| |
| |||||||
Log-Analyse und Auswertung: Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- OnlinebankingWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
04.02.2014, 12:15
| #1 |
| |  Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Hallo helfende Hand  mir ist aufgefallen, dass mein Laptop sich merkwürdig verhält! (Toshiba Satellite-Windows7-SP1-Firefox) es fing an, dass ich nicht mehr in meinen Internetoptionen reingekommen bin, über die Systemsteuerung! Des weiteren funzt auch der Firefox nicht mehr so wie ich es gewohnt bin! ich habe einige Websites in der Jumpliste von Firefox angeheftet, die ich immer auf diesen Weg angewählt habe um ein externen TAB zu öffnen & somit direkt auf meine angehefteten Sites zu landen. Egal aber wie oft ich den Firefox schon deinstalliert habe, leitet er mich immer wieder auf Google zurück. Ich habe mal einen Scan durchgeführt mit HitmanPro & der fand 3 Malware, 1 Riskware & auch einen Trojan namens eGdpSvc.exe! Alle sind z.Z. in Quarantäne  Was mich aber am meisten beängstigt ist, dass mir beim Onlinebanking erzählt wird, dass die Tan schon verbraucht ist! Deshalb wende ich mich an Euch, da ich aufs banking nicht verzichten kann! Hoffe alles richtig beachtet zu haben & hoffe mir kann geholfen werden?! LG Sanchoss Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Sascha & Nancy (administrator) on TOSHIBA on 04-02-2014 10:41:29
Running from C:\Users\Sascha & Nancy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft) C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-03-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [ProtectedNET] - C:\Users\Sascha & Nancy\Desktop\Laufwerk\Jappy Rang + Credit Hack by JiNNy.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Run: [logger] - wscript.exe //B "C:\Users\SASCHA~1\AppData\Local\Temp\logger.vbs" <===== ATTENTION
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Run: [AppsHat] - C:\Users\Sascha & Nancy\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: F - F:\Windows\StartFreeStyle.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {03692143-0ef0-11e3-b86b-00266ca80786} - H:\OriginInstaller.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b62b-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b632-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b65e-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {16737d40-ef63-11e2-bb4d-00266ca80786} - F:\Windows\StartFreeStyle.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {25143ae8-a14c-11e0-bd9d-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {25143aee-a14c-11e0-bd9d-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {41b933f8-27bd-11e1-90f6-00266ca80786} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {46866801-485f-11e1-8d41-00266ca80786} - F:\LGAutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {598939d1-1d9a-11e1-bab4-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {598939d6-1d9a-11e1-bab4-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {99948c1c-26f7-11e1-b79e-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {a9856250-36ba-11e2-947c-00266ca80786} - F:\zdata\cobi.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {f6528305-95ce-11e2-ade5-00266ca80786} - F:\setup.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => File Not Found
AppInit_DLLs: c:\progra~2\movies~1\safety~1\x64\safety~2.dll => File Not Found
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies toolbar\safetynut\safetycrt.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=1367078727
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = https://isearch.avg.com/?cid={D4128F4D-FFC4-4AD1-8D6B-8FA976F2493E}&mid=16cd0fb9c80147d1b59ad16f2a4cee75-ca2be2ccc0d80f6eca87e1d1dfbe0cd3c2f66768&lang=en&ds=ft011&pr=sa&d=2012-07-25 16:17:44&v=12.1.0.21&sap=hp
URLSearchHook: HKCU - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=7077985
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=7077985
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {178A504F-74E0-4342-9DF2-00A4A0B137F8} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={ED33D242-60D1-11E2-B3A9-00266CA80786}
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {5319BB5F-8644-FBC1-3546-685F8AE5B160} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=430&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3205709
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - {3F7E5C68-5C60-4FB5-B191-1B04DDDE8979} URL =
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL =
SearchScopes: HKCU - {6ADFBB29-55DE-4137-996D-31FE316578AF} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A5B9220D-875B-4C63-A4B1-AABF1D74E973}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default
FF Homepage: google.de
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\portaldosites.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Escamod - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\escamod@gmx.net0002.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-23]
FF Extension: Tab Mix Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-23]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
Chrome:
=======
CHR Extension: (Zoomex) - C:\Users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc [2013-01-28]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\SASCHA~1\AppData\Local\funmoods.crx [2013-01-28]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\SASCHA~1\AppData\Local\funmoods-speeddial.crx [2012-07-28]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2012-07-28]
CHR HKCU\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKCU\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Sascha & Nancy\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Sascha & Nancy\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
==================== Services (Whitelisted) =================
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [200704 2006-08-11] (InterVideo Inc.)
R2 HeimdalSecureDNS; C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [93856 2013-11-06] (Microsoft)
R2 HeimdalService; C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [132768 2013-11-06] (CSIS Security Group)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1752488 2014-02-04] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 HPSLPSVC; C:\Users\SASCHA~1\AppData\Local\Temp\7zS4921\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2014-02-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-02-25] (WinISO.com)
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S1 pmplcahk; \??\C:\Windows\system32\drivers\pmplcahk.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-04 10:41 - 2014-02-04 10:42 - 00029727 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:41 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-04 10:39 - 2014-02-04 10:40 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Downloads\FRST64.exe
2014-02-04 10:37 - 2014-02-04 10:39 - 00000490 _____ () C:\Users\Sascha & Nancy\Downloads\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 10:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:41 - 2014-02-04 08:42 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:28 - 2014-02-04 08:29 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:12 - 2014-02-04 08:13 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-04 07:59 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-04 07:59 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-04 07:59 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-04 07:58 - 2014-02-04 07:59 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-01-30 12:55 - 2014-01-30 12:58 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:26 - 2014-02-02 14:21 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:22 - 2014-01-23 07:24 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-21 22:34 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-21 22:34 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-21 22:34 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-21 22:34 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-21 22:33 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-21 22:33 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-21 22:33 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-18 12:02 - 2014-02-02 16:44 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:23 - 2014-01-21 08:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 05:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:23 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:23 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:02 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-12 16:02 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-12 16:02 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-12 16:02 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-12 16:02 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-12 16:02 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-12 16:02 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-12 16:02 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-12 16:02 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-12 16:02 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-12 16:02 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-12 16:02 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-12 16:02 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-12 16:02 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-10 14:01 - 2014-01-10 14:02 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
==================== One Month Modified Files and Folders =======
2014-02-04 10:42 - 2014-02-04 10:41 - 00029727 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:42 - 2012-06-13 07:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 10:41 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-04 10:40 - 2014-02-04 10:39 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Downloads\FRST64.exe
2014-02-04 10:39 - 2014-02-04 10:37 - 00000490 _____ () C:\Users\Sascha & Nancy\Downloads\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:37 - 2011-06-09 16:52 - 00000000 ____D () C:\Users\Sascha & Nancy
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:33 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:33 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:31 - 2011-01-24 19:54 - 01786406 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 10:25 - 2013-10-05 18:42 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar
2014-02-04 10:25 - 2013-08-23 09:51 - 00031418 _____ () C:\Windows\setupact.log
2014-02-04 10:25 - 2013-01-12 14:07 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-04 10:25 - 2012-03-19 20:54 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 10:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 10:24 - 2013-10-05 18:43 - 00000000 ____D () C:\ProgramData\Wincert
2014-02-04 10:24 - 2011-10-21 19:25 - 00000000 ____D () C:\Program Files (x86)\BrowserCompanion
2014-02-04 10:24 - 2010-11-16 18:49 - 00806366 _____ () C:\Windows\PFRO.log
2014-02-04 10:16 - 2013-01-17 19:15 - 00000000 ____D () C:\Program Files (x86)\SweetIM
2014-02-04 10:15 - 2013-06-10 07:31 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Omiga Plus
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:57 - 2012-03-19 20:54 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-04 09:11 - 2011-06-10 22:52 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:59 - 2014-02-04 08:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:41 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:37 - 2012-10-21 11:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-04 08:34 - 2011-06-09 16:55 - 00113272 _____ () C:\Users\Sascha & Nancy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-04 08:33 - 2009-07-14 05:45 - 00432024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:29 - 2014-02-04 08:28 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ____D () C:\ProgramData\Skype
2014-02-04 08:24 - 2012-06-13 07:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 08:24 - 2012-06-13 07:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 08:24 - 2012-06-13 07:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:12 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2014-02-04 07:58 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:59 - 2012-06-22 11:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-04 07:55 - 2012-03-19 06:53 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-02-04 07:23 - 2011-06-10 08:54 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Adobe
2014-02-04 07:19 - 2013-01-21 18:38 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-04 07:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-02 16:44 - 2014-01-18 12:02 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-02-02 14:21 - 2014-01-25 12:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-30 12:58 - 2014-01-30 12:55 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:24 - 2014-01-23 07:22 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-23 07:24 - 2013-12-20 10:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:23 - 2011-09-23 06:51 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla
2014-01-21 10:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-21 08:32 - 2014-01-17 17:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-21 08:31 - 2011-01-24 20:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:29 - 2011-06-09 16:52 - 00000000 ___RD () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-21 08:29 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\ShellNew
2014-01-21 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-21 08:27 - 2009-07-14 03:34 - 00000419 _____ () C:\Windows\win.ini
2014-01-21 08:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 08:33 - 2011-09-03 08:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 18:33 - 2009-07-14 18:58 - 07533032 _____ () C:\Windows\system32\perfh007.dat
2014-01-17 18:33 - 2009-07-14 18:58 - 02331660 _____ () C:\Windows\system32\perfc007.dat
2014-01-17 18:33 - 2009-07-14 06:13 - 00005422 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-17 17:27 - 2013-12-05 09:12 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Rocco
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:26 - 2012-07-14 09:44 - 00000000 ____D () C:\Users\Sascha & Nancy\.gimp-2.8
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 22:20 - 2013-08-14 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:18 - 2011-06-13 14:57 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 15:25 - 2011-12-07 16:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Skype
2014-01-15 06:47 - 2012-12-27 15:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Mucke
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:16 - 2012-09-22 08:16 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\SH5
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:28 - 2013-03-19 06:35 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-12 15:52 - 2012-12-28 17:07 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-01-12 12:55 - 2013-12-02 10:33 - 00000000 ____D () C:\Program Files (x86)\Vector Magic
2014-01-12 12:55 - 2013-11-18 19:30 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-01-12 12:55 - 2010-11-16 18:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-10 14:02 - 2014-01-10 14:01 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
2014-01-07 06:07 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-06 20:38 - 2013-09-04 08:43 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\TKKG
Files to move or delete:
====================
C:\Users\Sascha & Nancy\AppData\Roaming\skype.ini
Some content of TEMP:
====================
C:\Users\Sascha & Nancy\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\Delta.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\DeltaTB.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\propsys.dll
C:\Users\Sascha & Nancy\AppData\Local\Temp\SHSetup.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\Uninstall.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\WSSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-17 05:43
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by Sascha & Nancy at 2014-02-04 10:42:54
Running from C:\Users\Sascha & Nancy\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.7.148 - Adobe Systems, Inc.)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: - )
ATI Catalyst Install Manager (Version: 3.0.769.0 - ATI Technologies, Inc.)
