641b8e1e7a00e832561
# engine=16958
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-06 06:56:40
# local_time=2014-02-06 07:56:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 18154034 143299650 0 0
# scanned=547
# found=3
# cleaned=0
# scan_time=201
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=A696C5A0D50145AFDE3D3A71F70B1C3006AC2199 ft=1 fh=da0003b6601dbc17 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Zoomex\51063fafda3d6.dll.vir"
sh=422ADD9D66081967CFBF71C4407791485D725C72 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Zoomex\settings.ini.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6f48e50d747c9641b8e1e7a00e832561
# engine=16958
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-06 08:48:13
# local_time=2014-02-06 09:48:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 18160727 143306343 0 0
# scanned=231024
# found=4
# cleaned=0
# scan_time=6638
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=A696C5A0D50145AFDE3D3A71F70B1C3006AC2199 ft=1 fh=da0003b6601dbc17 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Zoomex\51063fafda3d6.dll.vir"
sh=422ADD9D66081967CFBF71C4407791485D725C72 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Zoomex\settings.ini.vir"
sh=6AD3A35516803B526E3AD28228FAC43C8FCC98A2 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Qoobox\Quarantine\C\Users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\51063fafda1a49.26654052.js.vir"
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Sascha & Nancy (administrator) on TOSHIBA on 06-02-2014 10:00:40
Running from C:\Users\Sascha & Nancy\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft) C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-03-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableClock] 0
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A5B9220D-875B-4C63-A4B1-AABF1D74E973}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default
FF Homepage: google.de
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Escamod - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\escamod@gmx.net0002.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-23]
FF Extension: Tab Mix Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKCU\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
==================== Services (Whitelisted) =================
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [200704 2006-08-11] (InterVideo Inc.)
R2 HeimdalSecureDNS; C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [93856 2013-11-06] (Microsoft)
R2 HeimdalService; C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [132768 2013-11-06] (CSIS Security Group)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1752488 2014-02-04] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 HPSLPSVC; C:\Users\SASCHA~1\AppData\Local\Temp\7zS4921\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2014-02-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-02-25] (WinISO.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S1 pmplcahk; \??\C:\Windows\system32\drivers\pmplcahk.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 10:00 - 2014-02-06 10:00 - 00019445 _____ () C:\Users\Sascha & Nancy\Desktop\FRST.txt
2014-02-06 07:13 - 2014-02-06 07:13 - 02347384 _____ (ESET) C:\Users\Sascha & Nancy\Desktop\esetsmartinstaller_enu.exe
2014-02-05 21:23 - 2014-02-05 21:23 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\FRST-OlderVersion
2014-02-05 17:39 - 2014-02-05 17:39 - 00035611 _____ () C:\Users\Sascha & Nancy\Desktop\AdwCleaner[S0].txt
2014-02-05 17:31 - 2014-02-05 17:40 - 00000000 ____D () C:\AdwCleaner
2014-02-05 17:30 - 2014-02-05 17:30 - 01166132 _____ () C:\Users\Sascha & Nancy\Desktop\adwcleaner.exe
2014-02-05 17:29 - 2014-02-05 17:29 - 00095965 _____ () C:\Users\Sascha & Nancy\Desktop\DeQuarantine.txt
2014-02-05 17:18 - 2014-02-05 17:19 - 00095965 _____ () C:\DeQuarantine.txt
2014-02-05 17:17 - 2014-02-05 17:19 - 00000000 ___SD () C:\ComboFix
2014-02-05 17:16 - 2014-02-05 17:16 - 00001555 _____ () C:\Users\Sascha & Nancy\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-02-05 17:15 - 2014-02-05 17:16 - 05180173 ____R (Swearware) C:\Users\Sascha & Nancy\Downloads\ComboFix.exe
2014-02-05 11:13 - 2014-02-05 11:13 - 00000000 _____ () C:\Users\Sascha & Nancy\Downloads\wondershare-photo-collage-studio_28037(1).exe
2014-02-05 11:12 - 2014-02-05 11:12 - 00000000 _____ () C:\Users\Sascha & Nancy\Downloads\wondershare-photo-collage-studio_28037.exe
2014-02-05 10:45 - 2014-02-05 10:45 - 00028672 ____H () C:\Users\Sascha & Nancy\Desktop\photothumb.db
2014-02-05 10:44 - 2014-02-05 10:51 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\PhotoScape
2014-02-05 02:43 - 2014-02-05 17:18 - 00000000 ____D () C:\ProgramData\TOSHIBA
2014-02-05 02:43 - 2014-02-05 02:44 - 00260920 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-04 15:25 - 2014-02-05 17:18 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\TOSHIBA
2014-02-04 14:52 - 2014-02-05 17:18 - 00000000 ____D () C:\Qoobox
2014-02-04 14:52 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-04 14:52 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-04 14:52 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-04 14:51 - 2014-02-04 16:50 - 00000000 ____D () C:\Windows\erdnt
2014-02-04 14:19 - 2014-02-04 14:19 - 00005930 _____ () C:\Users\Sascha & Nancy\Downloads\Auktionsvorlage Nr. 037 - Kinder & Teens (ROLA-Design).txt
