Microsoft security client user interface geht nicht.

hoppe2000 · 26.07.2013, 17:12

Hi komme nicht mehr auf microsoft seiten.

Microsoft security client user interface geht nicht.OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 26.07.2013 18:16:40 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Norbert\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 49,27% Memory free
5,99 Gb Paging File | 4,08 Gb Available in Paging File | 68,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119,14 Gb Total Space | 31,39 Gb Free Space | 26,34% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 206,41 Gb Free Space | 44,32% Space Free | Partition Type: NTFS
Drive E: | 100,00 Gb Total Space | 22,09 Gb Free Space | 22,09% Space Free | Partition Type: NTFS
Drive F: | 161,38 Gb Total Space | 95,91 Gb Free Space | 59,43% Space Free | Partition Type: NTFS
Drive G: | 80,00 Gb Total Space | 40,17 Gb Free Space | 50,21% Space Free | Partition Type: NTFS
Drive H: | 454,49 Gb Total Space | 353,87 Gb Free Space | 77,86% Space Free | Partition Type: NTFS
Drive Q: | 3,69 Gb Total Space | 3,61 Gb Free Space | 98,00% Space Free | Partition Type: FAT32
Drive Z: | 911,50 Gb Total Space | 145,12 Gb Free Space | 15,92% Space Free | Partition Type: NTFS
 
Computer Name: NORBERT-PC | User Name: Norbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.26 18:16:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Norbert\Downloads\OTL (1).exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.02.19 21:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.01.31 11:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.01.31 11:01:05 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.01.27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\NisSrv.exe
PRC - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.06 14:07:46 | 000,589,824 | ---- | M] (Fred's Software Company) -- C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey.exe
PRC - [2012.08.06 12:23:08 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012.07.28 04:10:10 | 000,469,504 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.07.28 04:09:30 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.05.27 11:46:24 | 000,114,688 | ---- | M] (Electronics For Imaging) -- C:\Programme\Fiery\Applications3\Fiery Bridge\x86\MailboxSyncService.exe
PRC - [2011.05.04 14:59:48 | 000,506,088 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Common Files\Java\Java Update\jucheck.exe
PRC - [2011.01.10 13:45:48 | 000,239,472 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
PRC - [2011.01.10 13:43:50 | 000,608,624 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Home Server\WHSTrayApp.exe
PRC - [2011.01.10 13:43:46 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Home Server\WHSConnector.exe
PRC - [2011.01.10 13:43:46 | 000,097,136 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Home Server\esClient.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.10.25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.10.19 13:39:08 | 000,011,776 | ---- | M] (Electronics for Imaging, Inc.) -- C:\Programme\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe
PRC - [2009.10.16 20:12:54 | 000,045,056 | ---- | M] (Electronics for Imaging, Inc.) -- C:\Programme\Common Files\EFI\EFI ES-1000 Service\ES1000Server.exe
PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.07.12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
MOD - [2013.07.12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013.07.12 20:48:52 | 000,601,552 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013.07.12 20:48:51 | 000,123,344 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013.07.12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2012.01.16 10:12:08 | 000,962,560 | ---- | M] () -- C:\Programme\Fiery\Applications3\HotFolder\HF3MenuExt32.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.10.25 15:15:46 | 000,019,968 | ---- | M] () -- C:\Programme\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU
MOD - [2007.05.31 16:00:22 | 000,155,648 | ---- | M] () -- C:\Programme\Fiery\Applications3\Fiery Bridge\x86\cfscore1.0.0.0.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.07.08 11:24:21 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.27 19:18:00 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.02.19 21:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.01.27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.09.20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012.09.05 17:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.08.06 12:23:08 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.07.28 04:09:30 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.05.27 11:46:24 | 000,114,688 | ---- | M] (Electronics For Imaging) [Auto | Running] -- C:\Programme\Fiery\Applications3\Fiery Bridge\x86\MailboxSyncService.exe -- (Fiery Bridge Mailbox Synchronization)
SRV - [2011.01.10 13:45:48 | 000,239,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe -- (arXfrSvc)
SRV - [2011.01.10 13:43:46 | 000,376,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Home Server\WHSConnector.exe -- (WHSConnector)
SRV - [2011.01.10 13:43:46 | 000,097,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Home Server\esClient.exe -- (esClient)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.09.27 09:37:24 | 004,180,576 | ---- | M] (SafeNet Inc.) [On_Demand | Stopped] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.10.19 13:39:08 | 000,011,776 | ---- | M] (Electronics for Imaging, Inc.) [Auto | Running] -- C:\Programme\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe -- (EFI ES1000)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.02.19 21:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.01.20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.07.28 06:06:48 | 008,758,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.07.28 03:14:22 | 000,296,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.05.31 07:49:26 | 000,240,896 | ---- | M] (UVC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dcnt.sys -- (AVEO)
DRV - [2012.03.05 16:04:30 | 000,045,184 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.1)
DRV - [2011.11.04 16:00:00 | 000,039,696 | ---- | M] (www.winchiphead.com) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CH341SER.SYS -- (CH341SER)
DRV - [2011.07.29 05:40:55 | 000,064,256 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV - [2011.07.29 05:40:55 | 000,044,928 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronHub3.sys -- (EtronHub3)
DRV - [2011.05.10 16:28:20 | 000,015,656 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV - [2011.03.30 20:46:36 | 000,100,880 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.09.27 14:24:50 | 000,356,864 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2010.02.18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.12.09 22:27:18 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock)
DRV - [2009.11.18 01:12:00 | 000,024,664 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBfilt32.sys -- (MBfilt)
DRV - [2009.10.19 14:45:54 | 000,031,288 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008.04.25 17:04:28 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sioctl.sys -- (SIoctl)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 8D 76 30 6C 22 CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..CT3242337.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "WiseConvert Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=827316"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Baff87fa2-a58e-4edd-b852-0a20203c1e17%7D:0.9
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: jyboy.yy%40gmail.com:1.0.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {E5886C91-CDD7-4832-B32D-0830705A9C60}:1.0
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3242337&SearchSource=2&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Norbert\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Norbert\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.08.22 18:16:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.08.22 18:16:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.08.23 10:29:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Norbert\AppData\Roaming\mozilla\Extensions