Battlefield 3™ (x32 Version: 1.0.0.0 - Electronic Arts)
Bluetooth Stack for Windows by Toshiba (Version: v7.10.16(T) - TOSHIBA CORPORATION)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bundled software uninstaller (x32 Version: - ) <==== ATTENTION
ccc-utility64 (Version: 2010.0426.2136.36953 - ATI) Hidden
CDBurnerXP (x32 Version: 4.5.2.4255 - CDBurnerXP)
Conexant Audio Driver For AMD HDMI Codec (Version: 4.98.26.0 - Conexant)
Conexant HD Audio (Version: 4.119.0.61 - Conexant)
ContentSAFER for Wizmax (x32 Version: - )
Convert AVI to MP4 1.3 (x32 Version: - convertavitomp3.com)
Free M4a to MP3 Converter 7.2 (x32 Version: - ManiacTools.com)
GIMP 2.8.8 (Version: 2.8.8 - The GIMP Team)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GotClip Downloader (x32 Version: - )
Heimdal (x32 Version: 1.8.2.531 - CSIS Security Group)
HitmanPro.Alert (Version: 2.0.9.34 - SurfRight B.V.)
IsoBuster 3.1 (x32 Version: 3.1 - Smart Projects)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (64-bit) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.0.0657.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MP4 To MP3 Converter V3.0.4 (x32 Version: - hxxp://www.MP4ToMP3Converter.net)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
OpenOffice 4.0.0 (x32 Version: 4.00.9702 - Apache Software Foundation)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
ScummVM 1.4.1 (x32 Version: - The ScummVM Team)
Secunia PSI (3.0.0.9016) (x32 Version: 3.0.0.9016 - Secunia)
Skype™ 6.3 (x32 Version: 6.3.105 - Skype Technologies S.A.)
swMSM (x32 Version: - )
Synaptics Pointing Device Driver (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Bulletin Board (Version: 1.6.08.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA PC Health Monitor (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (Version: 2.1.0.5 x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.16.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
WinISO (x32 Version: 6.3.0.4804 - WinISO Computing Inc.)
WinRAR 4.10 (64-Bit) (Version: 4.10.0 - win.rar GmbH)
==================== Restore Points =========================
19-01-2014 03:12:30 Windows Update
19-01-2014 22:41:31 Windows Update
21-01-2014 07:15:54 Windows Modules Installer
21-01-2014 07:24:33 Removed Microsoft Office Professional 2010
21-01-2014 21:33:37 Windows Update
25-01-2014 05:07:24 Windows Update
29-01-2014 04:26:20 Windows Update
01-02-2014 05:15:42 Windows Update
04-02-2014 06:17:43 Removed BlueStacks Notification Center
04-02-2014 06:26:53 Installed Java 7 Update 51 (64-bit)
04-02-2014 06:57:47 Installed Java 7 Update 51
04-02-2014 07:01:26 Windows Update
04-02-2014 08:11:27 Installed MSXML 4.0 SP3 Parser
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1CB99055-AEF9-4736-910E-B880E291399A} - System32\Tasks\Google Updater and Installer => C:\Users\Sascha & Nancy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {2511F56C-248C-49E9-845A-FA3FA079CACD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19] (Google Inc.)
Task: {355A8926-91EF-4759-955B-CC7D6534AEE9} - System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574} => Firefox.exe
Task: {385111CA-A7CC-4C7A-8A3F-99D88066D360} - System32\Tasks\{5425D119-CB66-4278-B098-0F2B3BF05957} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?LastError=1638
Task: {50998153-E4E4-45DA-932D-CBCFFCAF1FC0} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files (x86)\Omiga Plus\omigaplus.exe
Task: {73D72766-0297-4938-BC8B-5107E7884500} - System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B} => Firefox.exe
Task: {8452AD8E-AFE6-48B6-B76D-C2149944B79A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {89763217-B567-4E0C-B721-FC07BFBBB721} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {8C22F9A7-AFA6-4A32-8252-8ABFC51AAB3E} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {91103D62-B0B5-4821-BB0F-DDCA09B9986D} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-06-03] (TOSHIBA CORPORATION)
Task: {9373D6B4-C920-4062-973E-4681A74227F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated)
Task: {9DB225B5-E9C1-4F26-87A7-371F5AE9E922} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {AFEE71C3-20DB-4B88-8A38-3E5479394F0C} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {B6A906E2-509A-4485-883D-4D178D297138} - System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666} => Firefox.exe
Task: {E3CC1CA0-F795-462A-938B-E525D199C031} - System32\Tasks\{C5346126-C226-40CC-9DCA-680DFB303C33} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?LastError=1638
Task: {E5F7A0EF-A657-41BA-B8E6-B576AFFC978F} - System32\Tasks\DealPly => C:\Users\SASCHA~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E998ACB3-CFD6-4FA6-8A0F-4865DCC90CDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19] (Google Inc.)
Task: {ECB0868D-49A2-41D5-A0BF-7B17F27A4DEC} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {F0613224-7154-41D7-BE6E-8D46DE0265CE} - System32\Tasks\Funmoods => C:\Users\SASCHA~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {F944E880-8176-4831-AF7F-09AC34B7A74C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-04-23 13:58 - 2010-04-23 13:58 - 03409256 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2010-04-07 16:07 - 2010-04-07 16:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 13:26 - 2009-11-03 13:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-11-16 18:31 - 2009-06-22 14:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 19:08 - 2009-03-12 19:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 16:38 - 2009-07-25 16:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-03-17 16:01 - 2010-03-17 16:01 - 00578936 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2009-10-13 10:00 - 2009-10-13 10:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-01-24 19:59 - 2011-01-24 19:59 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-02-05 17:44 - 2010-02-05 17:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-23 07:24 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:33B04540
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D287FACF
AlternateDataStreams: C:\ProgramData\TEMP:D3A96964
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/04/2014 09:18:40 AM) (Source: Application Hang) (User: )
Description: Programm Au_.exe, Version 5.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 978
Startzeit: 01cf21800984bee6
Endzeit: 16
Anwendungspfad: C:\Users\SASCHA~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
Berichts-ID:
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
System errors:
=============
Error: (02/04/2014 10:27:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (02/04/2014 10:25:53 AM) (Source: ipnathlp) (User: )
Description: 192.168.178.20192.168.137.0255.255.255.0
Error: (02/04/2014 10:25:53 AM) (Source: ipnathlp) (User: )
Description:
Error: (02/04/2014 09:05:10 AM) (Source: DCOM) (User: )
Description: {A1CC28EB-258A-4B67-BBC2-4DD5D8AF4C8F}
Error: (02/04/2014 09:04:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (02/04/2014 09:02:31 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/04/2014 09:02:31 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.