2014-02-04 11:03 - 2014-02-04 11:03 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-04 11:00 - 2014-02-04 11:00 - 00072651 _____ () C:\Users\Sascha & Nancy\Desktop\Gmer.txt
2014-02-04 10:43 - 2014-02-04 10:43 - 00021943 _____ () C:\Users\Sascha & Nancy\Desktop\Addition.txt
2014-02-04 10:42 - 2014-02-04 10:43 - 00021943 _____ () C:\Users\Sascha & Nancy\Downloads\Addition.txt
2014-02-04 10:42 - 2014-02-04 10:42 - 00380416 _____ () C:\Users\Sascha & Nancy\Downloads\Gmer-19357.exe
2014-02-04 10:41 - 2014-02-06 10:00 - 00000000 ____D () C:\FRST
2014-02-04 10:41 - 2014-02-04 10:43 - 00061317 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:39 - 2014-02-05 21:23 - 02082304 _____ (Farbar) C:\Users\Sascha & Nancy\Desktop\FRST64.exe
2014-02-04 10:37 - 2014-02-04 10:39 - 00000490 _____ () C:\Users\Sascha & Nancy\Desktop\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 10:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:41 - 2014-02-04 08:42 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:28 - 2014-02-04 08:29 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:12 - 2014-02-04 08:13 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-04 07:59 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-04 07:59 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-04 07:59 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-04 07:58 - 2014-02-04 07:59 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-01-30 12:55 - 2014-01-30 12:58 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:26 - 2014-02-06 07:56 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-25 12:23 - 2014-02-05 10:51 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:22 - 2014-01-23 07:24 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-21 22:34 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-21 22:34 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-21 22:34 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-21 22:34 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-21 22:33 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-21 22:33 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-21 22:33 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-18 12:02 - 2014-02-02 16:44 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:23 - 2014-01-21 08:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 05:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:23 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:23 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:02 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-12 16:02 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-12 16:02 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-12 16:02 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-12 16:02 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-12 16:02 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-12 16:02 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-12 16:02 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-12 16:02 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-12 16:02 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-12 16:02 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-12 16:02 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-12 16:02 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-12 16:02 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-10 14:01 - 2014-01-10 14:02 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
==================== One Month Modified Files and Folders =======
2014-02-06 10:01 - 2014-02-06 10:00 - 00019445 _____ () C:\Users\Sascha & Nancy\Desktop\FRST.txt
2014-02-06 10:00 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-06 09:43 - 2012-06-13 07:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 07:59 - 2009-07-14 18:58 - 07592200 _____ () C:\Windows\system32\perfh007.dat
2014-02-06 07:59 - 2009-07-14 18:58 - 02350604 _____ () C:\Windows\system32\perfc007.dat
2014-02-06 07:59 - 2009-07-14 06:13 - 00005422 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 07:56 - 2014-01-25 12:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-02-06 07:43 - 2011-01-24 19:54 - 01935298 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 07:13 - 2014-02-06 07:13 - 02347384 _____ (ESET) C:\Users\Sascha & Nancy\Desktop\esetsmartinstaller_enu.exe
2014-02-06 06:28 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 06:28 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 06:21 - 2013-08-23 09:51 - 00031642 _____ () C:\Windows\setupact.log
2014-02-06 06:21 - 2013-01-12 14:07 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-06 06:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-05 22:40 - 2010-11-16 18:49 - 00808758 _____ () C:\Windows\PFRO.log
2014-02-05 21:23 - 2014-02-05 21:23 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\FRST-OlderVersion
2014-02-05 21:23 - 2014-02-04 10:39 - 02082304 _____ (Farbar) C:\Users\Sascha & Nancy\Desktop\FRST64.exe
2014-02-05 17:40 - 2014-02-05 17:31 - 00000000 ____D () C:\AdwCleaner
2014-02-05 17:39 - 2014-02-05 17:39 - 00035611 _____ () C:\Users\Sascha & Nancy\Desktop\AdwCleaner[S0].txt
2014-02-05 17:36 - 2013-12-20 10:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 17:36 - 2013-10-05 18:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-02-05 17:36 - 2011-06-09 16:55 - 00001163 _____ () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-05 17:30 - 2014-02-05 17:30 - 01166132 _____ () C:\Users\Sascha & Nancy\Desktop\adwcleaner.exe