[2013.02.15 18:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Norbert\AppData\Roaming\mozilla\Firefox\Profiles\0wkjrii8.default\extensions
[2013.02.15 18:24:19 | 000,000,000 | ---D | M] (gTranslator) -- C:\Users\Norbert\AppData\Roaming\mozilla\Firefox\Profiles\0wkjrii8.default\extensions\jyboy.yy@gmail.com
[2013.02.15 18:18:03 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Norbert\AppData\Roaming\mozilla\firefox\profiles\0wkjrii8.default\extensions\translator@zoli.bod.xpi
[2013.02.15 18:15:15 | 000,042,737 | ---- | M] () (No name found) -- C:\Users\Norbert\AppData\Roaming\mozilla\firefox\profiles\0wkjrii8.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
[2012.08.22 13:14:35 | 000,000,923 | ---- | M] () -- C:\Users\Norbert\AppData\Roaming\mozilla\firefox\profiles\0wkjrii8.default\searchplugins\conduit.xml
[2013.06.27 19:17:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.06.27 19:17:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.06.27 19:17:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2013.06.27 19:17:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.06.27 19:17:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.06.27 19:18:01 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Norbert\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Norbert\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Norbert\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 7 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Norbert\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: Google Mail = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.05.29 18:13:20 | 000,001,332 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-5.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.de
O1 - Hosts: 21 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKCU..\Run: [Ythoeliky] C:\Users\Norbert\AppData\Roaming\Tukiu\moyxh.exe ()
O4 - Startup: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey.exe (Fred's Software Company)
O4 - Startup: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: 3518887414 = 50 4B 03 04 D5 45 F2 60 F6 F5 BD D1 98 17 00 00 00 50 00 00 86 87 59 DE 0D 38 6F 5A 8D 9B 08 42 FE 93 3C D0 49 37 40 E3 B2 AF 97 4A 32 9C C8 EA C5 52 2F 50 DE E1 47 63 15 72 F2 70 08 0E 76 22 47 46 DF 9B 0C D8 04 1C 90 B5 DC D1 F7 F7 28 BC 2E DE 42 4A 05 87 0E D5 B9 41 05 4D 5B E6 2C C7 25 9B DB 67 23 69 D6 89 47 20 91 A3 8F 11 CB 36 A6 26 C1 66 1B 12 49 BE 7A E0 A8 AA A9 95 64 A1 7F EC 91 D7 0C 6F 6E 09 63 36 90 C9 0A 5D 6E DA DF 19 7F 04 B7 EB D6 2E 2E 8D E2 83 CA E5 AF E7 B4 54 B2 AC 36 0F 39 22 20 27 05 7A 63 92 B8 65 A4 59 B4 22 6C DE EB 32 6A F9 25 C6 22 E1 28 06 0C 1E A0 14 C3 FF 11 6D 8E 85 7C 3C 8C 6F BC 14 6B 28 27 12 FE F6 06 2F 31 78 E1 2C E9 0D 2B 20 C2 2C F0 14 8F 85 E3 E4 2B A1 72 BE BD CC AE 41 86 7C 7C E4 DA 60 45 55 E6 56 E3 27 34 CF 19 C3 F6 00 5B DB 52 76 55 BF F8 DD 6B 4E D1 64 52 1E 66 87 76 F2 80 D0 5B D7 3F 7B 31 F2 60 06 8A C7 34 31 CC 67 ED 04 9E 20 88 25 C4 7B 48 E0 11 C4 AB B4 54 26 0E B0 40 90 28 55 1D C8 1C 13 5B 7F 71 14 86 FE 72 85 96 32 2F CC 50 3F 63 0B 01 05 11 59 82 35 6B 08 A7 97 8A AC 5A CF 15 EE 78 D2 8F 0B 03 07 04 1C E8 77 67 EB 09 F3 50 D0 33 68 F4 0B C3 3B A1 EB F8 3B F4 D4 1C CB 98 C5 79 E2 F3 B7 49 FD 6C E6 D5 CD A0 13 74 03 AF CB F6 A0 0C 3E B0 2E 20 6E 23 99 FB 58 99 47 19 91 33 AB 39 6A 31 B6 06 35 FA A7 08 37 C6 46 53 E7 F8 DC 8D 70 C5 42 46 70 60 AF 2A DE 54 21 DE A7 A5 FC 42 5D 5A 8B B6 29 D9 17 2F 07 7B 40 59 DA BF 5C 13 5E B3 5B 17 D5 1A CB C9 DC 28 C2 45 06 58 81 AE 43 17 F9 7D 38 C7 F6 74 E3 AC FF 70 06 92 1F 27 1E B5 B4 5B 2D 83 C4 27 3F 43 EC 38 C1 85 13 4C B3 83 BB FC 5E BC 2A 3D 8E 80 12 DC BC 54 EA 24 A5 C0 C6 AD 79 0B 21 61 E0 42 F3 45 18 07 AA 33 19 7D 0E 5D F7 CF D2 9C 03 D0 84 5D A5 8B E2 C6 A3 0F 88 81 88 E5 F0 70 26 AE 95 E2 3B 50 3A FF 5A 90 0F 35 06 44 E0 C3 40 6F E0 7E 2E 05 C7 24 ED 27 4D 16 D3 6E DB 55 D8 75 68 07 3D B4 FF 41 AA D0 4E FC 38 C1 9D 9E 53 F5 42 64 88 4F 4F 02 E7 1C 62 06 DA FE 15 37 48 18 CF 81 BA 88 BC 07 60 FA C6 7F 13 07 78 10 2E 2B 97 5E A5 BD 8C D5 C5 F9 D0 64 94 82 D2 2D 3C AD D5 49 59 9C E7 58 99 D6 4E E8 E7 64 A7 76 46 93 6A 0C DE AA 80 21 E1 CF C2 83 61 F1 D8 61 40 7F A0 97 6B AF B7 21 D5 6C 9F 08 C9 5A 8C 39 70 4D 73 E1 4E E4 BD ED F8 AE E2 6F 55 DC B1 D6 82 90 DB 8F 34 CB FE F0 DB DA 02 D0 8A EE C0 AF 62 B2 75 E8 45 90 31 49 F6 A9 86 9C FC F5 61 A6 9D 96 B3 05 84 A3 45 A7 18 37 71 2E 6E 75 92 45 E7 8F 3A 8E 6C 61 C1 A3 05 39 A4 5D C0 74 31 77 2D B9 64 5E 3F A6 9F 08 57 25 37 B0 CF DC F8 1E B6 8F 02 8E 68 3A E4 EB C5 F0 45 8C FD 68 4B D0 9C 0F CB 7A 8C AD 62 A6 CA 70 6F EF E4 DB CD FB 8F 5B 07 41 5B E0 6B 2A B1 77 72 01 23 07 58 AD CE 59 B7 E1 C5 75 09 86 B8 04 CF C5 A1 C6 3E EC AE B3 75 DB FA 2B 39 93 E7 7A C4 5F 82 12 9B BB 1C 0A 44 C0 72 94 16 3F 54 EE B0 B9 CC 9F C2 C6 9D F6 D7 59 63 AC 38 0C D4 5A 4B 90 3A 46 28 A1 46 D3 59 FD B5 0F CD 17 AE 52 0B DA 53 6C BE 3E 24 AB F7 6F E8 87 62 A5 15 16 4F B9 74 32 28 93 DF 47 62 12 44 00 8D 2C CE 47 12 3E F4 06 1D 50 0C 34 E9 1C 92 D3 9C EC 4B 02 42 EF 02 75 5D C3 AF 0F 2E 8C 49 53 7A 31 71 8D A3 8E E7 7F 35 51 65 BA 35 26 4E 1E 5D 18 41 72 1B 01 5C 73 3C 20 2F 88 5A AB 60 C8 AC 42 F0 5F FC B2 1F B2 6F 55 B4 23 FB A8 AE B8 6A CC C2 D0 37 84 AF B9 DB 84 CA 6A 4F 8E 02 D5 BC 95 8E 5C C7 80 FE 41 BC 27 CC 06 B1 28 8A 00 06 EF 95 70 17 5B D1 D0 96 C5 59 C2 20 C9 88 CA 68 22 97 48 CF 76 BD 36 5B DC 55 19 C4 36 43 D8 93 D5 54 21 D1 A1 72 CC F9 04 6B 8F 47 EC DE 9D A9 C1 8A 4A E3 6E EE 52 A0 61 38 71 68 BA 1D A1 7A CD B8 37 11 93 E5 64 77 C2 82 83 31 CB 30 A1 90 CC AC 83 B3 40 0E FA 09 B4 59 36 6B 71 31 59 E5 E6 6C A6 48 09 49 49 63 12 34 7E 77 BC 0A 0C 0E DD 7B 53 33 2B E1 FD 07 1C AE 05 3A E0 00 D9 70 A8 C4 3C 01 B7 9E 48 3F 4B 7B 25 FF 4C 0F D3 10 65 52 75 5A 66 C3 C8 91 AC 71 81 23 AB CF 09 A5 B6 27 B2 4E CE 1C 68 09 49 71 91 9D AE AF 59 3E 8D 48 E4 02 36 05 F2 96 18 BC E4 8E 45 75 AE D6 73 D2 52 9D 46 17 E4 7F 1F C9 6D A8 05 4D AC 4D 25 6E F4 71 15 58 E1 38 5C CA E5 28 AA 6D 34 F5 AE D2 85 BD 43 B1 1B DC 7E A4 84 20 C3 4E 9A 8A 6D 20 B6 6A 05 0C 5F D9 2C 39 ED 78 85 74 8E 53 0E 64 3F D2 D0 4D 61 F0 4D 36 0D A7 E0 0D 1A 9E 92 ED BB 8E B5 8B 89 EF 6F C1 99 D0 CF A1 36 6B 9A F1 88 39 B2 BB DD 9C AA D1 1F 75 4D 8A 4E B2 7E 8F 0E 5C 1A 9B F6 EC 7F 4E F4 5F 52 02 11 BC E0 14 AF D4 DF 03 E9 03 01 3A DF 99 41 B4 71 2F D0 AB E2 D5 BE 25 56 C8 DF 18 09 4F 0C 58 CC A0 FF 09 17 CF A0 A8 FE 23 A1 42 15 FC F1 99 92 F8 38 C1 E9 08 57 F5 87 90 2E E3 8D 41 1F 1E F1 41 64 19 91 28 B9 22 CD AC 71 21 C1 2F 76 21 C2 7A 27 C6 4F 43 81 12 1D 07 EE 84 F2 DF 7A 2D 0B 99 28 E7 CA B5 F9 8C D3 62 EA 40 B4 1B 3C 5C 76 63 FD C4 87 DA B4 3B 5D 27 6E 65 02 A0 D9 87 87 65 3F 61 88 55 CF 74 AA EC 69 60 AC 86 7A A4 71 0D B2 91 0D EC 73 D2 46 CC 88 1F CF E9 3A E5 81 30 32 A4 BC FF 0C 0B AC 11 F7 65 81 31 92 83 9E 02 E4 4E 3C 02 14 A5 0B 72 8F 4A 84 3F 12 82 81 EF 84 05 54 25 DE 9F 95 82 00 53 6D 07 60 FF 2F A6 1A 08 D2 B7 01 42 52 54 DF 99 09 D6 6C 1D D5 21 B2 66 A1 28 5D 92 68 5F 5D 27 28 D8 27 1D FB 33 89 FD 4E 79 7C 9E E1 25 98 DE 6C 6E 3D E0 83 29 99 09 59 16 C1 F7 8C E9 7D 55 22 AE A5 53 55 05 5D A4 10 C1 76 92 09 3D F4 38 2C 01 41 61 AB 09 B6 46 D7 34 0A 2B 66 79 B9 F3 3A B8 8A C3 B7 2F 65 D4 52 05 21 5F F8 61 BE 84 1A D7 A3 51 2A 08 32 78 91 5D E5 5B 6B F9 37 14 B7 07 1D 0B 3F 81 DE EC 68 EC 8C DC C9 C7 34 C5 C5 51 FF 41 2F 31 EF 8B 16 A0 5D BC 4B 68 8D 3A 2E 60 96 70 1F CE 68 35 82 4E EB 74 B9 80 AB E1 E3 D6 44 6E 1E E9 86 56 6F 07 79 4F C4 44 74 2C A9 37 B8 33 D5 DF 76 0B 62 7C 1A EC B9 D1 85 4E 19 C5 0D D6 54 EC 4A 04 98 F6 05 BC 26 AE FD 42 01 88 24 9C 7B 98 02 CF 6D B6 39 9E A7 78 5F 20 F7 6B 97 F3 50 2A 17 E8 2F CD 7A F7 C8 96 2F F0 DD 70 19 44 74 7A EE 8F 87 66 0C E6 D2 E8 BB 69 DD EA CD D7 43 E8 41 A4 AD F6 29 1D 89 13 72 01 67 87 CC 17 B8 12 49 5E D0 ED 41 F0 28 B2 46 F1 38 F1 4C 11 CC 6B 1D 69 63 CE 57 85 5D 48 BC 48 BF 30 AA E9 E6 31 6C 56 F0 72 A6 90 F7 5A 42 36 18 65 CF C4 11 B2 57 75 F6 58 97 39 70 E0 A9 70 E0 9C 5E F9 9A 73 8D 24 5F DE C7 05 2D 51 B8 49 41 1B 8D E4 B1 2E 2F 94 13 BF 2C AA C1 4E 7F 36 1E F1 B6 30 7C 9E F6 96 D0 4E 7A BA 8C 3A 81 0E FD 3C CD C3 FA 56 EB 7D A3 D6 E1 CE EF 44 71 57 84 85 C3 00 61 32 48 30 1C 3D 6A 3A B3 95 4F BD 1B C7 4C 09 BB C1 CB F0 28 35 0F 62 BA 74 5B 91 80 E8 55 1F A6 FB 5A A7 B6 1E FD FF 44 4F F4 