Error: (02/04/2014 09:02:12 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/04/2014 09:01:45 AM) (Source: ipnathlp) (User: )
Description: 192.168.178.20192.168.137.0255.255.255.0
Error: (02/04/2014 09:01:45 AM) (Source: ipnathlp) (User: )
Description:
Microsoft Office Sessions:
=========================
Error: (02/04/2014 09:18:40 AM) (Source: Application Hang)(User: )
Description: Au_.exe5.0.0.097801cf21800984bee616C:\Users\SASCHA~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
Error: (02/02/2014 06:56:22 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
CodeIntegrity Errors:
===================================
Date: 2014-02-04 10:37:28.232
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 10:23:33.021
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 10:13:55.720
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 09:54:45.052
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 09:35:14.723
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 08:55:18.882
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-04 08:25:42.571
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-12-03 11:55:51.609
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-12-03 11:55:51.593
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ewusbmdm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 3957.86 MB
Available physical RAM: 2091.77 MB
Total Pagefile: 7913.9 MB
Available Pagefile: 5672.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (WINDOWS) (Fixed) (Total:232.73 GB) (Free:34.04 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.64 GB) (Free:207.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C5B28EA6)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
04.02.2014, 12:30
| #2 |
| /// Malwareteam   |  Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld 
__________________ |
|
04.02.2014, 14:26
| #3 | |
| /// Malwareteam | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Hallo Sanchoss,
__________________mein Name ist Jonas und ich werde dir bei deiner Bereinigung helfen. Diese kann mit viel Arbeit für dich verbunden sein. Bevor wir anfangen können, lies bitte die Bereinigungsregeln und Hinweise:  Regeln zum Ablauf der Bereinigung
Hinweise
Zitat:
Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter cmd: type "C:\Users\SASCHA~1\AppData\Local\Temp\logger.vbs"
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Scan mit Combofix
Poste folgende Logfiles in deiner nächsten Antwort:
__________________ |
|
04.02.2014, 17:38
| #4 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Erstmal Dankeschön für Deine Hilfe Muß noch eine Logdatei von Hitman posten & den viel zu großen Combofix-Scan. Hoffe doch ich brech mir nicht die Finger  FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Sascha & Nancy (administrator) on TOSHIBA on 04-02-2014 10:41:29
Running from C:\Users\Sascha & Nancy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft) C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-03-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [ProtectedNET] - C:\Users\Sascha & Nancy\Desktop\Laufwerk\Jappy Rang + Credit Hack by JiNNy.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Run: [logger] - wscript.exe //B "C:\Users\SASCHA~1\AppData\Local\Temp\logger.vbs" <===== ATTENTION
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Run: [AppsHat] - C:\Users\Sascha & Nancy\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: F - F:\Windows\StartFreeStyle.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {03692143-0ef0-11e3-b86b-00266ca80786} - H:\OriginInstaller.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b62b-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b632-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {0cb7b65e-edd6-11e1-af14-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {16737d40-ef63-11e2-bb4d-00266ca80786} - F:\Windows\StartFreeStyle.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {25143ae8-a14c-11e0-bd9d-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {25143aee-a14c-11e0-bd9d-00266ca80786} - G:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {41b933f8-27bd-11e1-90f6-00266ca80786} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {46866801-485f-11e1-8d41-00266ca80786} - F:\LGAutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {598939d1-1d9a-11e1-bab4-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {598939d6-1d9a-11e1-bab4-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {99948c1c-26f7-11e1-b79e-00266ca80786} - F:\AutoRun.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {a9856250-36ba-11e2-947c-00266ca80786} - F:\zdata\cobi.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\MountPoints2: {f6528305-95ce-11e2-ade5-00266ca80786} - F:\setup.exe
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => File Not Found
AppInit_DLLs: c:\progra~2\movies~1\safety~1\x64\safety~2.dll => File Not Found
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\movies toolbar\safetynut\safetycrt.dll
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=1367078727
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = https://isearch.avg.com/?cid={D4128F4D-FFC4-4AD1-8D6B-8FA976F2493E}&mid=16cd0fb9c80147d1b59ad16f2a4cee75-ca2be2ccc0d80f6eca87e1d1dfbe0cd3c2f66768&lang=en&ds=ft011&pr=sa&d=2012-07-25 16:17:44&v=12.1.0.21&sap=hp
URLSearchHook: HKCU - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=7077985
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9500325AS_6VEHGAQRXXXX6VEHGAQR&ts=7077985
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {178A504F-74E0-4342-9DF2-00A4A0B137F8} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={ED33D242-60D1-11E2-B3A9-00266CA80786}
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a10918-126&apn_uid=7490831145054531&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {5319BB5F-8644-FBC1-3546-685F8AE5B160} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=430&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3205709
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - {3F7E5C68-5C60-4FB5-B191-1B04DDDE8979} URL =
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL =
SearchScopes: HKCU - {6ADFBB29-55DE-4137-996D-31FE316578AF} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyE0C0E0D0D0E0FyCyC0F0FyEzy0ByDyDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1785632500
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No File
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A5B9220D-875B-4C63-A4B1-AABF1D74E973}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default
FF Homepage: google.de
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\portaldosites.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Escamod - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\escamod@gmx.net0002.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-23]
FF Extension: Tab Mix Plus - C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-23]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
Chrome:
=======
CHR Extension: (Zoomex) - C:\Users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc [2013-01-28]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\SASCHA~1\AppData\Local\funmoods.crx [2013-01-28]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\SASCHA~1\AppData\Local\funmoods-speeddial.crx [2012-07-28]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2012-07-28]
CHR HKCU\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKCU\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Sascha & Nancy\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Users\Sascha & Nancy\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx [2012-09-05]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Sascha & Nancy\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
==================== Services (Whitelisted) =================
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [200704 2006-08-11] (InterVideo Inc.)
R2 HeimdalSecureDNS; C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [93856 2013-11-06] (Microsoft)
R2 HeimdalService; C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [132768 2013-11-06] (CSIS Security Group)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1752488 2014-02-04] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 HPSLPSVC; C:\Users\SASCHA~1\AppData\Local\Temp\7zS4921\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2014-02-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-02-25] (WinISO.com)
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S1 pmplcahk; \??\C:\Windows\system32\drivers\pmplcahk.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-04 10:41 - 2014-02-04 10:42 - 00029727 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:41 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-04 10:39 - 2014-02-04 10:40 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Downloads\FRST64.exe
2014-02-04 10:37 - 2014-02-04 10:39 - 00000490 _____ () C:\Users\Sascha & Nancy\Downloads\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 10:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:08 - 2014-02-04 09:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:41 - 2014-02-04 08:42 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:28 - 2014-02-04 08:29 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:12 - 2014-02-04 08:13 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-04 07:59 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-04 07:59 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-04 07:59 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-04 07:58 - 2014-02-04 07:59 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-01-30 12:55 - 2014-01-30 12:58 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:26 - 2014-02-02 14:21 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:22 - 2014-01-23 07:24 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-21 22:34 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-21 22:34 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-21 22:34 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-21 22:34 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-21 22:34 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-21 22:34 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-21 22:34 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-21 22:34 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-21 22:33 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-21 22:33 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-21 22:33 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-18 12:02 - 2014-02-02 16:44 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:23 - 2014-01-21 08:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 05:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:23 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:23 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:02 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-12 16:02 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-12 16:02 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-12 16:02 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-12 16:02 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-12 16:02 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-12 16:02 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-12 16:02 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-12 16:02 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-12 16:02 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-12 16:02 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-12 16:02 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-12 16:02 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-12 16:02 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-12 16:02 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-12 16:02 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-12 16:02 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-12 16:02 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-12 16:02 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-10 14:01 - 2014-01-10 14:02 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
==================== One Month Modified Files and Folders =======
2014-02-04 10:42 - 2014-02-04 10:41 - 00029727 _____ () C:\Users\Sascha & Nancy\Downloads\FRST.txt
2014-02-04 10:42 - 2012-06-13 07:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 10:41 - 2014-02-04 10:41 - 00000000 ____D () C:\FRST
2014-02-04 10:40 - 2014-02-04 10:39 - 02080256 _____ (Farbar) C:\Users\Sascha & Nancy\Downloads\FRST64.exe