2014-02-05 17:29 - 2014-02-05 17:29 - 00095965 _____ () C:\Users\Sascha & Nancy\Desktop\DeQuarantine.txt
2014-02-05 17:19 - 2014-02-05 17:18 - 00095965 _____ () C:\DeQuarantine.txt
2014-02-05 17:19 - 2014-02-05 17:17 - 00000000 ___SD () C:\ComboFix
2014-02-05 17:18 - 2014-02-05 02:43 - 00000000 ____D () C:\ProgramData\TOSHIBA
2014-02-05 17:18 - 2014-02-04 15:25 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\TOSHIBA
2014-02-05 17:18 - 2014-02-04 14:52 - 00000000 ____D () C:\Qoobox
2014-02-05 17:16 - 2014-02-05 17:16 - 00001555 _____ () C:\Users\Sascha & Nancy\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-02-05 17:16 - 2014-02-05 17:15 - 05180173 ____R (Swearware) C:\Users\Sascha & Nancy\Downloads\ComboFix.exe
2014-02-05 11:13 - 2014-02-05 11:13 - 00000000 _____ () C:\Users\Sascha & Nancy\Downloads\wondershare-photo-collage-studio_28037(1).exe
2014-02-05 11:12 - 2014-02-05 11:12 - 00000000 _____ () C:\Users\Sascha & Nancy\Downloads\wondershare-photo-collage-studio_28037.exe
2014-02-05 10:51 - 2014-02-05 10:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\PhotoScape
2014-02-05 10:51 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-02-05 10:46 - 2013-12-05 09:12 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Rocco
2014-02-05 10:45 - 2014-02-05 10:45 - 00028672 ____H () C:\Users\Sascha & Nancy\Desktop\photothumb.db
2014-02-05 10:42 - 2012-06-13 07:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 10:42 - 2012-06-13 07:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 10:42 - 2012-06-13 07:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 02:44 - 2014-02-05 02:43 - 00260920 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-04 17:13 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-04 16:50 - 2014-02-04 14:51 - 00000000 ____D () C:\Windows\erdnt
2014-02-04 15:40 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-04 14:19 - 2014-02-04 14:19 - 00005930 _____ () C:\Users\Sascha & Nancy\Downloads\Auktionsvorlage Nr. 037 - Kinder & Teens (ROLA-Design).txt
2014-02-04 11:03 - 2014-02-04 11:03 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-04 11:00 - 2014-02-04 11:00 - 00072651 _____ () C:\Users\Sascha & Nancy\Desktop\Gmer.txt
2014-02-04 10:43 - 2014-02-04 10:43 - 00021943 _____ () C:\Users\Sascha & Nancy\Desktop\Addition.txt
2014-02-04 10:43 - 2014-02-04 10:42 - 00021943 _____ () C:\Users\Sascha & Nancy\Downloads\Addition.txt
2014-02-04 10:43 - 2014-02-04 10:41 - 00061317 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:42 - 2014-02-04 10:42 - 00380416 _____ () C:\Users\Sascha & Nancy\Downloads\Gmer-19357.exe
2014-02-04 10:39 - 2014-02-04 10:37 - 00000490 _____ () C:\Users\Sascha & Nancy\Desktop\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:37 - 2011-06-09 16:52 - 00000000 ____D () C:\Users\Sascha & Nancy
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:24 - 2013-10-05 18:43 - 00000000 ____D () C:\ProgramData\Wincert
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:11 - 2011-06-10 22:52 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:59 - 2014-02-04 08:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:41 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:37 - 2012-10-21 11:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-04 08:34 - 2011-06-09 16:55 - 00113272 _____ () C:\Users\Sascha & Nancy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-04 08:33 - 2009-07-14 05:45 - 00432024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:29 - 2014-02-04 08:28 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ____D () C:\ProgramData\Skype
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:12 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2014-02-04 07:58 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:59 - 2012-06-22 11:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-04 07:55 - 2012-03-19 06:53 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-02-04 07:23 - 2011-06-10 08:54 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Adobe
2014-02-04 07:19 - 2013-01-21 18:38 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-04 07:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-02 16:44 - 2014-01-18 12:02 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-01-30 12:58 - 2014-01-30 12:55 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:24 - 2014-01-23 07:22 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:23 - 2011-09-23 06:51 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla
2014-01-21 10:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-21 08:32 - 2014-01-17 17:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-21 08:31 - 2011-01-24 20:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:29 - 2011-06-09 16:52 - 00000000 ___RD () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-21 08:29 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\ShellNew
2014-01-21 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-21 08:27 - 2009-07-14 03:34 - 00000419 _____ () C:\Windows\win.ini
2014-01-21 08:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 08:33 - 2011-09-03 08:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:26 - 2012-07-14 09:44 - 00000000 ____D () C:\Users\Sascha & Nancy\.gimp-2.8