36 79 DF 3A 2F 22 1E 22 65 56 AB B9 2F 0C 65 A6 2E 08 F0 DC 15 95 C3 0E 8D B6 78 5D F7 7B C4 E2 8E D2 5F 10 2E 54 B7 FE BE DE B4 00 82 D4 66 DD 5E 44 AE 4F B6 42 1A FE 5E 52 2E 6F 81 3B D6 50 5C 53 5C 84 11 DF 30 57 BE 98 0E FD CD 4A 5C D4 70 C1 E1 3E 95 FC 95 D2 B6 23 41 82 68 DC 76 78 89 80 94 83 CF A9 47 41 61 05 57 F4 CF C4 54 82 C1 AD E6 F6 16 72 60 3B 58 48 D7 56 5B 23 C7 F6 A4 46 17 6E 3D 01 03 B7 67 AC FE 36 F7 E0 11 DD 92 AB 2F B7 08 D6 B3 C5 39 16 5F A0 D8 00 B0 89 1A 72 64 6B C9 8B 60 5A 17 5F 73 42 F1 DF 1A 9A E4 46 3B 4B 1D 2F 0B 00 B5 83 34 EC DE D9 29 95 D8 8D DB 72 A5 A0 86 AE F3 CF 5D 94 02 DF 4A 58 E4 59 84 E1 8F FD 93 CE 6A 56 B7 69 A8 36 E2 4A BB 88 AD 11 23 F9 CE 1C E2 F8 6D 30 DA 8B 80 30 F4 DA 8A C5 A7 7D B7 81 A2 F0 FF A1 02 4A E6 2B 13 46 6C 94 96 80 AA B9 19 14 3B 66 E1 D0 8C AA A4 53 AE 50 B5 A4 22 FA E0 FB A2 EF 48 BE 9B 57 94 0C 5D F4 E2 76 61 62 2E 7B EF EB 61 D6 49 92 C9 3E 9E 7A D6 87 59 21 93 B7 27 F3 FD 5D B5 E1 53 F7 5F 91 88 B3 58 DC BF 8A FF 86 B0 18 C4 62 01 54 09 BF B9 B2 35 B9 58 A4 EF 96 FA B0 AA A2 34 3A 60 33 D2 AE D6 D8 1D DE 43 25 76 2D B2 B3 5E 52 D2 78 F1 4C AD B7 22 6D ED CB 99 0E 59 06 D0 ED A7 FC 16 BA A5 FD 78 DF 86 71 BA 25 E6 3D 16 05 76 98 FD 67 C5 24 04 FF E0 1F C9 76 CA A1 74 C4 2A 5F 91 9E D5 AF 55 8C 26 BC FF 66 32 26 94 EB 92 38 21 8B 8B 82 0D 2B A8 94 2B 56 A0 09 B9 17 94 E9 FF 31 A3 9D 56 34 8F DF D2 68 ED 5F 38 E8 56 AD 03 52 8C 2F 6B A1 B2 1A E1 FE B1 D9 60 AA DF 03 5F 10 F8 78 F2 E8 49 57 CB 74 47 E3 09 90 FB CD C5 2B BE C4 63 A0 30 8E 27 CB 4D 46 D8 37 CC B5 E6 F3 A3 48 73 B8 55 A7 51 23 56 6D B3 47 59 DF CB 99 B1 39 7D 4A 4E 62 86 4D 14 62 88 B5 4A A5 45 20 46 79 76 2E 6D 30 29 83 67 6D DB 74 33 E9 78 95 91 C9 35 44 DE 11 07 83 42 63 37 A7 4B DA 68 0D 8D 25 B1 97 38 51 2F DD 40 34 B8 D5 83 6F 38 C6 77 F0 5E 4E B4 FF DA AA 06 DC A0 C1 D2 D7 DF A7 FF 5B D6 49 52 28 59 E6 87 13 88 D1 7E 02 92 6A 28 50 82 C1 0F 82 EF 16 B7 10 88 B0 C6 36 97 8A AB AF 2E 6F 5B 1A 7F 23 B5 A6 53 99 17 24 D2 20 3A 23 54 01 F1 28 8C 18 7F C1 7D F3 68 91 78 CF 67 AC B9 91 19 C5 9F 8D 77 FE 54 0B 4F 79 22 62 F9 A4 A4 4F 97 20 93 28 06 75 C1 49 0F 5F 40 18 20 23 3F E8 F3 40 C4 6B 50 41 86 9E 5C EE 18 FF 56 D3 4A 71 45 56 97 E0 D5 EA E2 E3 64 4F 6C 5C D6 38 0A 34 0C CD 23 E9 0C 74 75 EB BE 4C 2E A3 41 B6 0C 61 0C 9E BD 64 6A ED 7B DC 5B 76 E4 19 AF 73 2B 15 63 4A E0 70 1A 30 16 F0 AF C5 96 B0 B6 0F A0 95 BF 14 A0 96 CE 16 80 4E 39 5D C8 C9 B9 1B 11 6C F9 DC 11 20 45 06 89 AB D2 89 B2 BA 4F 69 C2 BA 2A 9E E1 51 E4 7C 84 1D 11 89 A0 58 34 BD 09 24 15 FE 82 7E 15 BD 63 75 52 BE 42 6F 73 F2 D2 F6 37 C5 FC 47 DA 11 F2 ED B6 1E 2E 80 9A A1 6A 1D FB 40 CE 58 06 0D B7 56 13 BC 32 0D D1 88 C6 02 DC 34 31 67 69 07 E2 C4 CC D8 24 26 DD 3B 21 8E A0 1A F9 3A F6 EB 12 1B 0A 32 E3 DC 4D 6B 1A 88 AD C6 92 8B 86 E7 41 6B 25 B4 74 AE 12 B3 96 A8 DC 57 D3 88 3C 63 AF 88 03 50 79 21 77 50 C7 E7 B7 3C AF 7B D2 D1 AD A5 B0 43 13 B9 F2 5B 09 07 02 6F 8B E2 F4 41 D7 A3 B0 F2 DE D0 C2 4A AD E8 54 6E 2A 82 DC 6B 02 A2 97 9C 70 80 1E 4A 6A DC 95 45 89 56 CB 40 20 EE 7A 01 CC D5 AC 3E D4 17 8E 4E 26 14 BC B7 43 C6 FA 8D 00 85 92 E1 2C FA 42 43 BC E1 6E 0B 61 8E F8 F1 36 DB D6 2A 66 43 B7 15 13 36 D1 AE 27 61 65 3B 82 65 21 58 6D E8 9F 85 C5 93 0A 61 73 B1 07 71 C2 3E 12 6F 17 95 73 F4 22 87 E2 66 1F 24 49 DD 79 ED A7 FF ED F9 D7 02 DB A3 1C B9 B6 AE CF 1B CF 5D 6E A4 DB 09 88 35 1D 81 FB E3 89 19 FE 8F C6 0E CB 54 7E 0A C6 46 E6 F4 DB 41 94 D2 1C 2E 84 B0 DC CA 75 83 73 15 E3 97 84 04 5C B7 6D 2F B8 5D 3C 43 38 8D E9 30 31 8B 6C 49 F7 5C 04 E2 6F 99 77 2A 38 48 2E 15 AB A0 52 F6 B4 1F F4 A6 6C 03 22 FA 04 D0 55 01 C5 09 86 DC DE 4F 81 1F DF 4D 7F BB 41 92 FF 3D AE BE 31 95 5B 90 25 1D 00 4C 43 C0 F7 64 98 55 92 53 5C FB A0 73 EE E5 4F 77 9D 5B FA ED 20 90 32 0D 68 5D F2 5E 78 E9 30 17 AF 47 A1 17 62 9B 20 77 34 A3 41 57 2D B4 47 90 E7 DE 8F 24 7F E3 D5 EC DE 57 FF 82 F8 2D 93 00 7C A2 A9 C9 A3 5A C9 BA 17 41 16 7B C5 3F 54 C4 D5 6E E7 25 BC E9 A8 AA 87 93 54 7B F0 8D 72 34 31 1B 13 07 A0 4B 6D D7 7B 3A 3E 60 FC 13 1F 24 EF AD 9A C3 22 7B 18 5C E5 C8 3E 69 60 41 AC 62 A5 55 3E 21 68 B6 4C 5F C6 6B 96 D3 44 84 3A 9C 79 E1 94 D8 0C 9C A7 EF 54 BC 3E E8 7F 46 92 FB 5F 66 FC 76 03 1C 9F 04 B0 51 64 C0 01 D1 FC E8 33 5F 06 7A 2E 2E D1 4E C9 E6 1F AD 9D 65 A3 56 8B D1 30 C0 D9 46 4D 31 9F DC 5C B7 45 82 B6 C9 0D 2B F2 7F 2B 12 A8 AE CC AF F4 85 17 E5 47 8A 27 E2 35 A5 7E A0 9E 1B 9E 69 C1 A3 FE AA 94 20 DF 37 C2 2B 11 3C 80 BB B3 39 5B 6E EF C5 F6 AC DA 96 A8 2F 10 98 99 58 97 CB 2D B2 F1 64 E8 97 9C 71 AB A8 F4 2E E7 6E 00 CC D9 96 6E 2C 0F 22 D9 D4 9B CE 98 DC 7A B8 44 53 0E A7 C4 7B A7 C8 1B A1 D8 5C A9 30 A9 F9 7C D1 BE 28 9A 16 21 C7 55 58 06 8E DD 4B E3 F0 EB DC 5E 05 4F 54 F5 54 9A 90 C4 81 96 E0 D2 17 5D 2A 21 FB 46 03 54 64 1A E8 AC B5 D7 89 23 6F 3E 37 A4 A6 86 EA DD C5 B4 41 DB 62 CC BE B0 F4 3A BB 3B 3A 71 C2 17 8A 9A A2 60 C0 E8 9C 3F A8 5C 34 D7 CD A6 D8 FC 4C BE FF 58 35 75 52 4C 69 94 0D 9F 51 6B 2D 4E F6 14 24 54 0E B4 F9 49 45 AA 39 15 91 AA 5F CA A4 D4 1A E4 4A A8 7A B9 1B 24 4E 79 A6 8A 2A 17 C1 0E D7 28 16 2A 33 C5 E6 A2 D2 7A E7 F2 0B F2 77 17 E5 ED 6C 8D E4 09 4D 89 1B 8C D7 0B 24 5E 78 4B 2C 04 65 87 1C 13 4F BD 15 23 AB 4C 4E BD C6 46 AC BD 41 E4 E2 C2 11 32 2D EA 33 80 2F 36 D1 A2 5F D0 BA D4 0E 88 DF 8C 2F E4 31 B8 A6 77 A4 73 8A EE D3 4C 58 B1 2F FA 75 CD 22 79 DE 5C F8 42 BE 6E 14 47 30 7F 91 FF 49 7B E9 8D EE 1A 6E 03 48 77 5B E1 91 61 07 BE 78 F7 05 B7 29 06 F4 73 19 3D 7A 8E 13 1E DE E2 1A FF AD 80 9E 2F 3B 84 09 2B 69 0D DF 56 21 3B B9 2E 45 D8 81 8F 4A AF 4F 81 63 5F F5 E1 68 1A 60 E3 80 5D AE DF 23 7E 3D FE 2F 72 9B 86 B4 C0 BC C4 83 0D 54 69 A9 85 E2 82 44 62 F0 D0 C1 3F 27 C4 58 3A 2F E9 CE D0 50 40 85 28 DC B8 8F 90 E7 BB 02 59 FE C5 54 D0 48 AB 0D BC FE 95 E0 6B AC C6 41 9C CF B0 60 C9 BD C4 3B EF 22 B0 DE CB E1 85 12 8C 3D D1 D4 87 CC 58 BF 72 C8 9A 9B C1 68 47 7C E8 FA 42 1E 69 F9 BD 02 B7 A0 CA F5 4E A2 8E 56 2F 45 98 45 D8 51 8A 99 29 38 28 9E A6 46 2B E1 6E BA 85 55 71 3C A8 26 37 6A F8 A6 B9 A1 23 E3 01 56 5B 6F 4B A5 9F CF D2 F7 01 73 27 0E B7 F2 96 D2 66 B7 2F 33 DA 1D D0 CF 9E 62 1E 11 25 2B 9E 71 2A 20 D4 C9 DE DE CF 6A F7 08 29 D3 EC 2E 13 08 00 4F AC 98 1C F5 CF 04 0A A4 C9 F8 73 14 88 42 99 F9 A7 A2 CA 2F 52 9B 57 EE 10 C7 48 13 3C 31 75 F0 F7 DE 45 A9 F9 52 85 86 AD 22 8F 68 AB AE 03 DA CF BA 90 36 F7 30 38 04 3D E0 A1 48 49 42 89 06 81 06 A0 14 73 9A BC 1F 87 52 43 43 DE 28 10 59 F1 E6 4C 7B C9 0D 05 38 E8 79 B7 FF AC 56 8C 79 DD 05 1A 0A 9C 9A 2E 73 76 99 D2 49 69 1A CC A1 69 D6 B8 56 E3 FC 7D 98 CB 26 30 FF 6F BE 3B 35 38 F9 18 F9 3A 50 E1 5F EB A0 59 0C DD DD 19 9E 51 19 28 83 12 FE DA B8 3F 79 2E E0 E9 DB D8 57 81 AB 49 3B FE 7E 5B 91 E4 2F 9B E3 A7 95 D3 B7 D4 59 E3 B7 91 CB 30 EF 99 63 12 25 BA 95 5E FB 0E 85 99 B1 17 23 54 69 FD D2 5E 91 75 C2 94 98 A9 39 16 9C 7D 77 9B 9F 0E 79 24 42 B2 1B 92 CB 07 B5 3F C5 14 96 BE 4B AE BC 7F 99 EB 9A D6 69 67 34 EF 1B 1D 8C 2A F7 42 5C 0D F2 AF 4A 20 63 BB 2A 06 64 E3 F2 86 B2 C8 B4 94 28 35 E5 8A 30 AE 4E 73 F5 BB 98 B3 12 B1 31 6C A3 01 2E 25 97 9E 73 89 CA C5 6E 64 92 FF 78 A2 BA AB 81 AF 06 9A 4E 86 B4 35 C5 F2 BF 70 9D BC C5 49 F6 CB 1D 24 E7 2F 78 C6 99 58 3F 32 D4 6F E0 CE 4A 1D 2C CC B3 DB 5D 05 B7 43 3C 70 F0 9A BF CC 86 9F 60 59 C7 56 9D D9 EF 7C 34 96 8B CF 15 F6 C6 F0 82 36 74 01 E8 C2 21 4F 03 AA 49 4F BB FA 06 1B 27 04 E5 BB 0C B8 1A C7 78 05 29 2F 6D 23 5E E7 EF 5D F1 FD 77 45 C6 F8 C6 0C 03 F7 53 BD 1F 4B BD 46 F2 72 98 7C C6 52 B0 3F 58 53 86 AD C5 5D AF B6 B4 E3 3F 51 D9 B2 41 C3 AD 7E F6 F8 64 16 74 4B ED 7C D8 C9 43 03 D1 16 C7 6B BB FF 86 E8 70 ED 2A D3 CA DC 6D 5F 4D F7 7F 64 7E 7C 1B 19 D3 04 5F E6 C0 C1 80 FD D5 8F 9F 7F 86 FB 78 43 C5 90 04 87 7A EB 7F 19 3F 23 AC 1D 59 51 19 56 DE 7D A2 A9 93 6F 16 D7 63 12 B6 E4 83 4F 21 ED C6 B2 51 17 CE AB F2 BD E8 62 3F 3D 2A 04 9F 89 0F 4D 1C B9 57 2C 47 E6 A8 07 E6 FC 53 0F 5D CD 5A 53 BF CB 96 BA F2 42 C0 60 E3 1F 5D AC 87 F5 89 3C 10 A3 F1 18 05 85 75 8C A2 35 C7 E4 F3 74 C5 08 B2 57 0F ED 46 EB 04 5C AA B2 60 96 19 00 16 E5 5B 45 58 1B B9 D9 66 2B D4 6A 04 A0 B6 20 37 61 A0 63 AC AC C7 03 18 B9 29 8B DB 5A 34 05 5F B3 69 A2 03 FA 65 59 21 8A 00 33 9D 7F AE AE 0F 86 CD AC 13 64 DE DC BD 49 C3 A9 8B 4A AD E6 13 1D 99 6E BD 38 37 41 88 34 3E 2E 43 DB 2A CD 06 F9 09 FE 52 DA 9E 60 ED CF 70 27 9A 1A 07 54 AD F8 2B 2E 22 94 22 B4 F1 84 35 2C 1D FE C3 F1 B4 8F 