2014-02-04 10:39 - 2014-02-04 10:37 - 00000490 _____ () C:\Users\Sascha & Nancy\Downloads\defogger_disable.log
2014-02-04 10:37 - 2014-02-04 10:37 - 00000000 _____ () C:\Users\Sascha & Nancy\defogger_reenable
2014-02-04 10:37 - 2011-06-09 16:52 - 00000000 ____D () C:\Users\Sascha & Nancy
2014-02-04 10:36 - 2014-02-04 10:36 - 00050477 _____ () C:\Users\Sascha & Nancy\Downloads\Defogger.exe
2014-02-04 10:33 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:33 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:31 - 2011-01-24 19:54 - 01786406 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 10:25 - 2013-10-05 18:42 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar
2014-02-04 10:25 - 2013-08-23 09:51 - 00031418 _____ () C:\Windows\setupact.log
2014-02-04 10:25 - 2013-01-12 14:07 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-04 10:25 - 2012-03-19 20:54 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 10:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 10:24 - 2013-10-05 18:43 - 00000000 ____D () C:\ProgramData\Wincert
2014-02-04 10:24 - 2011-10-21 19:25 - 00000000 ____D () C:\Program Files (x86)\BrowserCompanion
2014-02-04 10:24 - 2010-11-16 18:49 - 00806366 _____ () C:\Windows\PFRO.log
2014-02-04 10:16 - 2013-01-17 19:15 - 00000000 ____D () C:\Program Files (x86)\SweetIM
2014-02-04 10:15 - 2013-06-10 07:31 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Omiga Plus
2014-02-04 10:03 - 2014-02-04 10:03 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 10:02 - 2014-02-04 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 09:57 - 2014-02-04 09:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Sascha & Nancy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:57 - 2012-03-19 20:54 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-04 09:11 - 2011-06-10 22:52 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-04 09:10 - 2014-02-04 09:10 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml(1).msi
2014-02-04 09:10 - 2014-02-04 09:10 - 00001750 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 09:09 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 08:59 - 2014-02-04 08:59 - 00001258 _____ () C:\Windows\system32\.crusader
2014-02-04 08:59 - 2014-02-04 08:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-04 08:45 - 2014-02-04 08:45 - 02209056 _____ () C:\Users\Sascha & Nancy\Downloads\avira-eu-cleaner_de.exe
2014-02-04 08:42 - 2014-02-04 08:41 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hitmanpro_x64.exe
2014-02-04 08:37 - 2012-10-21 11:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-04 08:34 - 2011-06-09 16:55 - 00113272 _____ () C:\Users\Sascha & Nancy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-04 08:33 - 2009-07-14 05:45 - 00432024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-04 08:29 - 2014-02-04 08:29 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-02-04 08:29 - 2014-02-04 08:28 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-04 08:27 - 2014-02-04 08:27 - 04164208 _____ (CSIS Security Group) C:\Users\Sascha & Nancy\Downloads\HeimdalSetup.exe
2014-02-04 08:27 - 2014-02-04 08:27 - 00001116 _____ () C:\Users\Sascha & Nancy\Desktop\Heimdal.lnk
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\ProgramData\CSIS
2014-02-04 08:27 - 2014-02-04 08:27 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-02-04 08:26 - 2014-02-04 08:26 - 02434048 _____ () C:\Users\Sascha & Nancy\Downloads\msxml.msi
2014-02-04 08:25 - 2014-02-04 08:25 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-04 08:25 - 2010-11-16 18:52 - 00000000 ____D () C:\ProgramData\Skype
2014-02-04 08:24 - 2012-06-13 07:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 08:24 - 2012-06-13 07:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 08:24 - 2012-06-13 07:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 08:17 - 2014-02-04 08:17 - 00001036 _____ () C:\Users\Sascha & Nancy\Desktop\Secunia PSI.lnk
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 08:17 - 2014-02-04 08:17 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-02-04 08:16 - 2014-02-04 08:16 - 05329480 _____ (Secunia) C:\Users\Sascha & Nancy\Downloads\PSISetup.exe
2014-02-04 08:13 - 2014-02-04 08:13 - 00533424 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00488104 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-02-04 08:13 - 2014-02-04 08:13 - 00017416 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:13 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-04 08:13 - 2014-02-04 08:12 - 01752488 _____ (SurfRight B.V.) C:\Users\Sascha & Nancy\Desktop\hmpalert.exe
2014-02-04 07:59 - 2014-02-04 07:58 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 07:59 - 2012-06-22 11:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-04 07:55 - 2012-03-19 06:53 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-02-04 07:45 - 2014-02-04 07:45 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(2).exe
2014-02-04 07:43 - 2014-02-04 07:43 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64(1).exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-04 07:27 - 2014-02-04 07:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-04 07:27 - 2014-02-04 07:27 - 00000000 ____D () C:\Program Files\Java
2014-02-04 07:26 - 2014-02-04 07:26 - 30796712 _____ (Oracle Corporation) C:\Users\Sascha & Nancy\Downloads\jre-7u51-windows-x64.exe
2014-02-04 07:23 - 2011-06-10 08:54 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Adobe
2014-02-04 07:19 - 2013-01-21 18:38 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-04 07:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-02 16:44 - 2014-01-18 12:02 - 00012949 _____ () C:\Users\Sascha & Nancy\Documents\vordruck stundenzettel helmut.odt
2014-02-02 14:21 - 2014-01-25 12:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Para
2014-01-30 12:58 - 2014-01-30 12:55 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-01-30 12:55 - 2014-01-30 12:55 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Sascha & Nancy\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00215382 _____ () C:\Users\Sascha & Nancy\Downloads\GotClip_Setup.exe
2014-01-25 12:23 - 2014-01-25 12:23 - 00000958 _____ () C:\Users\Sascha & Nancy\Desktop\GotClip.lnk
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
2014-01-25 12:23 - 2014-01-25 12:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-01-23 07:24 - 2014-01-23 07:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 07:24 - 2014-01-23 07:22 - 00001114 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-23 07:24 - 2013-12-20 10:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-23 07:23 - 2014-01-23 07:23 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(3).exe
2014-01-23 07:23 - 2011-09-23 06:51 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla
2014-01-21 10:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-21 08:32 - 2014-01-17 17:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-21 08:31 - 2011-01-24 20:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-21 08:29 - 2014-01-21 08:29 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0(2).exe
2014-01-21 08:29 - 2011-06-09 16:52 - 00000000 ___RD () C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-21 08:29 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\ShellNew
2014-01-21 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-21 08:27 - 2009-07-14 03:34 - 00000419 _____ () C:\Windows\win.ini
2014-01-21 08:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-21 08:05 - 2014-01-21 08:05 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\OneNote-Notizbücher
2014-01-21 08:00 - 2014-01-21 08:00 - 08459768 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_3.6.28.exe
2014-01-19 08:33 - 2011-09-03 08:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 03:04 - 2014-01-19 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-17 18:44 - 2014-01-17 18:44 - 00012969 _____ () C:\Users\Sascha & Nancy\Documents\vorbruck stunden zettel.odt
2014-01-17 18:33 - 2009-07-14 18:58 - 07533032 _____ () C:\Windows\system32\perfh007.dat
2014-01-17 18:33 - 2009-07-14 18:58 - 02331660 _____ () C:\Windows\system32\perfc007.dat
2014-01-17 18:33 - 2009-07-14 06:13 - 00005422 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-17 17:27 - 2013-12-05 09:12 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Rocco
2014-01-17 17:26 - 2014-01-17 17:26 - 00000859 _____ () C:\Users\Sascha & Nancy\AppData\Local\recently-used.xbel
2014-01-17 17:26 - 2012-07-14 09:44 - 00000000 ____D () C:\Users\Sascha & Nancy\.gimp-2.8
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-15 22:20 - 2013-08-14 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:18 - 2011-06-13 14:57 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 15:25 - 2011-12-07 16:44 - 00000000 ____D () C:\Users\Sascha & Nancy\AppData\Roaming\Skype
2014-01-15 06:47 - 2012-12-27 15:26 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\Mucke
2014-01-12 19:20 - 2014-01-12 19:20 - 00283096 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox Setup Stub 26.0.exe
2014-01-12 17:16 - 2012-09-22 08:16 - 00000000 ____D () C:\Users\Sascha & Nancy\Documents\SH5
2014-01-12 17:10 - 2014-01-12 17:10 - 00002990 _____ () C:\Windows\System32\Tasks\{B82F30CA-5083-4EA4-9F77-16A1E083B57B}
2014-01-12 17:08 - 2014-01-12 17:08 - 00002990 _____ () C:\Windows\System32\Tasks\{ED49D765-0278-44F4-BBBD-548065650574}
2014-01-12 17:06 - 2014-01-12 17:06 - 00002990 _____ () C:\Windows\System32\Tasks\{FD7A06F6-B324-4C76-B750-14BCAAD9F666}
2014-01-12 16:28 - 2013-03-19 06:35 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-12 15:52 - 2012-12-28 17:07 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-01-12 15:51 - 2012-12-28 17:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-01-12 12:55 - 2013-12-02 10:33 - 00000000 ____D () C:\Program Files (x86)\Vector Magic
2014-01-12 12:55 - 2013-11-18 19:30 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-01-12 12:55 - 2010-11-16 18:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-10 14:02 - 2014-01-10 14:01 - 23867560 _____ (Mozilla) C:\Users\Sascha & Nancy\Downloads\Firefox_Setup_26.0.exe
2014-01-07 06:07 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-06 20:38 - 2013-09-04 08:43 - 00000000 ____D () C:\Users\Sascha & Nancy\Desktop\TKKG
Files to move or delete:
====================
C:\Users\Sascha & Nancy\AppData\Roaming\skype.ini
Some content of TEMP:
====================
C:\Users\Sascha & Nancy\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\Delta.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\DeltaTB.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\propsys.dll
C:\Users\Sascha & Nancy\AppData\Local\Temp\SHSetup.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\Uninstall.exe
C:\Users\Sascha & Nancy\AppData\Local\Temp\WSSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-17 05:43
==================== End Of Log ============================
Code:
ATTFilter HitmanPro 3.7.9.212
www.hitmanpro.com
Computer name . . . . : TOSHIBA
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Toshiba\Sascha & Nancy
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2014-02-04 09:36:42
Scan mode . . . . . . : Normal (cancelled by user)
Scan duration . . . . : 11s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 0
Objects scanned . . . : 26.604
Files scanned . . . . : 26.604
Remnants scanned . . : 0 files / 0 keys
Code:
ATTFilter HitmanPro 3.7.9.212
www.hitmanpro.com
Computer name . . . . : TOSHIBA
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Toshiba\Sascha & Nancy
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2014-02-04 09:19:44
Scan mode . . . . . . : Normal
Scan duration . . . . : 10m 17s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 358
Objects scanned . . . : 3.026.702
Files scanned . . . . : 73.513
Remnants scanned . . : 1.893.340 files / 1.059.849 keys
Potential Unwanted Programs _________________________________________________
C:\Program Files (x86)\Conduit\ (Conduit)
C:\Program Files (x86)\Conduit\Community Alerts\ (Conduit)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (Conduit)
Size . . . . . . . : 638.560 bytes
Age . . . . . . . : 956.7 days (2011-06-23 15:20:46)
Entropy . . . . . : 6.4
SHA-256 . . . . . : F22E58CDFE94D4A5FBBF2795A743B167ED9923E289E14654631E0077DD306C1D
Product . . . . . : Alert
Publisher . . . . : Conduit Ltd.
Description . . . : Alert
Version . . . . . : 1.1.4.1
Copyright . . . . : Copyright © Conduit Ltd. 2011.