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 22:20 - 2013-08-14 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:18 - 2011-06-13 14:57 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 15:25 - 2011-12-07 16:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Skype
2014-01-15 06:47 - 2012-12-27 15:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Mucke
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:16 - 2012-09-22 08:16 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\SH5
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:28 - 2013-03-19 06:35 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-12 15:52 - 2012-12-28 17:07 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-01-12 12:55 - 2013-12-02 10:33 - 00000000 ____D () C:\Program Files (x86)\Vector Magic
2014-01-12 12:55 - 2013-11-18 19:30 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-01-12 12:55 - 2010-11-16 18:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-10 14:02 - 2014-01-10 14:01 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
2014-01-07 06:07 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-17 05:43
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Geändert von Sanchoss (06.02.2014 um 11:04 Uhr) Grund: Doppelte Logdatei gepostet |
|
06.02.2014, 12:38
| #13 | |||||||||
| /// Malwareteam | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- OnlinebankingZitat:
.Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
Task: {8C22F9A7-AFA6-4A32-8252-8ABFC51AAB3E} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {AFEE71C3-20DB-4B88-8A38-3E5479394F0C} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
C:\Program Files (x86)\YourFileDownloader
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Cleanup Falls du Malwarebytes Anti-Malware und den ESET Online Scanner nicht mehr behalten möchtest, kannst du diese über die Systemsteuerung deinstallieren. Ich empfehle dir, mindestens ein Programm zu behalten (näheres in den Tipps). Windows XP: Start --> Systemsteuerung --> Kategorieansicht auswählen (falls nicht voreingestellt) --> SoftwareDie Reihenfolge ist hier entscheidend.
In deinen Logfiles sehe ich keine schädlichen Einträge mehr, du bist in meinen Augen Clean. Für die Zukunft habe ich dir Tipps aufgeschrieben, damit du uns in nächster Zeit nicht mehr brauchst. Zur Sicherheit solltest du noch alle Passwörter ändern (falls du das nicht bereits getan hast). Du kannst jetzt auch wieder Onlinebanking betreiben .Tipps - Frequently Asked Questions (FAQ)/Häufig gestellte Fragen Welcher Antivirenscanner ist der Beste?
Aber Updates muss ich immer installieren, oder?
Ok, muss ich auf etwas achten, wenn ich im Internet surfe?
Welche Programme sollte ich nicht verwenden?
Gibt es noch weitere Tipps, um mich zu schützen?
Wenn du die Arbeit des Trojaner-Boards unterstützen möchtest, kannst du gerne spenden .Ich wünsche dir eine schöne und malwarefreie Zeit .
__________________ Gruß, Jonas |
|
06.02.2014, 13:08
| #14 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Halleluja  Ich bin begeistert von Euch & mächtig dankbar für die sehr sehr nette Begleitung Deiner Seits & den verständlichen Anleitungen die Ihr erstellt habt Ich werd mir Deine Tips gleich zu Herzen nehmen! Danke, Danke & nochmals Danke Jonas  LG Nancy Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2014
Ran by Sascha & Nancy at 2014-02-06 12:52:00 Run:3
Running from C:\Users\Sascha & Nancy\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
Task: {8C22F9A7-AFA6-4A32-8252-8ABFC51AAB3E} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {AFEE71C3-20DB-4B88-8A38-3E5479394F0C} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
C:\Program Files (x86)\YourFileDownloader
*****************
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C22F9A7-AFA6-4A32-8252-8ABFC51AAB3E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C22F9A7-AFA6-4A32-8252-8ABFC51AAB3E} => Key deleted successfully.
C:\Windows\System32\Tasks\Go for FilesUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Go for FilesUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AFEE71C3-20DB-4B88-8A38-3E5479394F0C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFEE71C3-20DB-4B88-8A38-3E5479394F0C} => Key deleted successfully.
C:\Windows\System32\Tasks\Your File Updater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Your File Updater => Key deleted successfully.
"C:\Program Files (x86)\YourFileDownloader" => File/Directory not found.
==== End of Fixlog ====
|
|
06.02.2014, 13:33
| #15 |
| /// Malwareteam | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Hallo Nancy, schön, dass wir dir helfen konnten .Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht, damit erhalte ich keine Benachrichtungen über neue Antworten in diesem Thread. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder Andere bitte hier klicken und einen eigenen Thread erstellen.
__________________ Gruß, Jonas |
|
| Themen zu Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking |
| .dll, adblock, adobe, bonjour, branding, cid, converter, desktop, device driver, ebanking, error, explorer, fehler, firefox, flash player, gmx.net, google, heimdal, home, homepage, installation, internetoptionen, malware, mozilla, online banking, registry, scan, secunia psi, security, services.exe, software, svchost.exe, trojan, trojaner, wildtangent games, windows, winlogon.exe, wscript.exe |