54 11 28 74 37 3F 60 BC 59 DD BE A3 4C 6D A4 36 19 5A E0 E1 F1 EC 65 2C 2B 2E A5 62 48 67 B8 5A 28 25 F2 25 E8 F5 06 3C 52 8B A5 59 40 B0 37 1F 86 DF FD B9 24 71 4F 2C B7 62 C0 52 98 27 38 61 67 78 37 91 71 BC D1 C7 50 E9 FE 2F 23 2E 26 7F EB 96 D7 86 67 13 46 F9 13 3A 0E 5A 76 D3 12 4A 52 05 4A D5 C9 97 7D 02 9C EE 5D 00 A2 B2 DE 3C 40 5E 4F 82 DD C1 C9 F8 77 89 9F FE 96 84 4C E9 62 26 C4 0A D2 1C E2 7B EB 1C ED 9C 34 5C 44 47 CA 26 65 A1 B3 78 5C 99 71 43 BB 11 D2 DC 75 9E 55 B3 17 1B DA C1 9E EF 7E 55 84 4F 8F D3 A5 14 B9 4B 40 6F A2 61 41 3A E4 7A 5E 70 D1 94 1C C9 D1 F3 FB 5C 72 3C 7D 81 4D B9 16 E1 D4 4D 9A 06 CF F0 69 E8 7F 2B 3C F6 59 8B 90 00 A3 AA 75 DE 21 ED 83 0F 80 48 2E 40 97 C1 EA 33 CE 2D 81 94 53 20 87 E1 98 2A A3 85 89 18 76 D8 14 B6 8C D1 8D 73 84 24 90 3E F3 A4 95 6D 43 48 B8 2C 4B 49 8D 9E DB 4E 6D E2 AD 24 AD 97 99 48 EE 9E 8B 33 0C 44 1D 30 6D 24 62 D4 4E C1 B9 D7 2C D5 6D 28 96 3E 25 A0 FE FA D9 E3 D1 16 DC D0 C5 21 AC D0 F8 52 C2 D6 EB 84 7A 4C E6 3B 58 D0 D0 82 0F 49 D8 97 68 7B 64 E1 12 F2 B7 A6 D0 B3 01 03 05 0C 30 AE FD E8 4E C3 00 99 36 DD 7F 10 30 52 17 DC 1D 18 22 50 FA 4F 1A FE 82 A3 F8 3D 56 3B 4D CA D1 00 DC 8D C4 7C 1B 7B E1 A6 0F 32 A1 10 9B 28 A2 C0 BD 39 61 0D 49 22 31 15 AF 1A 33 29 DB B3 E0 65 AA 51 3C DE 4C 5D 22 B0 BF DE F4 89 50 C5 19 AC 95 E0 3E A1 42 60 58 8C 17 37 94 8C 68 83 98 35 3F 62 65 1E AC C2 B3 9F 56 77 D7 42 F5 FF 61 B1 F1 F2 10 F1 68 DB DF 87 5F 73 33 3E DF 5C 38 C4 E9 1C 65 2A 2D D4 1A 0C 83 FB 6C 91 31 C3 D0 6B 7D CB 95 BF 6E 6E 7C 3A 45 0F BD F2 3E 27 40 98 C1 9D 53 63 3A CF 7B 6F C9 D7 4F 79 FE 29 B0 DF 90 9F 65 51 94 56 16 76 1C 30 3A A8 B5 C2 FF 6B C0 0B 92 76 CF C2 00 3B A7 09 69 C4 55 1A 4E A1 0C 37 1E A8 A1 B1 43 01 7D 79 A5 99 5A BF 0C F6 45 8B 6F B4 26 FC 81 81 A4 FF 4A 55 C5 7B 5A 0F CD C9 C3 3C 3E CB 09 44 83 62 2A 3E 8B 14 A2 6B 11 55 C7 08 6D 8B D2 25 FE FE FF 36 4A 28 7E 66 1A FC 13 F7 70 83 69 9E D3 E5 20 E0 3A D5 3A 98 FF BA 6C DA 35 73 E5 C5 10 96 EA F4 75 CE 3E 12 97 62 5C 8C 81 71 F4 45 8C 7B AB 0F ED 53 5E 9A AF 0E A6 15 F4 5E B3 A2 D0 35 28 0A 2F 8A C4 2F 86 46 53 79 A8 0E 82 79 53 AF B7 37 A8 CC C2 9A D3 41 B4 C3 31 08 95 04 6F 99 EC CA 1E B9 19 67 9F 2D 5C E6 F1 FC BE EF F0 83 5B CD DB FE A1 DF 7B BB F0 3A A7 50 B8 C4 64 37 F2 DA 5C E0 79 86 9D F9 75 86 F5 2D D4 2B 4A 29 2E CF 9C 0B 96 AE C7 92 F2 91 65 35 71 37 31 33 FF 3D DD E8 5E CB 6D 4D E2 F3 49 E7 1F 89 3A F2 FA 42 A6 8F E1 9A 5B 02 E5 BE 78 1C 03 53 12 D9 12 90 6E 6F 98 0E AB 54 54 29 72 67 73 75 F5 FA 6A 63 16 4F F6 07 B2 6D 43 5B 90 3D 68 17 98 63 F0 2C 3B E9 CC 56 37 3E 8A 54 C7 B2 34 92 96 C8 5C 3D A7 A4 8B F7 7B D4 B5 A0 77 61 EB 7E D8 80 E9 F4 BF E1 94 99 71 BA 35 BC BD 28 05 F6 1F 57 2C C2 09 E4 BE 34 F6 A7 81 A5 A2 A7 9E 72 8A C6 FC 7E 51 6F F3 42 B3 80 37 63 30 88 4F 64 55 22 75 A7 A3 02 45 46 33 26 67 2F 56 FE 04 F5 60 48 C6 45 01 D6 0F FC 30 9E 99 76 FE F7 93 1C E6 71 EF 69 63 DC 01 5D 56 C3 08 2C 92 30 AE AF 70 72 53 3D DF A1 B1 9D BF E0 01 26 6D 8A 09 DB F2 42 70 25 E9 B5 95 01 F0 60 F7 5D 45 E0 74 87 00 FA 26 B9 2C 52 C8 F7 13 10 DD BB 1D FB 2E 23 D4 70 92 43 FC 4C A1 A5 98 40 DC 07 F4 32 54 8F 00 75 BF AF E9 84 0C 57 54 BE 5C FC CF 97 F4 8E 78 B5 94 93 9E 9A 9D 73 7B 3E 7D BC 36 43 06 BD 30 9F 47 9D EF EB 03 C0 9F CD E7 DB 9A 4F F1 D3 58 65 E6 B4 62 23 1F DF 5F A7 43 1C FE 3A 68 B5 D7 15 2B 02 1E 86 C6 4A 5A 51 BE A3 FF 81 BA 9A A5 27 EC DE 12 33 05 C4 71 B3 F2 B6 D6 88 77 82 C2 20 8A F2 FD 56 55 F9 EE 58 EB C1 26 A0 17 CB C0 0E 25 55 A1 17 22 B4 53 4C 2E F3 17 E8 11 06 60 2E FA 8E 81 12 72 89 C9 DF 32 21 5F 25 7F 59 4D 4A F9 31 F7 16 F0 78 5D 77 6E 44 B7 1D 86 36 E3 4D 5D B4 DF 15 F1 E3 81 B6 0F 37 60 8F 0A 2C 23 45 52 AE A4 44 B4 EE 28 DD 79 B9 AA C0 BB 62 FE 2A 10 05 54 16 3D E1 04 7B 37 0F DD 77 85 65 D8 83  [Binary data over 200 bytes]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: 1781466620 = 50 4B 03 04 28 0C 19 52 FC 05 2F 6A 12 04 00 00 00 30 00 00 86 87 59 DE 0D 38 6F 5A 8D 9B 08 42 FE 93 3C D0 49 37 40 E3 B2 AF 97 4A 32 9C C8 EA C5 52 2F 50 DE E1 47 63 15 72 F2 70 08 0E 76 22 47 46 DF 9B 0C D8 04 1C 90 B5 DC D1 F7 F7 28 BC 2E DE 42 4A 05 87 0E D5 B9 41 05 4D 5B E6 2C C7 25 9B DB 67 23 69 D6 89 47 20 91 A3 8F 11 CB 36 2D F5 C2 66 1B 12 49 BE 7A E0 A8 AA A9 95 7C 82 4D EC 21 CF 14 8F 77 12 D6 85 8D E8 09 1B 43 F7 8E 39 22 38 CB 41 7E 70 19 F4 16 37 7D 80 53 AE 40 34 51 C7 03 E5 5F 64 30 D1 A6 61 73 27 01 85 49 61 7E 3F 6B 0A 3C A9 01 1F 73 2E 02 C9 97 36 F5 26 39 DD FF 33 C8 1D 8D 4B 20 2B 85 6C B0 62 F8 78 6B FF 78 F6 27 BD BA 61 E3 AC B5 52 75 F9 48 63 E9 08 27 81 F3 38 2B 71 72 DA 84 BD DF D9 CA 0A AE 09 70 7B E1 39 42 8F 5B 9C 1A E2 0B 9F 76 8C 79 2C 16 26 6E 59 EE 25 4A 9E C1 D5 42 F6 0B 05 9A 4E C1 97 41 DD F9 D8 B5 6E 45 91 8A EC 4C 76 7B F6 05 98 E7 55 4D 19 4F F3 3D 84 7C 9B CA DF 7C 2A 6F E1 8E E4 78 68 A1 88 7D 9F D2 0D B1 DF 6B E7 AF EC D2 E3 9A 69 BD 2C E1 5D 76 98 7B A4 7C 7D 66 D3 6B A9 1E AC 24 9D 85 37 F6 A4 12 2B AA 33 F1 97 44 68 0C 89 65 9F 2B AA FA 1F 3F 90 50 5C C0 F8 DE 16 5C F6 F1 BD A6 46 C9 AE 93 4D 1B D3 A9 BC 8C D7 25 0B 9B 88 82 5B 41 9A 44 DB 49 72 06 29 BA E8 42 37 E8 FC AF 33 D6 1F C7 D0 F0 1C F6 9F 84 3B 97 F1 8F A7 E1 8E 1D 01 CC F4 89 4A 43 45 CB 51 08 B6 A0 D6 58 47 6C 00 1A EA 38 F7 AB A6 25 73 D9 AB DA EA AA 37 72 13 12 79 53 1C B2 F2 9D 58 80 C0 82 5B 37 74 C4 BD 28 92 69 CF DC 69 EE 65 D4 78 D6 2F 1A 20 77 C6 42 C9 C0 F8 D3 8F 65 DB 01 0D 27 8F 28 58 9D 04 05 D1 74 17 C7 E6 B0 CC 6B 89 E0 E3 D4 07 A3 D6 02 BC B2 19 39 B8 C7 E2 A0 F8 CA CF C2 EE E6 D8 0E BD A5 20 47 60 3E 74 E9 FE 9C EA D1 4D 05 F6 6E BB 3C 6F 4F D5 1F 6A 0A AF 2C AC C2 3F B3 4A 09 B3 10 5A CA 18 45 88 A9 14 26 58 7B 50 46 15 3A 86 A7 50 33 AD B7 9C 24 AD FC 04 7C 47 54 FE C3 CB 13 44 55 01 F6 4A A5 1C A9 B4 39 9A 31 03 36 94 5B 5A DA 82 04 CA 4B 71 89 0F 72 A1 D5 BA 49 D3 F8 78 08 F6 41 9D B5 BA AA 0E 20 A2 10 38 6A 67 F7 07 13 2E 84 2E FF 52 1F 7F 1C AC 1E EC F7 99 42 7A EC 54 99 CB 96 73 18 09 EE BE 77 20 DA 0B DE 66 99 DA F2 2B 9B 7E A8 A6 0D A6 A2 AA 6A 1C BC B5 DE 6A 91 23 8D 18 78 B7 3A BE 9C 85 78 B4 1C 9E 0A BD FF 4B 43 93 B4 BF 3D 9C F7 0D 08 F1 ED 2D BD 79 71 5C 67 C0 E4 E7 2F 29 C5 E1 62 A3 FB 52 AC 08 74 4C 2C 8D 66 E2 82 F0 DF 0D 91 B3 6A 37 E4 E1 E8 AF 8B EC 23 56 CC BD FD 1F F6 87 80 48 C1 96 1C 57 06 C8 21 A6 11 85 CA 79 6D C8 39 02 1A BD EB 93 5A 8E 9E 9C 05 2A 4C 56 78 FA 29 A0 9B 0E D4 6C 5E D7 40 46 E8 15 83 DE ED DC E6 81 A4 69 1F BE 5C 44 28 55 72 38 BE 7E 1D E1 C1 D2 DF 88 69 5D 71 45 6A DC 7B 55 EC 3E C2 82 D7 A0 A1 55 91 A2 B2 D9 B0 B9 0F 71 BC 0A 73 89 82 17 BB 8D 89 28 33 C3 77 B1 7F 1A 8F 80 60 7A 5A 47 AE AB F2 AC 3A A9 5A 4D 3A BF 81 B6 2F 85 DA 68 FA AA 60 F0 FF 19 DC D8 9C 8F A0 D8 74 ED F4 7C 11 49 A9 03 95 66 51 BF 0C 4F F8 FB 74 8E B8 A5 ED 35 B7 86 CF 91 4D A6 D7 5B 63 E1 CB 7C 63 4F ED 82 67 55 D5 4D A8 A5 42 2A FD BB 52 E1 8B B2 FD 0A A0 91 52 85 96 0B 13 0D AD 52 09 F4 AD 75 96 FB A3 8A 86 9F B7 F1 69 30 15 A5 EC 6D 66 D7 00 01 3E 65 43 E2 FB 8B AD CB A8 98 90 1F 2C FF D6 98 6F AA 82 9F DA 79 14 06 86 D1 8F 31 41 BC CC 88 62 01 D1 2D F0 5D E5 ED 34 9A A0 E1 A3 57 78 EE  [Binary data over 200 bytes]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: 3212083974 = 50 4B 03 04 E8 34 CB C2 06 83 74 BF B5 11 00 00 00 40 00 00 86 87 59 DE 0D 38 6F 5A 8D 9B 08 42 FE 93 3C D0 49 37 40 E3 B2 9F 97 4A 32 9C C8 EA C5 52 2F 50 DE E1 47 63 15 72 F2 70 08 0E 76 22 47 46 DF 9B 0C D8 04 1C 90 B5 DC D1 F7 F7 28 BC 2E DE 42 4A 05 87 0E D5 B9 41 05 4D 5B E6 2C C7 25 9B DB 67 23 69 D6 89 B3 61 CF 72 8F F0 B3 CA CB 48 3F 7D 3D FB 51 C4 98 FF BF F1 4D 7E 58 06 04 87 E6 B3 AD 5A 11 DB 96 EA 85 84 07 C6 97 A3 EE 06 35 5D 0A 5D 02 E2 2A E1 BA 4C 53 E1 88 F8 61 7C 14 F3 1A 63 36 7E 54 0A AA 01 B1 EB 67 68 43 52 7B 71 ED 92 78 F5 CA A8 89 5D FC E2 96 4A 95 8A 43 B8 21 BB A0 2F 84 BE E7 C5 01 C8 F4 00 2F 88 ED 46 35 04 21 27 E6 44 DB 9F 41 46 63 C7 27 96 34 7E 2E 97 A9 7B 21 5B 36 A7 40 D3 EF 37 1A 86 B2 C4 CE 68 3B 59 A6 ED A3 5F 86 A7 6D F0 E6 7A 4C C2 2A 46 2B D9 8A 63 E6 3A 97 A7 45 56 3F E7 CD FF 53 86 B8 BE 9C 0B 63 F4 88 9A 27 BC 24 90 8C 86 AC B4 47 B4 3B C5 47 12 3C F8 F6 59 0A 5C C3 83 3A EA 4E 25 0C 6D 65 19 13 22 C1 C4 02 6B 0A 3D 6C F9 58 EB AA 7D B2 58 E4 42 02 D1 69 AD D3 1F F1 59 F2 5C FC FF 0C D2 7A 29 7F B7 F8 35 A0 5E 9B B5 28 86 FA FC 6B AC 2E 10 03 CB 8C 46 81 85 A3 AD 18 5C AE 9E FE 9E 1C BE 79 C0 B9 63 78 