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : -15.0
C:\Program Files (x86)\Desk 365\ (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_bkg_list.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_list.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_settings.ini (PortalDoSites)
C:\Program Files (x86)\Desk 365\process_mgr.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\promote.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\recent.xml (PortalDoSites)
C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xml (PortalDoSites)
C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml (QVO6)
C:\ProgramData\Babylon\ (Babylon)
C:\ProgramData\BitGuard\ (SpeedUpMyPC)
C:\ProgramData\BrowserProtect\ (Claro)
C:\ProgramData\eSafe\ (PortalDoSites)
C:\ProgramData\eSafe\eDelayinfo.edb (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Local\Conduit\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\Local\funmoods.crx (Funmoods)
C:\Users\Sascha & Nancy\AppData\LocalLow\BabylonToolbar\ (Babylon)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ChromeExtData\bhnjjbcnbmjmhgpliahlamecmbejpaol\Repository\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ChromeExtData\bhnjjbcnbmjmhgpliahlamecmbejpaol\Repository\toolbar_initializing_logger.txt (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Delta\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchquband\ (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\ (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\dtx.ini (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\geoip.xml (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\guid.dat (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\preferences.dat (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\setupCfg.xml (SearchQU)
C:\Users\Sascha & Nancy\AppData\Roaming\Babylon\ (Babylon)
C:\Users\Sascha & Nancy\AppData\Roaming\Babylon\log_file.txt (Babylon)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\config.dat (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\angrybirds.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\Gmail.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\Gmail.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\Outlook.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\Outlook.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ESPN.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ESPN.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\BigFarm.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\gcalendar.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\pulse.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\pulse.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\Empire.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\Empire.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\components\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe (PortalDoSites)
Size . . . . . . . : 10.434.864 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:05:44)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0026D229EC08FD46A98269FA6BEC07E55E323B0812E2287DEA83293CD99A6A5C
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 2.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg_list.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_list.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_settings.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ConvertAVItoMP4_3608c453f63ef0987ec1af2784c0b2a3.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ConvertAVItoMP4_3608c453f63ef0987ec1af2784c0b2a3_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ESPN_a7b078f5f5f5b87efcef66ab5783cf9d_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_05920328ebb21254e7e74f9235dcff5f.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_05920328ebb21254e7e74f9235dcff5f_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\gcalendar_50b3e3c5fc202f0cfcae8032b2465c1b_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Google_60d75cb277f0c452fa60dba8350caf65_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_04815d8e8fa226b85855f4c5067ec336.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_04815d8e8fa226b85855f4c5067ec336_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iTunesIco_4fda50dc1c67cf69c2e2a4c919836dca.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iTunesIco_4fda50dc1c67cf69c2e2a4c919836dca_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\MediaMonkey_64ddd89894c1d19b439529d39b222e2a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\MediaMonkey_64ddd89894c1d19b439529d39b222e2a_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\pulse_b5a242da04cc06eacd02b1ca41e3583c_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_computer_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_control_panel_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_control_panel_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_downloads_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_my_documents_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_my_documents_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\process_mgr.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\337.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\barbie.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\computer_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\control_panel_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\facebook.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\facebook_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\GameCenter.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\google.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\google_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Google_60d75cb277f0c452fa60dba8350caf65.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\mario.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\my_document_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\twitter.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\twitter_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\v9.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\youtube.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\youtube_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\replacegc (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_104.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_107.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_175.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\shell32.dll_21.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.10.15.exe (PortalDoSites)
Size . . . . . . . : 3.063.376 bytes
Age . . . . . . . : 273.2 days (2013-05-07 04:25:13)
Entropy . . . . . : 8.0
SHA-256 . . . . . : C69BDB7644772F0F29E3CE9E83217FCFA02AFCD200DA0BFD3ADDADC51D403557
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.10.15.6766
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.11.16.exe (PortalDoSites)
Size . . . . . . . : 3.609.168 bytes
Age . . . . . . . : 271.6 days (2013-05-08 18:22:24)
Entropy . . . . . : 8.0
SHA-256 . . . . . : B903D5152DA2C72E82751061A116224C8794B0BBDFF2B8FB7C53C005F32A6AE3
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.11.16.6883
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.12.16.exe (PortalDoSites)
Size . . . . . . . : 3.269.200 bytes
Age . . . . . . . : 241.2 days (2013-06-08 03:57:56)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 4F5555D62A8D66C986AE84EE8BAD09EEE3F773597B4CC19EB152F70C43FA93B1
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.12.16.7354
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.9.6.exe (PortalDoSites)
Size . . . . . . . : 3.055.184 bytes
Age . . . . . . . : 274.2 days (2013-05-06 04:14:15)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 733DAD37B2B775030EFF13D5D13337B42107C6336E7AE4356E2141E34560D839
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.9.6.6497
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r0.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r1.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r2.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r3.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r4.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r5.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r6.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r7.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r8.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r9.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\dp.exe (PortalDoSites)
Size . . . . . . . : 847.352 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 520D61A009E6B75030E7621B58F1A88B0A60F043BB0A903D25AAB8DEBAD07E9C
Product . . . . . : DealPly
Publisher . . . . : DealPly Technologies Ltd.
Description . . . : DealPly
Version . . . . . : 4.8.6.3
Copyright . . . . : Copyright © 2013 DealPly Technologies Ltd
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\eXQ.exe (PortalDoSites)
Size . . . . . . . : 698.424 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 6.5
SHA-256 . . . . . : A0BAA3EBE4FA2E4CF3112D136C7ADD22E0B1531FAC5830A0A78D16A12B5A808A
Product . . . . . : eXQ Control
Publisher . . . . : eXQ Co., Ltd.
Description . . . : eXQ Control 1.0.2.2379
Version . . . . . : 1.0.2.2379
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -7.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\QType_setup_last_version.exe (PortalDoSites)
Size . . . . . . . : 8.189.816 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 8.0
SHA-256 . . . . . : A47C2B4D99AE44E938D56DAC238F0EB2F5BC9B613782593CE58CD5DFFB698F41
Product . . . . . : QType
Description . . . : Quickly type(english) 1.2.0.182
Version . . . . . : 1.2.0.182
Copyright . . . . : Copyright (C) 2012-2013,Bejing Elex Technology Co.,Ltd.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -3.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\dp.exe (PortalDoSites)
Size . . . . . . . : 847.352 bytes
Age . . . . . . . : 250.9 days (2013-05-29 12:15:00)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 520D61A009E6B75030E7621B58F1A88B0A60F043BB0A903D25AAB8DEBAD07E9C
Product . . . . . : DealPly
Publisher . . . . : DealPly Technologies Ltd.
Description . . . : DealPly
Version . . . . . : 4.8.6.3
Copyright . . . . : Copyright © 2013 DealPly Technologies Ltd
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\eXQ.exe (PortalDoSites)
Size . . . . . . . : 610.304 bytes
Age . . . . . . . : 250.9 days (2013-05-29 12:15:00)
Entropy . . . . . : 6.7
SHA-256 . . . . . : C9915799894DC8383356890E2085E0316FB454C18376E9BCD14557215FF365AE
Fuzzy . . . . . . : 6.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\WinZipper.exe (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\Desk365.exe (PortalDoSites)
Size . . . . . . . : 4.179.024 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 8.0
SHA-256 . . . . . : EFBB2A1C46511EEFCF1C1868BA055690DB6124FB9CFA1CD1752D405ECB997752
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.10.15.6766
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\eXQ.exe (PortalDoSites)
Size . . . . . . . : 691.256 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 6A5E4B1880081AD2C2D4436F63FF51A461A5D2A05182AF35E8DDB3EA19853B30
Product . . . . . : eXQ Control
Publisher . . . . : eXQ Co., Ltd.
Description . . . : eXQ Control 1.0.2.2219
Version . . . . . : 1.0.2.2219
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -7.0
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\ (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\UpdateProc\ (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\UpdateProc\gup_dt.dat (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\5472.ico (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\DeltaTB.exe (Conduit)
Size . . . . . . . : 773.104 bytes
Age . . . . . . . : 308.9 days (2013-04-01 12:20:10)
Entropy . . . . . : 8.0
SHA-256 . . . . . : E4F1009192F163AACAFC3AC23F3FBCE358122040A5DBF99B86C9F4CAC9809ECC
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 7.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\EBB77268-338F-4C6A-8590-AD88FED26F4A (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\OCBrowserHelper_1.0.5.112.dll (Conduit)
Size . . . . . . . : 433.448 bytes
Age . . . . . . . : 308.9 days (2013-04-01 12:20:10)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0A81DF9C6C3D5754ABF518599552ECBE56224FF74F6A731896B259602D68DC75
Product . . . . . : OpenCandy Install Helper
Publisher . . . . : OpenCandy
Description . . . : OpenCandy Install Helper
Version . . . . . : 1.0.0.2
Copyright . . . . : (c) 2011 OpenCandy. All rights reserved.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\5375.ico (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\conduitinstaller.exe (Conduit)
Size . . . . . . . : 222.384 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:49)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 06C28E552761E40B584BD1C6A661AEE55336444AAB80034D3A1069AD31A72D3A
Publisher . . . . : Conduit
Version . . . . . : 5.5.1.14
Copyright . . . . : Conduit Ltd.
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\ConduitRBCB_p1v1.exe (Conduit)
Size . . . . . . . : 685.400 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:43)
Entropy . . . . . : 8.0
SHA-256 . . . . . : F35CF861C7729350E774599279FF314999AD600BE1FD658EDDBFF3BAD9DC10D5
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 7.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\EBB77268-338F-4C6A-8590-AD88FED26F4A (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\OCBrowserHelper_1.0.5.112.dll (Conduit)
Size . . . . . . . : 433.448 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:49)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0A81DF9C6C3D5754ABF518599552ECBE56224FF74F6A731896B259602D68DC75
Product . . . . . : OpenCandy Install Helper
Publisher . . . . : OpenCandy
Description . . . : OpenCandy Install Helper
Version . . . . . : 1.0.0.2
Copyright . . . . : (c) 2011 OpenCandy. All rights reserved.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
HKLM\SOFTWARE\Classes\AppID\BrowserConnection.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\DnsBHO.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1\ (SearchQU)
HKLM\SOFTWARE\Classes\BrowserConnection.Loader\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}\ (SearchQU)
HKLM\SOFTWARE\Classes\DnsBHO.BHO.1\ (SearchQU)
HKLM\SOFTWARE\Classes\DnsBHO.BHO\ (SearchQU)
HKLM\SOFTWARE\Classes\f\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.dskBnd.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.dskBnd\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoodsApp.appCore\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}\ (SearchQU)
HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}\ (SearchQU)
HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}\ (Funmoods)
HKLM\SOFTWARE\Classes\Prod.cap\ (Claro)
HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player)
HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\ (SearchQU)
HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}\ (Funmoods)
HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\BrowserConnection.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\DnsBHO.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}\ (Rocketfuel)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}\ (SearchQU)
HKLM\SOFTWARE\DataMngr\ (SearchQU)
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} (FLV Player)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player)
HKLM\SOFTWARE\Wow6432Node\Babylon\ (Babylon)
HKLM\SOFTWARE\Wow6432Node\babylontoolbar\ (Babylon)
HKLM\SOFTWARE\Wow6432Node\Conduit\ (Rocketfuel)
HKLM\SOFTWARE\Wow6432Node\DataMngr\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Delta\ (SpeedUpMyPC)
HKLM\SOFTWARE\Wow6432Node\deskSvc\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\hdcode\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} (FLV Player)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\portaldositesSoftware\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\qvo6Software\ (QVO6)
HKLM\SOFTWARE\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}\ (FLV Player)
HKLM\SYSTEM\ControlSet001\services\eventlog\Application\desksvc\ (PortalDoSites)
HKLM\SYSTEM\ControlSet002\services\eventlog\Application\desksvc\ (PortalDoSites)
HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\desksvc\ (PortalDoSites)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\AppDataLow\Software\Smartbar\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\BabSolution\ (SpeedUpMyPC)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Blabbers\ (Blabbers)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Conduit\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Datamngr\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\DataMngr_Toolbar\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\delta LTD\ (Delta Search)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Delta\ (SpeedUpMyPC)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Funmoods\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0},\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ (Yontoo)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Smartbar\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Softonic\ (Softonic)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
|
|
04.02.2014, 18:02
| #5 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking Den Scan von Combofix muß ich wohl in 4-5 postings abliefern... Code:
ATTFilter HitmanPro 3.7.9.212
www.hitmanpro.com
Computer name . . . . : TOSHIBA
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Toshiba\Sascha & Nancy
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2014-02-04 08:43:00
Scan mode . . . . . . : Normal
Scan duration . . . . : 10m 14s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes
Threats . . . . . . . : 5
Traces . . . . . . . : 391
Objects scanned . . . : 3.017.049
Files scanned . . . . : 73.344
Remnants scanned . . : 1.884.795 files / 1.058.910 keys
Malware _____________________________________________________________________
C:\ProgramData\InstallMate\{17A65193-2086-406B-A280-68A4CC457365}\_Setupx.dll -> Quarantined
Size . . . . . . . : 58.368 bytes
Age . . . . . . . : 372.0 days (2013-01-28 09:42:51)
Entropy . . . . . : 6.4
SHA-256 . . . . . : 75585E46CDD212C0341EB2363B5DF105D3783407DAC4BC52946DE8E70791431A
> Kaspersky . . . . : not-a-virus:HEUR:Downloader.Win32.AdLoad.u
Fuzzy . . . . . . : 98.0
C:\Users\Sascha & Nancy\AppData\Local\Temp\OptimizerPro.exe -> Quarantined
Size . . . . . . . : 5.807.696 bytes
Age . . . . . . . : 121.6 days (2013-10-05 18:42:22)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 6656A02E13BB770B8410AAF1E4D605253625F7A6435B4EC8D1F0E4843DF49A17
Product
Publisher
Description
Version . . . . . : 3.0.1.0
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Bitdefender . . . : Application.OptimizerPro.A
Fuzzy . . . . . . : 99.0
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe -> Quarantined
Size . . . . . . . : 93.728 bytes
Age . . . . . . . : 274.0 days (2013-05-06 08:44:02)
Entropy . . . . . : 6.5
SHA-256 . . . . . : FBE35B275676164D6771087FCA59AFF7CA667647FAB1EE466C94ED00AEFDA455
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Bitdefender . . . : Adware.DealPly.H
Fuzzy . . . . . . : 99.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\eGdpSvc.exe -> Quarantined
Size . . . . . . . : 969.280 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 7.9
SHA-256 . . . . . : A2CE3C318D4280281E2B5E029FAB980470CF88D2D17274B01B83FEDFE09A41D0
Product . . . . . : eSafe Security Control
Publisher . . . . : eSafe Security Co., Ltd.
Description . . . : eSafe Security Control 1.0.0.1982
Version . . . . . : 1.0.0.1982
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : Trojan.Win32.Staser.fv
Fuzzy . . . . . . : 101.0
C:\Users\Sascha & Nancy\Downloads\FLVPlayerSetup-8MayreM.exe -> PendingDelete
Size . . . . . . . : 167.440 bytes
Age . . . . . . . : 155.7 days (2013-09-01 15:12:47)
Entropy . . . . . : 7.6
SHA-256 . . . . . : B0C60CDCDBA53DA637410EB9F6DF74E4E18B343E1BF8417D46B9B5DB9C2CDD55
Product
Publisher
Description . . . : Powered by BetterInstaller
Version . . . . . : 2.1.0.0
Copyright
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.NSIS.Agent.aq
Fuzzy . . . . . . : 104.0
Potential Unwanted Programs _________________________________________________
C:\Program Files (x86)\Conduit\ (Conduit)
C:\Program Files (x86)\Conduit\Community Alerts\ (Conduit)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (Conduit)
Size . . . . . . . : 638.560 bytes
Age . . . . . . . : 956.7 days (2011-06-23 15:20:46)
Entropy . . . . . : 6.4
SHA-256 . . . . . : F22E58CDFE94D4A5FBBF2795A743B167ED9923E289E14654631E0077DD306C1D
Product . . . . . : Alert
Publisher . . . . : Conduit Ltd.
Description . . . : Alert
Version . . . . . : 1.1.4.1
Copyright . . . . : Copyright © Conduit Ltd. 2011.
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : -15.0
C:\Program Files (x86)\Desk 365\ (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_bkg_list.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_list.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\desk_settings.ini (PortalDoSites)
C:\Program Files (x86)\Desk 365\process_mgr.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\promote.xml (PortalDoSites)
C:\Program Files (x86)\Desk 365\recent.xml (PortalDoSites)
C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xml (PortalDoSites)
C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml (QVO6)
C:\ProgramData\Babylon\ (Babylon)
C:\ProgramData\BitGuard\ (SpeedUpMyPC)
C:\ProgramData\BrowserProtect\ (Claro)
C:\ProgramData\eSafe\ (PortalDoSites)
C:\ProgramData\eSafe\eDelayinfo.edb (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Local\Conduit\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\Local\funmoods.crx (Funmoods)
C:\Users\Sascha & Nancy\AppData\LocalLow\BabylonToolbar\ (Babylon)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ChromeExtData\bhnjjbcnbmjmhgpliahlamecmbejpaol\Repository\ (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Conduit\ChromeExtData\bhnjjbcnbmjmhgpliahlamecmbejpaol\Repository\toolbar_initializing_logger.txt (Rocketfuel)
C:\Users\Sascha & Nancy\AppData\LocalLow\Delta\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchquband\ (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\ (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\dtx.ini (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\geoip.xml (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\guid.dat (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\preferences.dat (SearchQU)
C:\Users\Sascha & Nancy\AppData\LocalLow\searchqutoolbar\setupCfg.xml (SearchQU)
C:\Users\Sascha & Nancy\AppData\Roaming\Babylon\ (Babylon)
C:\Users\Sascha & Nancy\AppData\Roaming\Babylon\log_file.txt (Babylon)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\ (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\DealPly\UpdateProc\config.dat (Delta Search)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\angrybirds.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\Gmail.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\35\Gmail.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\Outlook.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\36\Outlook.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ESPN.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\39\ESPN.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\BigFarm.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\gcalendar.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\pulse.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\42\pulse.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\Empire.db (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\app\config\4\Empire.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\components\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe (PortalDoSites)
Size . . . . . . . : 10.434.864 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:05:44)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0026D229EC08FD46A98269FA6BEC07E55E323B0812E2287DEA83293CD99A6A5C
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 2.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_bkg_list.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_list.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\desk_settings.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ConvertAVItoMP4_3608c453f63ef0987ec1af2784c0b2a3.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ConvertAVItoMP4_3608c453f63ef0987ec1af2784c0b2a3_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\ESPN_a7b078f5f5f5b87efcef66ab5783cf9d_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_05920328ebb21254e7e74f9235dcff5f.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_05920328ebb21254e7e74f9235dcff5f_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\firefox_7a7e18781cff0eca0a115cd4e753c9c1_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\gcalendar_50b3e3c5fc202f0cfcae8032b2465c1b_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Google_60d75cb277f0c452fa60dba8350caf65_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_04815d8e8fa226b85855f4c5067ec336.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_04815d8e8fa226b85855f4c5067ec336_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iexplore_858d7f06fb945f0fb1cc0c4681238de7_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iTunesIco_4fda50dc1c67cf69c2e2a4c919836dca.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\iTunesIco_4fda50dc1c67cf69c2e2a4c919836dca_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\MediaMonkey_64ddd89894c1d19b439529d39b222e2a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\MediaMonkey_64ddd89894c1d19b439529d39b222e2a_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\pulse_b5a242da04cc06eacd02b1ca41e3583c_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_computer_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_control_panel_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_control_panel_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_downloads_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_my_documents_20_20.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\sys_my_documents_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\process_mgr.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote.xml (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\337.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\barbie.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\computer_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\control_panel_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\facebook.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\facebook_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\GameCenter.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\google.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\google_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Google_60d75cb277f0c452fa60dba8350caf65.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\mario.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\my_document_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\twitter.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\twitter_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\v9.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\youtube.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\youtube_32_32.png (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\replacegc (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_104.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_107.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\imageres.dll_175.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\sysicons\shell32.dll_21.ico (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.10.15.exe (PortalDoSites)
Size . . . . . . . : 3.063.376 bytes
Age . . . . . . . : 273.2 days (2013-05-07 04:25:13)
Entropy . . . . . : 8.0
SHA-256 . . . . . : C69BDB7644772F0F29E3CE9E83217FCFA02AFCD200DA0BFD3ADDADC51D403557
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.10.15.6766
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.11.16.exe (PortalDoSites)
Size . . . . . . . : 3.609.168 bytes
Age . . . . . . . : 271.6 days (2013-05-08 18:22:24)
Entropy . . . . . : 8.0
SHA-256 . . . . . : B903D5152DA2C72E82751061A116224C8794B0BBDFF2B8FB7C53C005F32A6AE3
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.11.16.6883
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.12.16.exe (PortalDoSites)
Size . . . . . . . : 3.269.200 bytes
Age . . . . . . . : 241.2 days (2013-06-08 03:57:56)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 4F5555D62A8D66C986AE84EE8BAD09EEE3F773597B4CC19EB152F70C43FA93B1
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.12.16.7354
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\update\desk365_update_v1.9.6.exe (PortalDoSites)
Size . . . . . . . : 3.055.184 bytes
Age . . . . . . . : 274.2 days (2013-05-06 04:14:15)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 733DAD37B2B775030EFF13D5D13337B42107C6336E7AE4356E2141E34560D839
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.9.6.6497
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r0.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r1.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r2.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r3.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r4.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r5.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r6.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r7.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r8.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\Desk 365\wp\r9.jpg (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\dp.exe (PortalDoSites)
Size . . . . . . . : 847.352 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 520D61A009E6B75030E7621B58F1A88B0A60F043BB0A903D25AAB8DEBAD07E9C
Product . . . . . : DealPly
Publisher . . . . : DealPly Technologies Ltd.