A4 46 00 E0 26 91 38 D7 E0 C1 B5 25 2A 5E 35 A6 42 F9 D0 50 DE 29 49 24 9C 48 76 51 3F 18 63 87 29 7E 24 86 FF 36 05 EE FE D0 16 ED 95 30 68 6D B3 DA 00 52 53 C7 5E 29 9E 33 EC C4 CB 6C BA 85 EE 7F F3 57 2F BD DE 9E CE E4 6B 94 52 C6 C8 B3 44 23 E8 F4 81 21 86 C3 36 39 12 D5 32 16 6B B8 A9 CD 57 A4 45 3D 20 2C 57 99 25 E0 3F FF 40 5B 10 A1 CD 0E 8B EF 6F AC E1 D2 7C D7 52 70 A6 40 F4 7E 10 4F E8 CE 41 00 F0 38 04 E1 34 ED 37 DC 31 D7 68 0F 2C 72 D0 2D BE D8 EB 77 D0 8C A0 11 B1 3C 3E 34 35 1D 10 7D E3 84 3A DE 58 B4 9B AB 78 AC FC FB 34 97 9B CB DF 3F 22 26 BB D8 F8 8F 89 4C 3C 25 74 D1 91 60 56 D0 DC 43 0B AE D7 2B 9E 80 45 FE 43 2F FB 90 F5 DA 5E 33 0D 80 49 E6 24 03 88 55 99 AF 01 07 41 B1 C7 8D B6 EC B6 00 D6 4C 00 3B CA F4 5C 16 1B F6 A3 74 6A 16 05 5C 08 8B AD 43 3D 76 CF F9 8E 4D BB 73 D3 DA 9A 78 DC EF 3D 4C EB 3F 5B B3 55 73 59 87 F5 95 4A 12 F6 C1 66 89 B1 49 91 A4 3F 41 C3 0F CF D0 8E E6 AA CB A0 89 E2 BC 74 00 E5 D9 AF DA 38 33 BD AF 8D 29 58 48 93 C0 00 78 B9 2A 62 7B E0 FF A5 F4 56 22 E4 94 A8 27 E8 2F AD 84 37 CC CF 92 FF D1 9E DE DD C2 08 CB EA B4 D7 BE AE F4 F8 CD E9 45 43 DF 78 7C A3 7F E9 97 39 F5 E1 58 78 C7 2B FC 66 D8 94 6E E3 7C 25 60 A6 93 1B FD F7 80 B8 A7 A8 19 86 EC 01 11 51 3D 61 E8 E9 C6 21 E5 5D FB 32 55 21 61 96 01 97 8A 12 EB E4 10 54 B9 FE 76 0A EF 6E 47 EE 81 13 33 D9 CC 27 D7 C3 79 F9 E8 9C 6F 69 F7 AA 55 60 76 05 05 EB D8 E5 2B B4 31 BE 19 32 6A A1 58 4C 55 57 00 84 2F AB 93 E1 E3 7B FD 21 CB CC 6A E1 D9 7E 4F 3D 74 04 29 75 AF AF 59 E6 14 CE C8 D7 21 4A A5 18 E0 A6 5B BE 4A 10 00 04 08 BB A7 F8 10 C7 13 5B 3E 75 BE 88 F2 02 8C 11 0A 9E DF 36 D2 80 14 5A 24 81 A1 31 AF 02 A9 E6 3E 11 CA FE B1 8A 1E F4 17 55 47 80 CC 55 F6 A0 60 E9 76 9F F0 63 06 0B 49 78 A3 E9 C2 18 6F 63 7B C9 8A 16 49 41 0B 47 AD E1 38 91 18 3F 25 7A 40 CD E8 E3 B9 8A A7 05 E5 19 B9 04 FD 15 87 CC 33 83 DC 29 A7 E1 C7 54 AB A9 AC 13 FB 0B D4 C9 80 89 D4 9B A9 DD 3B FB 98 F8 56 58 30 D3 35 9A 46 DF C3 ED E4 94 87 1B 12 96 F8 BA 91 E9 C0 6F E0 2F 30 11 D0 43 3F A6 25 97 B5 38 6E 89 82 31 6D 3F CE 8D B0 6E A4 C5 A0 CA E1 74 A4 CD 41 AC D7 9C 90 92 1F 72 0C 4C C0 6F 47 22 58 C1 6A CC 20 F3 44 54 4F 1F 75 30 AC 47 30 B1 20 57 93 11 4E 09 3E 96 D6 C7 A9 A3 44 A8 D1 72 FA D5 0E 45 79 D2 3E CE 46 1E D1 9B F0 51 40 0E 3E 3A BE E2 02 C8 E7 37 EB 66 EE 41 BE 22 9A 89 36 DB 17 2B E4 79 E6 FE 21 AE C2 99 4E D8 55 6A 5C 1E D0 FA 10 74 2F 87 96 64 F2 7D 64 59 F8 CE 3B 36 FD E2 E9 F0 DD 8B B0 52 01 0D 44 5B 0B B2 17 4D 01 96 DE EF 0F 38 E5 D4 E5 DD 3A 0B BD BC D7 F8 18 9E 62 4F 39 6D 00 19 7A C1 DA EF B3 10 B1 57 B2 C1 5D EB C9 B5 EB 3D 25 F8 0B 29 E0 46 C3 60 8B 0A A2 00 82 93 89 6C 6A A7 41 AA 6A 6A F2 FE 7F FE 68 76 B4 86 0F 57 7B A2 74 AE CC 8E F6 22 4E F2 6D BF E8 7D 50 2F 22 56 5B 34 E6 79 E5 DA 43 CE C0 68 1D A2 7E 92 06 25 AB F9 7F 65 AA 2F 7A A6 5F 82 FF 2C 5B 26 A4 CF A9 5C 17 F8 A2 46 D8 4E 55 50 36 38 85 D2 ED 28 4D CE 5F EE A5 EB 8D 01 9F 85 F1 CC AE B6 27 91 96 E4 40 67 BF 8B 7A 9D 56 33 B0 AC CB 79 52 7C 91 33 18 9B 41 00 75 B5 CB 7E 91 90 C6 8F 0E 63 BF 68 6A E7 F5 08 34 D7 30 29 10 C5 43 23 5F D5 DA 2D 1A 61 E3 17 E2 F4 93 61 F3 04 78 03 B1 E4 DF 4A 65 C5 FE EA 96 17 7B C2 A1 78 E0 50 8E AF 81 42 38 8C BC 1D A0 BC AB A4 DF 9D 62 83 5B 22 F5 CA 34 8D 33 5C CA E7 0A B0 2F 71 1C 95 1F 41 D2 7D 76 F7 FF 5C 76 29 DD 37 21 AA 95 FA 90 64 B1 B5 95 72 C6 5D 72 11 54 8D 26 70 8D 53 19 64 E9 C4 0D 29 1A 3D 93 FE 63 C1 7E D0 2C A0 9C EE 13 4D DC 3F 6C B0 C3 7C AC 98 83 28 9D 43 76 47 6A 03 A8 72 BB C0 F3 1B 1B B8 08 05 B2 3D F9 85 93 AB 0B DA B5 23 40 BD A5 52 FC 20 97 FA DC F1 F8 83 DC B0 BD E0 9D FD BD B6 CB 8F 2D 09 46 C9 94 C0 A0 9A 45 85 25 87 3C DE 2B 26 39 5B AF C0 BE 80 64 42 47 0A 45 90 B2 A1 3D 14 E9 C7 14 14 E7 56 C5 C9 7D D9 FE F8 6F C5 54 32 4B 2C 5E 7C B1 9F B8 5C C8 42 8E 07 22 67 9E 68 CD 0B 0C E0 83 2F 96 60 C9 1F 68 A9 8C 09 A0 F8 05 6F 7E 58 45 02 EC B2 F0 89 57 5D 4F 42 F3 2C A9 F9 14 B8 5C A4 85 93 ED D4 DE F1 7C 04 6D 40 0F 59 06 8F 01 26 4E 98 82 D6 16 FF B4 D7 B7 AF 56 09 90 B3 43 1B 3E 2F B4 E8 86 BC 4C E3 4B 16 E0 22 A8 67 38 7D 66 DE 24 16 A6 16 7A 9E B1 30 98 04 3D 12 85 87 31 8B FB E0 1F 6A 00 1F BF 21 2E C0 B9 D2 0B C8 70 E7 42 30 D5 A6 4F 16 33 C6 65 8D D8 22 C2 FF D2 83 27 61 AF 18 11 22 FB 6F 74 81 47 20 E3 65 19 15 8B A8 20 F6 74 45 71 70 D7 D0 51 D7 40 0D 93 9F 46 41 7A 10 83 BA 1B 83 8F 24 C6 FB CA B2 2D CD E1 5F 83 BE 8D A6 64 15 16 DA 9A AF BF C6 97 D0 0D FC A2 4B 90 53 2D 73 11 17 36 58 6A 15 3C D9 A1 08 AE 84 A1 16 16 3C 99 E3 43 AE 83 D5 66 2D CB FC 26 32 C5 9E 20 4E DA AC A9 16 F6 66 BD 8E 1B BE 72 88 4A 93 F3 1E 8C D0 24 EF 14 38 3C 42 81 78 5E AE 11 F3 6F E0 EB 7C 1C E0 CD 7D D9 65 D5 2B 72 4A D7 27 96 8C B2 25 11 30 2B 5D 8F A1 42 12 AC 45 CA DE B7 AA 6D 51 A1 20 AB A6 06 DB C8 3C FB F3 1A 78 5E 46 50 94 72 9B 6D 2E 4B 33 FC 6C EE 3A 5E 49 62 94 E7 F8 54 34 B2 E7 C0 81 46 FD 73 36 C5 9B 18 7F 73 E6 38 66 74 D3 04 62 E9 37 C3 18 17 82 92 8D D3 8B DF B8 C6 6B 20 49 69 7C 76 82 BB FC 15 C2 DD 23 86 FE 5C 21 9A 32 40 CB 07 61 11 28 9F 68 89 33 C2 4A B6 F3 D9 34 19 70 26 7A 7F 85 6E 92 6C 2C C7 06 38 F7 1A A8 A7 E0 3D 39 3D 26 92 F6 7E BE 2C 0C 96 AD 2A 73 72 2B 66 99 16 A0 22 DA DB 43 D1 D1 90 70 E8 E4 FD 42 BF 99 2C 4C BD E1 27 EE 28 25 B7 71 82 66 22 7A 29 B5 E0 C1 B7 DA A1 96 23 A0 19 F1 AF 08 CC 9D C8 54 45 76 8E B0 71 08 57 1D ED A9 C6 7A 17 A5 C5 A1 29 EE 53 B7 02 34 C6 10 FE F7 68 3D 0D A1 AE 0B DA 77 0E B6 14 10 DE DF 5E BE B3 84 4F 48 B2 99 4E 57 43 F9 97 17 DC 69 7A A7 70 11 AA 36 BE 4B 1C 68 D1 41 06 21 84 EA 88 A9 77 DE 59 F0 2C F3 8D D6 51 18 47 78 85 5F 1C D4 0F B2 D4 41 3E 77 54 BE 76 5F 92 81 65 CA C3 14 18 67 DD 1A F0 63 0A 3F BA BC 78 1F B7 C6 36 7C A8 DA 47 91 B5 A5 B1 AC 2F F3 11 86 94 C0 2A 99 6B DE 2A A8 2F 7B 4E 68 81 CD 32 56 66 95 F9 F7 BA C9 4B 54 62 21 8E 0D 21 86 DE A5 1C 2C 33 96 B1 49 5E 0D 4E AA F1 87 D6 12 22 A1 B3 31 A6 91 F9 9F 1E 04 0A 27 51 F3 14 72 71 D1 7B 9C AB DB 17 77 28 FB 95 D2 1B 68 AF E5 A8 A9 95 F3 5E 5F 6C C0 71 A9 C0 CC 64 C3 E5 B2 4F 17 68 9E A1 59 35 66 04 C5 14 94 9E E0 DF 33 D3 33 30 FB 5B 50 BD 05 C4 64 62 09 BB F6 0C 4B CD A5 21 CD ED A9 7D BF 59 EE 18 6B 8F AC 2F A8 FE F4 E9 A5 D2 8B CF 44 7D E3 F9 1F CD 98 54 B8 7F A6 D7 C9 58 43 35 FA AC 30 09 9B E8 55 C2 75 CB 96 E9 8B 5D 5E F9 9C A1 86 1B 77 07 AE C6 18 C5 F6 56 77 7D E6 37 73 96 60 94 FD CC A4 F9 4C 16 C6 F3 BF 52 95 C8 E1 7F EE CD 91 5D 3A EA 06 75 06 2B 2B 0D 70 38 35 C3 45 28 D5 4D FD 7B 53 A0 52 5F A1 06 1B 25 D4 AA 84 5C 5F D1 E7 06 20 BE 53 11 B5 B3 C8 28 C6 E4 F2 43 78 ED AA FE 10 01 A7 3C FB D4 E9 AE 61 2C 79 F2 C3 8D DA 17 2D 60 C1 CE B3 43 EE EC 07 65 30 18 AF 8B 37 0E C6 11 5C E0 C4 C0 F1 59 D6 27 7B 1E 24 64 CF A3 29 70 1A 8F 37 5C 6D 45 D7 78 EE 13 37 75 AA E0 B9 E6 BD 7F B5 47 45 AA 48 F8 8A 32 6B C6 58 91 A5 70 C3 93 D8 C2 43 4F 78 A0 3E 06 51 F8 6A 39 14 43 F0 BA 02 8C D7 DB 0F 0D BB 90 56 B8 53 54 D7 81 1B 20 0C 23 3B 32 D6 40 9F AA B4 9D 8F 1C 89 A1 2A 2C C4 F8 6C 7D FB BB D6 AD 9B 18 65 46 14 11 A4 41 67 CD 12 D9 09 2B B5 30 6F 72 4D 89 47 7A 0C 3D F8 E0 EC BC 0C 68 59 B0 05 88 4B 0D CE 10 9B 5D F8 BA DE 08 9B F8 A5 1A 9C 67 7D 59 B6 8D FE ED C9 33 CC EF 11 5E 2A 16 E5 75 42 7F D4 81 AA 50 B0 58 64 0F E2 CE 81 A4 7D 2D 80 66 CB 22 09 24 E6 8B 12 99 3D F8 38 07 4B E1 6D AB EA 63 53 CB 20 89 57 B9 AA 6F 45 BC CF D4 4E D0 42 3F C5 01 00 83 EF 80 39 BC 76 21 58 2D 45 D5 8F 04 B1 2E 8A BC 34 95 01 AA D5 6A A1 01 D3 11 CB 9E 34 7D 9C E5 C0 5D 36 58 7B 27 42 80 E1 84 8F C4 54 9E 91 19 76 E3 13 F1 F8 17 78 4F D1 A3 52 28 2B 70 E2 32 31 76 86 1A F1 7A 36 38 57 69 9C C0 1B E4 06 E3 70 F7 B3 8D 14 66 CB 1A B1 07 BB 3B CB F3 AA 6A EF CF D8 5B 0D 82 9A 72 5C 72 73 28 88 D7 F2 18 F7 49 11 ED 2C C1 77 F5 91 91 2C 26 60 18 38 B0 3F BC EF 50 FD 84 B4 27 06 A6 0E 88 45 81 A2 8B 0A 35 33 D4 F1 BF 12 E2 BB E4 91 0A E8 34 72 BC 91 50 B6 A1 38 20 6D B3 AE 0C BE B6 A6 1E 9A 41 52 CF CA C3 DE 9C A0 42 B8 B3 A8 69 24 9A 89 FD 67 EF 2C E1 06 CE 6F 93 4B 22 44 B9 B3 25 A4 B6 AE BA 22 46 EC A9 52 DF 55 72 F0 19 84 33 F8 63 CF 2B D6 D1 E6 3B 9D 4E 36 F5 EF 3B 19 27 7C 3D 65 BA BE 63 F9 51 D3 DF 20 0B 7D BD 0F 28 4A C5 96 2D 43 CE AB A6 9B DF C4 03 86 70 8A 58 51 12 C9 05 F5 06 BC 04 79 CB 67 F6 14 41 3A 02 F6 7E 92 81 65 51 F0 56 D3 66 BC 5F 45 3C AF 6F 44 BF D3 31 9F 40 39 48 C4 D2 26 46 EC C7 40 D1 E3 85 34 EB 35 62 64 4C 26 37 07 47 96 AD AF A6 F6 38 3B E4 92 23 BA 2E 95 12 20 5F 7A 22 28 11 6E 6F 4C 1C 80 E2 77 38 FB AB 3B F4 3C 3E 06 02 CA BB 70 CC D9 97 A2 D0 2B 70 AB 82 E8 22 1D 49 A4 DA BE CA 60 5F 4D AD A1 B6 8D 02 B3 32 29 58 7C 7C DB 97 36 07 9E 32 71 E2 BE 76 58 30 16 7E 2E C5 98 3F B3 08 AE E7 7D 88 8B CA 46 71 5A BF 19 9F 04 F2 9E BC 09 F0 BE F1 7C 09 EA E0 17 10 4C 5F E3 C5 DE 26 1B 78 E0 CA 1E 91 83 C7 96 98 0C E2 74 23 35 09 A2 B0 11 60 38 86 F3 EF 91 01 F1 56 6B 77 9A 12 FA E7 98 C1 1E B8 08 BE A9 15 DF C9 C0 8E B4 49 70 75 77 9F 38 86 FA 93 0D BA 81 7C 5D AF 4B FE 1A D8 15 39 E8 D4 F5 93 7C EA E6 A2 C9 DF CC 37 81 49 01 A4 95 5E 3A CC 50 01 B5 43 F3 AC 62 20 14 6D 6E 79 E2 9F 60 10 C7 EC 2B 04 66 67 32 2B BC 8B 6B CB E7 C0 0A CC 8E 65 63 A5 D4 73 5C DB 9B AF 68 54 75 A5 D3 54 24 81 67 88 5C 3F 6A EF BF 95 18 4D B8 33 B3 32 93 E0 AB A1 AD 02 EC 23 2D 47 6F E1 DA A4 29 00 71 8C 04 D7 18 2B A2 A3 E7 79 BB 52 18 62 38 D2 0B 10 CE 9F C5 01 FF 1F F3 C3 17 87 6A C8 4D 51 74 D3 C6 25 3E 49 5E E9 7C BB 9F B4 1F 26 25 24 F9 5C C1 26 7F 3B F9 EB 00 33 C7 85 3E 0F 1B 64 E5 0B 7C DD 2A 9D 74 32 A5 09 6C 2F 01 45 E0 F1 06 11 F3 E5 05 D2 9A 45 7A D0 93 20 72 20 82 9E 2B CF A2 41 19 C2 9F FF E1 DC 7C 16 80 59 2A DE E8 EA 06 60 5D 90 C9 53 29 09 52 59 9F 80 48 3E 3A 85 40 F3 A2 F3 7C 7C 8F CB A1 71 2E 9F 5D 09 70 BF 4B 38 E7 E4 0D FC BC 97 07 35 C5 25 31 8C B1 60 09 90 68 C5 18 D9 02 2F BD D5 DC CD 8E 62 37 35 B9 AF A3 7F 8C 19 26 B8 7D D6 BE B9 B9 64 4B 62 D9 7E 19 63 27 6A 67 A3 DE 28 D7 71 69 14 89 31 73 A0 67 47 DF 96 71 42 13 16 0E 7E DA C7 9E 43 08 81 E8 94 6A 9B B4 7B D2 88 BE CB 9B DC 5B 74 6F 0A FA F3 D4 C0 E8 C5 05 51 59 0D 28 2A C2 16 17 6F 56 F4 4B A8 F2 06 28 62 E6 E8 04 94 59 7C A6 4A 60 2F A9 96 10 43 84 87 68 7A FC 6A 0F B8 66 ED 2C 9F 0F 38 14 BC D6 3E 7D 2F 78 E6 8F 02 C4 54 13 80 12 E3 42 86 1C 78 2A 6F 88 4E FD 5B 31 7C 8B CE C5 61 67 A4 CE D8 0B 0B 1C 14 57 22 5D 8D 40 4C 08 23 87 BB 99 C6 0E 1A 18 AA 5D 63 84 0B 0A 9D FF F4 87 20 26 3A 9C F5 52 9E E1 DA CB 35 B0 0E 66 43 C5 34 99 7B D8 4F 0F 32 E8 F5 CF 1A 0E 22 3B 95 85 57 9B 61 3E EF E4 37 CB D2 C7 3F 5A 39 03 6D FE D4 C5 9E 5C E9 B0 91 87 26 3F BE E3 79 ED 43 2D 15 BA DA D2 C8 A2 18 CF 31 45 A5 99 F6 82 E7 D8 BC 1D FC 56 4C 39 17 1B 3B 85 4A 89 24 9C 61 8D 63 51 E0 BF 58 E6 6E E1 2C CF 78 47 E5 13 DC BD 92 33 CA 33 3C 54 FC 69 97 0D 7C DA 32 81 88 9C 46 27 C2 C9 DE D2 10 43 9F 8A 21 EF F8 0A 54 39 37 CD F6 76 33 47 14 55 46 FF F9 42 0A 68 39 A0 BA C0 5E CC 3C F2 8C E3 61 DF 23 AC A4 6B E5 38 85 7A 07 FF 12 67 68 86 AE D7 C5 C1 6A DB A4 C9 E3 02 21 73 35 73 55 FE BF 5B A4 53 A1 67 8A DC 17 71 E8 25 09 61 73 C2 4C 50 6D 2C 78 B8 B9 D0 96 64 E6 A9 69 17 54 AC 5F 05 FE 6D C7 92 40 6F E5 3E 8F 4C E6 C6 56 20 F6 67 8A DD 5C DD 8F 15 26 0B 2C D6 AF 99 65 38 65 85 9E BC 17 08 A7 E6 A2 E1 13 6C 5A 3D 90 76 41 81 AE C9 D6 D7 03 3E 73 94 D9 D6 D4 0D 0F DD 4C 8A 88 76 23 3B F5 60 96 27 A0 6C 1F C1 7A 7B 7D 69 39 BF A9 B0 A7 9B 73 0C 3B CF 4C 20 F8 3F B4 E5 73 E1 BC 5D 32 C6 32 32 F9 0C 08 8F 10 1C 7C A9 4B CA 69 B0 36 7B 92 49 ED 5F A4 8B 9E 21 95 39 95 CC D1 B0 59 2D 85 17 CE 5F 2D 6C AB 48 E7 2C 9D F2 BC F1 F5 59 42 60 01 96 71 5D E4 7E 7A D0 F3 DC BF F9 68 D0 31 4C 66 E9 0A 63 1E B4 63 08 E0 A3 0E AB 71 47 BB 9A 37 57 00 C3 64 6E 67 86 2E E5 C1 FC F0 3F 02 52 E0 7A 0B F2 BD 20 17 A9 49 D6 BD 02 33 FD 9A AA 2D EA 09 71 9A B3 88 BB 9C DC AC 09 15 7A 63 5B 6A 18 28 EB B3 A0 22 B6 3B 2B DD 75 A4 51 6B B8 74 F9 D6 1F D2 5B 1B 97 C8 C2 0B 71 44 FF 88 59 3D 25 CA 28 62 FA C9 25 BE A8 86 9F 1B EA 6A 2C 6B 2F D3 E8 10 A4 4F 8F 78 87 5E 74 23 25 A5 16 F8 BC 21 2D F0 B4 C9 42 04 4E EE 6D C7 44 12 96 71 3B E7 3F 7A 73 0C D6 0A 3F 45 45 D5 05 0E 3D B5 2B 51 C4 80 6C 2C 3F D7 7E C7 3A 5D E9 92 40 F3 6D F1 63 3E 7F B3 52 0A 64 FD AD 15 7D 73 72 1C CF 28 24 AD 4C 79 7C 91 14 1D 78 13 F0 43 3D F8 D8 44 07 D2 B4 80 7A AE A3 71 09 3B BA AC 8C B1 68 34 A3 CB BC 76 E8 C3 23 DA ED CB A3 35 50 73 38 6F B5 E9 9F 0B F2 40 4E E1 14 FD 47 63 98 17 6D 8B 5E E1 96 DA C5 0F FA 41 0F 8C E3 5D A4 59 B0 00 DD 47 81 F3 04 7D A7 74 44 05 A5 FA 87 72 58 AF B5 56 C0 4B D7 C6 DE E3 42 43 4D F4 86 84 B0 62 BB 74 A7 1F 5F 70 80 9C 88 18 CE 52 2F 47 93 20 FD A1 E4 79 E5 D2 3F E4 E8 5A 81 2B 56 14 6B 98 BA F0 C4 4A D6 D3 45 2C 45 A8 F1 6D AF 7D BF 4B 80 4A 59 AB E6 AF ED 1B BF 65 FA 18 C9 0F 91 EA  [Binary data over 200 bytes]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89969DE8-1280-4920-9B44-9C3958458121}: DhcpNameServer = 192.168.4.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B34D42C6-68EB-4E24-855E-58506F5252C2}: NameServer = 192.168.4.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Programme\Stardock\Fences\FencesMenu.dll (Stardock)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ef74e082-ec70-11e1-898b-bc5ff43ad264}\Shell - "" = AutoRun
O33 - MountPoints2\{ef74e082-ec70-11e1-898b-bc5ff43ad264}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{ef74e082-ec70-11e1-898b-bc5ff43ad264}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{ef74e082-ec70-11e1-898b-bc5ff43ad264}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.26 16:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.07.26 16:17:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2013.07.26 16:12:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.26 14:46:26 | 000,000,000 | ---D | C] -- C:\Users\Norbert\AppData\Roaming\mirkes.de
[2013.07.26 14:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\mirkes.de
[2013.07.26 14:43:10 | 000,000,000 | ---D | C] -- C:\Users\Norbert\Desktop\8 gb
[2013.07.20 16:29:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe
[2013.07.03 12:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.07.03 12:31:25 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2013.07.03 12:30:32 | 020,553,576 | ---- | C] (Simply Super Software                                       ) -- C:\Program Files\trjsetup687.exe
[2013.06.28 18:43:29 | 000,000,000 | ---D | C] -- C:\Users\Norbert\AppData\Roaming\NVIDIA
[2013.06.27 20:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.06.27 20:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.06.27 20:46:27 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.06.27 19:17:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.26 18:07:12 | 000,029,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.26 18:07:12 | 000,029,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.26 18:05:12 | 000,712,666 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.07.26 18:05:12 | 000,665,198 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.26 18:05:12 | 000,154,602 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.07.26 18:05:12 | 000,126,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.07.26 18:04:01 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3428010751-2619372767-2291058075-1000UA.job
[2013.07.26 18:00:39 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.07.26 18:00:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.26 18:00:13 | 2412,437,504 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.25 18:55:38 | 000,007,609 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Resmon.ResmonCfg
[2013.07.25 17:53:31 | 000,000,132 | ---- | M] () -- C:\Users\Norbert\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013.07.25 14:45:50 | 000,000,294 | ---- | M] () -- C:\Users\Norbert\Documents\cc_20130725_144546.reg
[2013.07.25 14:44:48 | 000,000,448 | ---- | M] () -- C:\Users\Norbert\Documents\cc_20130725_144114.reg
[2013.07.25 13:04:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3428010751-2619372767-2291058075-1000Core.job
[2013.07.25 11:08:27 | 000,000,228 | ---- | M] () -- C:\Windows\tasks\CDHArchiv.job
[2013.07.24 15:24:45 | 000,000,262 | ---- | M] () -- C:\Windows\hpbafd.ini
[2013.07.23 20:19:02 | 000,811,162 | ---- | M] () -- C:\Users\Norbert\Desktop\AKJN.cdr
[2013.07.20 18:13:25 | 000,001,038 | ---- | M] () -- C:\Users\Norbert\Documents\cc_20130720_181321.reg
[2013.07.18 15:37:24 | 000,689,273 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1EPS.eps
[2013.07.18 15:35:55 | 000,548,298 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1E.pdf
[2013.07.18 15:34:14 | 001,024,388 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1X.pdf
[2013.07.18 15:33:22 | 000,847,022 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1.pdf
[2013.07.18 15:29:14 | 002,714,905 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1.ai