Description . . . : DealPly
Version . . . . . : 4.8.6.3
Copyright . . . . : Copyright © 2013 DealPly Technologies Ltd
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\eXQ.exe (PortalDoSites)
Size . . . . . . . : 698.424 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 6.5
SHA-256 . . . . . : A0BAA3EBE4FA2E4CF3112D136C7ADD22E0B1531FAC5830A0A78D16A12B5A808A
Product . . . . . : eXQ Control
Publisher . . . . : eXQ Co., Ltd.
Description . . . : eXQ Control 1.0.2.2379
Version . . . . . : 1.0.2.2379
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -7.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\2F0B23A3A3B2467f83747716F5925B00\QType_setup_last_version.exe (PortalDoSites)
Size . . . . . . . : 8.189.816 bytes
Age . . . . . . . : 274.1 days (2013-05-06 07:13:29)
Entropy . . . . . : 8.0
SHA-256 . . . . . : A47C2B4D99AE44E938D56DAC238F0EB2F5BC9B613782593CE58CD5DFFB698F41
Product . . . . . : QType
Description . . . : Quickly type(english) 1.2.0.182
Version . . . . . : 1.2.0.182
Copyright . . . . : Copyright (C) 2012-2013,Bejing Elex Technology Co.,Ltd.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -3.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\dp.exe (PortalDoSites)
Size . . . . . . . : 847.352 bytes
Age . . . . . . . : 250.9 days (2013-05-29 12:15:00)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 520D61A009E6B75030E7621B58F1A88B0A60F043BB0A903D25AAB8DEBAD07E9C
Product . . . . . : DealPly
Publisher . . . . : DealPly Technologies Ltd.
Description . . . : DealPly
Version . . . . . : 4.8.6.3
Copyright . . . . : Copyright © 2013 DealPly Technologies Ltd
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\eXQ.exe (PortalDoSites)
Size . . . . . . . : 610.304 bytes
Age . . . . . . . : 250.9 days (2013-05-29 12:15:00)
Entropy . . . . . : 6.7
SHA-256 . . . . . : C9915799894DC8383356890E2085E0316FB454C18376E9BCD14557215FF365AE
Fuzzy . . . . . . : 6.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\B8FF3927FB7048e09F5B1204BDD93EE1\WinZipper.exe (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\ (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\Config.ini (PortalDoSites)
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\Desk365.exe (PortalDoSites)
Size . . . . . . . : 4.179.024 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 8.0
SHA-256 . . . . . : EFBB2A1C46511EEFCF1C1868BA055690DB6124FB9CFA1CD1752D405ECB997752
Product . . . . . : TODO: <Product name>
Publisher . . . . : 337 Technology Limited.
Description . . . : TODO: <File description>
Version . . . . . : 1.10.15.6766
Copyright . . . . : Copyright (C) 2012
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 3.0
C:\Users\Sascha & Nancy\AppData\Roaming\eIntaller\C6C58F04DF6640d59CAC57B441AEBB9F\eXQ.exe (PortalDoSites)
Size . . . . . . . : 691.256 bytes
Age . . . . . . . : 282.7 days (2013-04-27 17:03:03)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 6A5E4B1880081AD2C2D4436F63FF51A461A5D2A05182AF35E8DDB3EA19853B30
Product . . . . . : eXQ Control
Publisher . . . . : eXQ Co., Ltd.
Description . . . : eXQ Control 1.0.2.2219
Version . . . . . : 1.0.2.2219
Copyright . . . . : Copyright (C) 2013
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : -7.0
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\ (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\UpdateProc\ (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\Funmoods\UpdateProc\gup_dt.dat (Funmoods)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\5472.ico (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\DeltaTB.exe (Conduit)
Size . . . . . . . : 773.104 bytes
Age . . . . . . . : 308.8 days (2013-04-01 12:20:10)
Entropy . . . . . : 8.0
SHA-256 . . . . . : E4F1009192F163AACAFC3AC23F3FBCE358122040A5DBF99B86C9F4CAC9809ECC
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 7.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\EBB77268-338F-4C6A-8590-AD88FED26F4A (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\62653D7FC23A4ECB8416F70B1A618CB9\OCBrowserHelper_1.0.5.112.dll (Conduit)
Size . . . . . . . : 433.448 bytes
Age . . . . . . . : 308.8 days (2013-04-01 12:20:10)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0A81DF9C6C3D5754ABF518599552ECBE56224FF74F6A731896B259602D68DC75
Product . . . . . : OpenCandy Install Helper
Publisher . . . . : OpenCandy
Description . . . : OpenCandy Install Helper
Version . . . . . : 1.0.0.2
Copyright . . . . : (c) 2011 OpenCandy. All rights reserved.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\ (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\5375.ico (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\conduitinstaller.exe (Conduit)
Size . . . . . . . : 222.384 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:49)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 06C28E552761E40B584BD1C6A661AEE55336444AAB80034D3A1069AD31A72D3A
Publisher . . . . : Conduit
Version . . . . . : 5.5.1.14
Copyright . . . . : Conduit Ltd.
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\ConduitRBCB_p1v1.exe (Conduit)
Size . . . . . . . : 685.400 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:43)
Entropy . . . . . : 8.0
SHA-256 . . . . . : F35CF861C7729350E774599279FF314999AD600BE1FD658EDDBFF3BAD9DC10D5
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 7.0
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\EBB77268-338F-4C6A-8590-AD88FED26F4A (Conduit)
C:\Users\Sascha & Nancy\AppData\Roaming\OpenCandy\A353D94D451F4BAAA10F8EA2F7B82C2B\OCBrowserHelper_1.0.5.112.dll (Conduit)
Size . . . . . . . : 433.448 bytes
Age . . . . . . . : 330.0 days (2013-03-11 08:44:49)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 0A81DF9C6C3D5754ABF518599552ECBE56224FF74F6A731896B259602D68DC75
Product . . . . . : OpenCandy Install Helper
Publisher . . . . : OpenCandy
Description . . . : OpenCandy Install Helper
Version . . . . . : 1.0.0.2
Copyright . . . . : (c) 2011 OpenCandy. All rights reserved.
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 1.0
HKLM\SOFTWARE\Classes\AppID\BrowserConnection.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\DnsBHO.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1\ (SearchQU)
HKLM\SOFTWARE\Classes\BrowserConnection.Loader\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}\ (SearchQU)
HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}\ (SearchQU)
HKLM\SOFTWARE\Classes\DnsBHO.BHO.1\ (SearchQU)
HKLM\SOFTWARE\Classes\DnsBHO.BHO\ (SearchQU)
HKLM\SOFTWARE\Classes\f\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.dskBnd.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.dskBnd\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1\ (Funmoods)
HKLM\SOFTWARE\Classes\funmoodsApp.appCore\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}\ (SearchQU)
HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}\ (SearchQU)
HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ (Funmoods)
HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}\ (Funmoods)
HKLM\SOFTWARE\Classes\Prod.cap\ (Claro)
HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player)
HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player)
HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\ (SearchQU)
HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}\ (Funmoods)
HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\ (SearchQU)
HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\BrowserConnection.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\DnsBHO.DLL\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}\ (Rocketfuel)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}\ (Funmoods)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\ (SearchQU)
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}\ (SearchQU)
HKLM\SOFTWARE\DataMngr\ (SearchQU)
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} (FLV Player)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player)
HKLM\SOFTWARE\Wow6432Node\Babylon\ (Babylon)
HKLM\SOFTWARE\Wow6432Node\babylontoolbar\ (Babylon)
HKLM\SOFTWARE\Wow6432Node\Conduit\ (Rocketfuel)
HKLM\SOFTWARE\Wow6432Node\DataMngr\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Delta\ (SpeedUpMyPC)
HKLM\SOFTWARE\Wow6432Node\deskSvc\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\hdcode\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} (FLV Player)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ (SearchQU)
HKLM\SOFTWARE\Wow6432Node\portaldositesSoftware\ (PortalDoSites)
HKLM\SOFTWARE\Wow6432Node\qvo6Software\ (QVO6)
HKLM\SOFTWARE\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}\ (FLV Player)
HKLM\SYSTEM\ControlSet001\services\eventlog\Application\desksvc\ (PortalDoSites)
HKLM\SYSTEM\ControlSet002\services\eventlog\Application\desksvc\ (PortalDoSites)
HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\desksvc\ (PortalDoSites)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\AppDataLow\Software\Smartbar\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\BabSolution\ (SpeedUpMyPC)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Blabbers\ (Blabbers)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Conduit\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Datamngr\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\DataMngr_Toolbar\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\delta LTD\ (Delta Search)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Delta\ (SpeedUpMyPC)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Funmoods\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0},\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ (Funmoods)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}\ (SearchQU)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ (Yontoo)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Smartbar\ (Conduit)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Softonic\ (Softonic)
HKU\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
Cookies _____________________________________________________________________
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\30RUCLMJ.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\B3CW2I4L.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\BGFX3H42.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\CHV900MU.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\D8WE7DM9.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\IP8P5SQD.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\LJZ8DE8F.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\Q2GPC0AQ.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\QI5GMA44.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\R1BCH5L3.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Cookies\X0NL0LI6.txt
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:ad.zanox.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:apmebf.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:de.sitestat.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:deutschepostag.112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:doubleclick.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:emjcd.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:mediaplex.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:oracle.112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:paypal.112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:rakuten.112.2o7.net
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:statcounter.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:stats.paypal.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:www.etracker.de
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:www.googleadservices.com
C:\Users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\cookies.sqlite:xiti.com
Code:
ATTFilter ComboFix 14-02-03.01 - Sascha & Nancy 04.02.2014 14:54:21.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3958.1475 [GMT 1:00]
ausgeführt von:: c:\users\Sascha & Nancy\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\sqlite3.dll
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_1
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_2
c:\programdata\TOSHIBA
c:\programdata\TOSHIBA\C11DACE4-A272-487e-83EB-32BF198C5E5D\dat0.bin
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dckev
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.mck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile-CMSM.txt
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile.txt
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def-V.dck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dckev
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.mck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database.dat
c:\programdata\TOSHIBA\SmartFaceV\FaceRecogLog\FaceRecogLog
c:\programdata\TOSHIBA\SmartFaceV\SmartFaceVCam.ini
c:\programdata\TOSHIBA\SmartFaceV\SmartFaceVSetting.ini
c:\programdata\TOSHIBA\SmartFaceV\SmartFaceVWatcher.ini
c:\programdata\TOSHIBA\SmartFaceV\Users\userdata.dat
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\51063fafda1a49.26654052.js
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\background.html
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\content.js
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\lsdb.js
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\manifest.json
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofdfekbgmpkihbinibfegfabgdkffhc\1\sqlite.js
c:\users\Sascha & Nancy\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Sascha & Nancy\AppData\Roaming\337