[2013.07.18 15:27:32 | 002,710,456 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz.ai
[2013.07.18 15:26:35 | 001,307,848 | ---- | M] () -- C:\Users\Norbert\Desktop\Vorderseite2.cdr
[2013.07.18 15:25:17 | 004,744,878 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz.eps
[2013.07.18 15:05:10 | 001,317,204 | ---- | M] () -- C:\Users\Norbert\Desktop\Sicherungskopie_von_Vorderseite2.cdr
[2013.07.18 15:04:30 | 001,639,604 | ---- | M] () -- C:\Users\Norbert\Desktop\Vorderseite1.cdr
[2013.07.18 15:02:24 | 000,589,708 | ---- | M] () -- C:\Users\Norbert\Desktop\UnterkartonKurve.cdr
[2013.07.18 14:27:23 | 000,847,012 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz.pdf
[2013.07.18 14:27:08 | 000,592,354 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Unterkarton_Rz.pdf
[2013.07.18 14:26:55 | 000,398,371 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307_Control.pdf
[2013.07.18 11:25:16 | 000,003,190 | ---- | M] () -- C:\Users\Norbert\Desktop\Grafik1export.ai
[2013.07.18 11:24:43 | 000,003,186 | ---- | M] () -- C:\Users\Norbert\Desktop\Grafik1.ai
[2013.07.17 15:34:42 | 000,250,886 | ---- | M] () -- C:\Users\Norbert\Desktop\FMGC_ logo seul.pdf
[2013.07.17 15:34:30 | 000,672,570 | ---- | M] () -- C:\Users\Norbert\Desktop\FMGC_ logo seul.eps
[2013.07.17 15:34:19 | 000,235,662 | ---- | M] () -- C:\Users\Norbert\Desktop\FMGC_ logo seul.ai
[2013.07.17 15:06:23 | 001,259,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.07.16 16:31:39 | 000,126,560 | ---- | M] () -- C:\Windows\FontData.fdb
[2013.07.16 16:17:00 | 000,141,796 | ---- | M] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307TitelBd_Typofarbe.pdf
[2013.07.15 15:13:55 | 000,002,002 | -H-- | M] () -- C:\Users\Norbert\Documents\Default.rdp
[2013.07.13 18:29:42 | 000,001,105 | ---- | M] () -- C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
[2013.07.13 15:15:26 | 000,001,698 | ---- | M] () -- C:\Users\Norbert\Documents\cc_20130713_151459.reg
[2013.07.12 19:37:42 | 000,083,372 | ---- | M] () -- C:\Users\Norbert\Desktop\StAc_Brotbox2013_120x73_x3.cdr
[2013.07.12 19:32:55 | 001,541,302 | ---- | M] () -- C:\Users\Norbert\Desktop\StAc_Brotbox2013_120x73_x3.pdf
[2013.07.11 12:54:27 | 000,039,510 | ---- | M] () -- C:\Users\Norbert\Desktop\Unbenannt-1w.cdr
[2013.07.11 12:09:53 | 001,247,506 | ---- | M] () -- C:\Users\Norbert\Desktop\KV1.cdr
[2013.07.11 12:07:03 | 000,042,794 | ---- | M] () -- C:\Users\Norbert\Desktop\Unbenannt-5.cdr
[2013.07.11 11:58:32 | 002,241,059 | ---- | M] () -- C:\Users\Norbert\Desktop\Unbenannt-4.jpg
[2013.07.10 19:15:10 | 000,000,537 | -H-- | M] () -- C:\Windows\System32\GelSprinter GX 7000.CAC
[2013.07.10 12:10:33 | 003,991,401 | ---- | M] () -- C:\Users\Norbert\Desktop\Wiedem5105a.jpg
[2013.07.09 08:25:48 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.05 19:33:35 | 000,013,554 | ---- | M] () -- C:\Users\Norbert\Documents\cc_20130705_193317.reg
[2013.07.05 19:23:07 | 033,829,376 | ---- | M] () -- C:\Users\Norbert\Desktop\Firmenbroschuere1.pdf
[2013.07.04 17:41:27 | 002,309,838 | ---- | M] () -- C:\Users\Norbert\Desktop\IMGP6469.jpg
[2013.07.04 10:29:19 | 000,000,907 | ---- | M] () -- C:\Program Files\Programme - Verknüpfung.lnk
[2013.07.03 12:30:32 | 020,553,576 | ---- | M] (Simply Super Software                                       ) -- C:\Program Files\trjsetup687.exe
[2013.07.02 19:57:52 | 000,000,000 | ---- | M] () -- C:\Users\Norbert\windowsupdate.exe
[2013.07.02 15:54:00 | 000,212,657 | ---- | M] () -- C:\Users\Norbert\Desktop\Reiniger.pdf
[2013.07.02 15:17:41 | 000,794,912 | ---- | M] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim.cdr
[2013.07.02 15:16:54 | 000,375,362 | ---- | M] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim_1.cdr
[2013.07.02 14:42:50 | 000,830,924 | ---- | M] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim1gelb.jpg
[2013.07.02 14:31:24 | 000,671,229 | ---- | M] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim1.jpg
[2013.07.02 14:23:07 | 001,496,768 | ---- | M] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim.eps
[2013.07.02 14:22:03 | 003,432,049 | ---- | M] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim.pdf
[2013.06.29 16:15:16 | 095,023,320 | ---- | M] () -- C:\ProgramData\mjqwf.pad
[2013.06.27 11:26:19 | 000,346,331 | ---- | M] () -- C:\Users\Norbert\Desktop\Buller Einschaltseite.pdf
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.25 18:55:38 | 000,007,609 | ---- | C] () -- C:\Users\Norbert\AppData\Local\Resmon.ResmonCfg
[2013.07.25 14:45:48 | 000,000,294 | ---- | C] () -- C:\Users\Norbert\Documents\cc_20130725_144546.reg
[2013.07.25 14:43:25 | 000,000,448 | ---- | C] () -- C:\Users\Norbert\Documents\cc_20130725_144114.reg
[2013.07.23 17:14:00 | 000,811,162 | ---- | C] () -- C:\Users\Norbert\Desktop\AKJN.cdr
[2013.07.20 18:13:22 | 000,001,038 | ---- | C] () -- C:\Users\Norbert\Documents\cc_20130720_181321.reg
[2013.07.20 16:29:21 | 000,196,608 | ---- | C] () -- C:\ProgramData\b9nii.dat
[2013.07.18 15:37:23 | 000,689,273 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1EPS.eps
[2013.07.18 15:35:54 | 000,548,298 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1E.pdf
[2013.07.18 15:34:11 | 001,024,388 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1X.pdf
[2013.07.18 15:33:22 | 000,847,022 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1.pdf
[2013.07.18 15:29:11 | 002,714,905 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz1.ai
[2013.07.18 15:27:30 | 002,710,456 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz.ai
[2013.07.18 15:26:35 | 001,317,204 | ---- | C] () -- C:\Users\Norbert\Desktop\Sicherungskopie_von_Vorderseite2.cdr
[2013.07.18 15:25:13 | 004,744,878 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz.eps
[2013.07.18 15:05:07 | 001,307,848 | ---- | C] () -- C:\Users\Norbert\Desktop\Vorderseite2.cdr
[2013.07.18 15:04:30 | 001,639,604 | ---- | C] () -- C:\Users\Norbert\Desktop\Vorderseite1.cdr
[2013.07.18 15:02:24 | 000,589,708 | ---- | C] () -- C:\Users\Norbert\Desktop\UnterkartonKurve.cdr
[2013.07.18 14:27:23 | 000,847,012 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Titel_Rz.pdf
[2013.07.18 14:27:08 | 000,592,354 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307Unterkarton_Rz.pdf
[2013.07.18 14:25:00 | 000,398,371 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307_Control.pdf
[2013.07.18 11:25:14 | 000,003,190 | ---- | C] () -- C:\Users\Norbert\Desktop\Grafik1export.ai
[2013.07.18 11:24:39 | 000,003,186 | ---- | C] () -- C:\Users\Norbert\Desktop\Grafik1.ai
[2013.07.17 15:34:39 | 000,250,886 | ---- | C] () -- C:\Users\Norbert\Desktop\FMGC_ logo seul.pdf
[2013.07.17 15:34:27 | 000,672,570 | ---- | C] () -- C:\Users\Norbert\Desktop\FMGC_ logo seul.eps
[2013.07.17 15:34:15 | 000,235,662 | ---- | C] () -- C:\Users\Norbert\Desktop\FMGC_ logo seul.ai
[2013.07.16 16:17:00 | 000,141,796 | ---- | C] () -- C:\Users\Norbert\Desktop\BiPr_Tischkal1307TitelBd_Typofarbe.pdf
[2013.07.13 18:29:42 | 000,001,105 | ---- | C] () -- C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
[2013.07.13 15:15:02 | 000,001,698 | ---- | C] () -- C:\Users\Norbert\Documents\cc_20130713_151459.reg
[2013.07.12 19:37:42 | 000,083,372 | ---- | C] () -- C:\Users\Norbert\Desktop\StAc_Brotbox2013_120x73_x3.cdr
[2013.07.12 19:32:55 | 001,541,302 | ---- | C] () -- C:\Users\Norbert\Desktop\StAc_Brotbox2013_120x73_x3.pdf
[2013.07.11 12:54:22 | 000,039,510 | ---- | C] () -- C:\Users\Norbert\Desktop\Unbenannt-1w.cdr
[2013.07.11 12:09:53 | 001,247,506 | ---- | C] () -- C:\Users\Norbert\Desktop\KV1.cdr
[2013.07.11 12:07:03 | 000,042,794 | ---- | C] () -- C:\Users\Norbert\Desktop\Unbenannt-5.cdr
[2013.07.11 11:58:26 | 002,241,059 | ---- | C] () -- C:\Users\Norbert\Desktop\Unbenannt-4.jpg
[2013.07.10 12:10:30 | 003,991,401 | ---- | C] () -- C:\Users\Norbert\Desktop\Wiedem5105a.jpg
[2013.07.05 19:33:20 | 000,013,554 | ---- | C] () -- C:\Users\Norbert\Documents\cc_20130705_193317.reg
[2013.07.05 19:22:47 | 033,829,376 | ---- | C] () -- C:\Users\Norbert\Desktop\Firmenbroschuere1.pdf
[2013.07.04 17:41:25 | 002,309,838 | ---- | C] () -- C:\Users\Norbert\Desktop\IMGP6469.jpg
[2013.07.04 10:29:19 | 000,000,907 | ---- | C] () -- C:\Program Files\Programme - Verknüpfung.lnk
[2013.07.02 19:57:52 | 000,000,000 | ---- | C] () -- C:\Users\Norbert\windowsupdate.exe
[2013.07.02 15:54:00 | 000,212,657 | ---- | C] () -- C:\Users\Norbert\Desktop\Reiniger.pdf
[2013.07.02 15:13:31 | 000,375,362 | ---- | C] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim_1.cdr
[2013.07.02 14:45:44 | 000,794,912 | ---- | C] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim.cdr
[2013.07.02 14:42:47 | 000,830,924 | ---- | C] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim1gelb.jpg
[2013.07.02 14:31:17 | 000,671,229 | ---- | C] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim1.jpg
[2013.07.02 14:23:06 | 001,496,768 | ---- | C] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim.eps
[2013.07.02 14:22:03 | 003,432,049 | ---- | C] () -- C:\Users\Norbert\Desktop\BK-Logo-mit-Claim.pdf
[2013.06.29 16:14:32 | 095,023,320 | ---- | C] () -- C:\ProgramData\mjqwf.pad
[2013.06.27 11:26:18 | 000,346,331 | ---- | C] () -- C:\Users\Norbert\Desktop\Buller Einschaltseite.pdf
[2013.06.23 17:22:16 | 095,023,320 | ---- | C] () -- C:\ProgramData\jejvo.pad
[2013.05.18 19:50:51 | 000,600,403 | ---- | C] () -- C:\Users\Norbert\6029309.exe
[2013.05.12 19:57:25 | 000,011,776 | ---- | C] () -- C:\Users\Norbert\2f539dpvqv5xt.exe
[2013.05.12 19:38:50 | 000,011,776 | ---- | C] () -- C:\Users\Norbert\dt2lf3vtcjeoc.exe
[2013.05.12 19:22:07 | 000,011,776 | ---- | C] () -- C:\Users\Norbert\tha9bx10soome.exe
[2013.05.12 19:21:52 | 000,011,776 | ---- | C] () -- C:\Users\Norbert\qn6c62m15xx71.exe
[2013.05.12 19:21:35 | 000,006,075 | ---- | C] () -- C:\Program Files\PUVDOZb5.dat
[2013.05.12 19:21:33 | 000,011,776 | ---- | C] () -- C:\Users\Norbert\7yz12gie5suc1.exe
[2013.05.10 20:34:14 | 000,010,240 | ---- | C] () -- C:\Users\Norbert\wcry02lb1a04w.exe
[2013.05.10 20:33:38 | 000,010,240 | ---- | C] () -- C:\Users\Norbert\qow7m7yo8m9ey.exe
[2013.05.10 20:33:27 | 000,005,562 | ---- | C] () -- C:\Program Files\STSHMVba.dat
[2013.05.10 20:33:26 | 000,010,240 | ---- | C] () -- C:\Users\Norbert\ubsz5zfnwigk2.exe
[2013.04.23 21:18:08 | 095,023,320 | ---- | C] () -- C:\ProgramData\7ot97.pad
[2013.04.23 20:30:32 | 095,023,320 | ---- | C] () -- C:\ProgramData\lej2ir.pad
[2013.04.12 13:39:48 | 000,000,132 | ---- | C] () -- C:\Users\Norbert\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2013.03.30 17:41:55 | 000,000,004 | ---- | C] () -- C:\Users\Norbert\AppData\Roaming\AltShell.ini
[2013.03.23 13:44:46 | 000,000,094 | ---- | C] () -- C:\Windows\fnerr.dat
[2013.03.17 21:10:58 | 095,023,320 | ---- | C] () -- C:\ProgramData\9003546.pad
[2013.03.13 20:18:58 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2013.02.26 21:23:36 | 095,023,320 | ---- | C] () -- C:\ProgramData\2249601.pad
[2013.02.13 16:00:36 | 000,000,095 | ---- | C] () -- C:\Users\Norbert\AppData\Local\fusioncache.dat
[2013.02.13 10:49:17 | 000,018,944 | ---- | C] ( ) -- C:\Windows\System32\IMPLODE.DLL
[2013.02.13 10:49:05 | 000,061,440 | ---- | C] () -- C:\Windows\System32\U25STORE.DLL
[2013.02.13 10:49:05 | 000,059,904 | ---- | C] () -- C:\Windows\System32\U25TOTAL.DLL
[2013.02.13 10:49:05 | 000,040,960 | ---- | C] () -- C:\Windows\System32\u2lbar.dll
[2012.12.05 11:02:58 | 000,207,872 | ---- | C] () -- C:\Windows\System32\PATCHW32.DLL
[2012.10.25 12:17:53 | 000,053,248 | ---- | C] () -- C:\Windows\exitwx.exe
[2012.10.19 16:27:00 | 000,525,824 | ---- | C] () -- C:\Program Files\fonts.exe
[2012.10.02 16:14:02 | 000,047,713 | ---- | C] () -- C:\Windows\System32\drivers\HCDisk.sys
[2012.10.02 16:12:34 | 000,006,144 | ---- | C] () -- C:\Windows\System32\drivers\sioctl.sys
[2012.09.13 18:23:12 | 000,000,262 | ---- | C] () -- C:\Windows\hpbafd.ini
[2012.08.25 13:15:39 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012.08.24 12:42:12 | 000,000,132 | ---- | C] () -- C:\Users\Norbert\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.08.24 08:46:03 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.08.23 14:22:41 | 000,959,683 | ---- | C] () -- C:\Windows\System32\RCDAD140.DLL
[2012.08.23 14:22:41 | 000,034,816 | ---- | C] ( ) -- C:\Windows\System32\RC00C140.dll
[2012.08.23 14:22:41 | 000,000,148 | ---- | C] () -- C:\Windows\ricdb.ini
[2012.08.23 14:22:30 | 000,000,000 | ---- | C] () -- C:\Windows\System32\RPCS.ini
[2012.08.23 11:37:51 | 000,000,401 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012.08.23 09:22:13 | 000,712,666 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2012.08.23 09:22:13 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2012.08.23 09:22:13 | 000,154,602 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2012.08.23 09:22:13 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2012.08.22 17:43:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.22 17:36:13 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012.08.22 17:35:47 | 002,261,764 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2012.07.28 03:30:54 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.07.28 03:30:54 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.07.27 22:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.04.12 21:30:10 | 000,637,743 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.03.25 21:14:22 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Bauvq
[2012.08.23 12:11:21 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Bitstream
[2012.08.23 15:35:44 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Canon
[2013.02.13 16:01:46 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\CDH GmbH
[2012.08.24 19:26:32 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.03.08 21:27:52 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Cuoz
[2012.10.19 16:09:32 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\DownloadAcceleratorPackages
[2013.04.12 20:05:50 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Eqwado
[2013.03.08 21:27:52 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Hocuor
[2013.03.14 13:52:27 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Hyekci
[2012.08.23 12:18:01 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\IcoFX
[2013.04.12 20:05:50 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Keno
[2013.06.13 14:21:31 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\mbams
[2013.07.26 14:46:26 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\mirkes.de
[2013.04.07 19:42:59 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Mofug
[2013.04.12 20:05:50 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Neinka
[2013.05.03 11:24:20 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Ohqego
[2013.04.10 19:42:57 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Ohxyy
[2013.03.08 20:53:19 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Poekn
[2013.05.10 20:33:27 | 000,000,000 | RHSD | M] -- C:\Users\Norbert\AppData\Roaming\Ppugfuy
[2013.06.03 13:41:59 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Pypi
[2013.07.27 03:14:00 | 000,000,000 | RHSD | M] -- C:\Users\Norbert\AppData\Roaming\Qsrmpsz
[2013.03.08 21:27:52 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Rubo
[2012.08.24 18:52:09 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.08.23 11:27:47 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Stardock
[2012.12.05 11:42:34 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\TeamViewer
[2013.03.08 20:53:19 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Tukiu
[2013.05.17 20:29:36 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Uheci
[2013.07.05 13:35:39 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Ukty
[2013.03.27 12:27:58 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Uvygty
[2013.04.12 11:17:07 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Viak
[2012.08.23 11:42:13 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Windows Home Server
[2013.06.23 18:34:56 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\winlogon
[2012.08.23 10:47:19 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Winsplit Revolution
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

Microsoft security client user interface geht nicht.

Plagegeister aller Art und deren Bekämpfung: Microsoft security client user interface geht nicht.

Microsoft security client user interface geht nicht.

Ähnliche Themen: Microsoft security client user interface geht nicht.