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\ebase.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\app_close.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\app_max.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\app_min.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\app_restore.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\wallpaper_resource.xml
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\image\default\window.png
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\en_us\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\es_es\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\pt_br\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\tr_tr\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\language\zh_tw\wallpaper_lang.ini
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\layout\default\dp_appwnd.xml
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\layout\default\msgbox.xml
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\libpng.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\main
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\msvcp100.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\msvcr100.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\ouilibnl.dll
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\plusapp.exe
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\style\wallpaper_style.xml
c:\users\Sascha & Nancy\AppData\Roaming\337\337 Wallpaper\TrayDownloader.exe
c:\users\Sascha & Nancy\AppData\Roaming\Koala
c:\users\Sascha & Nancy\AppData\Roaming\Koala\config.xml
c:\users\Sascha & Nancy\AppData\Roaming\Koala\eula
c:\users\Sascha & Nancy\AppData\Roaming\Microsoft\Windows\Templates\NVE-3.1.0.25_no_yt.exe
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml.bak
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml.bak
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\Board.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\board1.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c110.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c20.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c50.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r4_c70.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c100.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c40.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\Help_Top000000.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Boards\IMG_2866000000.jpg
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\BulletinBoardLog.txt
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\GettingStartedData.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\screenshot.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml.bak
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\Share.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\BulletinBoard\ToshibaBoardSettings.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\1394Test.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\1394Test.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cddrivetest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cddrivetest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\chkpc.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\chkpc.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\cputest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\dialtonetest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\dialtonetest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\DISPLAYTest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\DISPLAYTest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\disptest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\fddtest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\fddtest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\hddrivetest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\hddrivetest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\Logs\Test Bericht
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\memtest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\MODEMTest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\MODEMTest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\NETTest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\NETTest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\PCMCIATest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\PCMCIATest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\USBTest.csv
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\USBTest.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbeminfo.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbemQFE.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\pcdiag\v3.0\wbemSoundDev.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUAppData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUFileData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\Exception.log
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUAppData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUFileData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTime.setting.xml
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\012cb269-5017-48fb-b82c-eeab139e9d64.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\01eb3b9d-e085-408d-bbdc-6af0bc01e190.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0485ee96-7b3d-44a3-ab34-bddd06c33d04.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\05981274-02e9-43c9-804d-a378cd782218.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\07ea537f-38b9-4432-bdbd-de6ff53197c2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0825ad34-c619-4f95-abad-62473cc5ff86.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\08fc6404-d0ed-41e1-b16c-157bbf979885.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0be73a9d-1ec3-4db5-9f88-5115c8567fff.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0ce5d205-74a5-4549-a6a5-f0403d76623f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0dd911bf-b1e6-490e-927c-137bf1c1a6ad.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e2b30bf-22a6-44ae-9098-8c6249be82aa.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e2fc6f2-dca0-494f-81f4-10f9d365d923.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\0e73cd29-8a5c-4fbc-b64e-205a311a4813.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\105c0a19-ba43-4598-b77d-48789615371e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\10a586d2-86d4-43be-ac7c-06dff5e0b4c1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\116582cf-ea86-41ad-9df7-a8a073a807d6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11b562ec-7258-4d29-9c97-ab6c70960f25.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11b7581e-c973-481a-8de1-3ff4fdf069f6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\11c0388e-a02f-424c-af50-e4e190ae27ed.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1258f620-b02b-49fe-b64a-f35609087239.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\13714d91-9b7d-4735-9a26-a081bc0ee8bc.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\13e0a46b-49e3-4a95-a025-8ceaecdc565c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\15fcb673-6ca6-439e-b9d4-4b8f3c4e5b57.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\166276f3-8a98-4cd5-b5b8-bb6d6548907f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1713f213-3eb2-4f83-a3ea-87ab8c47f3f2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1c40bc9a-7284-4c79-9936-b3b2e8209dc4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1e0d2d7a-d7ad-4872-8e53-fda478502f7f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1f4edc29-b9d5-4ab1-9911-759792c91fd2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\1f8b7a2d-d7e4-4034-a92b-21189d4b785c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\22252cd3-4ce5-466f-a66c-06bcb01dc296.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\234325f3-8e02-4fe6-8d3d-9af16fa146d3.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\236bf208-da64-4672-907b-f9f27e3d53ec.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\23e085c3-3685-49c6-9aef-e0a68a9e8dc6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\24895d38-8ad8-4fdb-8d1d-f82b0dd3e216.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26295d27-9c29-449d-a0f6-d08ab019a412.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26588f0b-5dc5-44d3-933a-aca16bed0833.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\26657709-5e90-4462-8b34-2e4a37e45c4b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\27c6038b-aa8d-4c8a-ad23-14815fd828b8.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2847a211-a1ab-48f6-9904-3cd2bbb2a490.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\28f64a7f-4bc6-4aee-88ff-5286789156ad.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2a31e9d9-6080-470b-8ad4-9eca7d913838.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2adb8040-567c-4bac-adf6-4c01ecb0e731.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2aeb2214-3a0f-4918-b323-0e14effe82bb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2bc7b66f-7897-4641-ab0c-af666d82ee82.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2be17cf1-7d4d-4ff6-bfc1-4261fa46c731.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2e56b539-734b-424f-b0db-1222258c8aae.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\2f1f3fa4-2ba6-4d65-8286-c1dbb6445b16.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\307daf94-dc71-468a-ae2d-e43ff2d606f1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\31a35f6c-38aa-4c94-8635-8bcade248944.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\31c1a3bf-a2a9-4e61-89e0-12ad356261a4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\32143b1f-dd4c-4614-8511-f44d3c37c798.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\33ef72e4-3a3c-4168-95ee-69b999f3dc50.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\34025ab2-9d28-42be-84d8-a1d73b60ad18.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\357dce9d-6a30-4730-bb20-cf0c0fc650f4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\35d3ec51-424d-4d15-9d59-ad7f0554bd23.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\362d06ca-6ee3-4f9f-a7d9-0939c91fad48.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3721ef84-adf6-487a-bf5f-543cac2cb4ec.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\37fcc561-d0c6-4a27-bd96-1c6ae4a7bd28.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\388d4ac5-b1e6-4ebd-bfcf-8537f385f096.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\38f9ba70-490f-487d-a4c3-cbe4fbac20e0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\393de2f5-2776-41ad-a7bd-7198bc797408.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\39f7415e-cdf2-43a1-ae34-893d6603300c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3a0670b4-914c-4e8b-93cd-8d7cb942e28f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3b2bf223-6da6-4008-8149-61cea1779795.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\3f74f6f7-8e6b-4ad2-852d-7a9fe415ba6d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\40b50b44-803d-44ec-9560-eb92b57ea3cc.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\40df5f98-464f-4fb6-ad59-25be62557f1e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\43a173bc-54ac-4ca8-9133-39dc4bb09ed5.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\44c5d09f-056f-4564-9023-0ff0c833ffcb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\44d3bf05-b9d8-4840-99a3-6431a5918d0a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\45551e4e-fc40-40dd-9e52-a4cad5937a79.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\46e96372-6341-4286-bc90-bc50bcc621db.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\473b0d3a-0ca3-41b2-a791-d5c7c621c088.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\479ac8d4-12d8-400a-b2eb-9189303a898f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\48a7731e-743b-4646-ab65-fb38afc2ee3b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\495b54b4-cb5c-42c2-9032-df3592cb2204.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\49ab966d-1130-41db-8d5c-5bb5251f7c74.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4b06871b-d080-4c48-b8b7-4cb8e2ba61d2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4baccb9c-e21e-43b2-bb24-b836cf0fb77a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4c02164a-fba5-4333-903a-333bbe40849e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4d3d6683-2fed-4d65-aa9f-83392f4cf290.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\4fb94aa1-1d37-4bde-a016-27553c0526b4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\503c49cc-7cdb-4fa1-a0fa-c6f68a548b17.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\50bef3ea-f148-4ac7-a96a-eb2ab119c76d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\515d35c8-faf3-4aa9-a475-5b7d1f202006.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\54bddaaf-c62d-44e3-8b7e-c44d0a4b238d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\561ac496-8929-4bac-af19-f57251c933f7.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5644d63f-ad16-43fb-9236-538768beef82.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\56a0ceb6-e292-4be1-b2c4-0c35965d3d0e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\56cec41d-1ab6-4290-b8c2-7dda878d2226.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\57aeeddb-ce93-4c02-8ab2-151c61d2e7f1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\57f861e8-0e96-486a-9764-a9050d56cd17.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\58881de7-618f-46fc-951d-4370637c43ca.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\589581dd-10a9-4036-b477-e31a01aa4930.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5913b47b-bd3b-4082-bddc-89e24281509a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5ba0dbb7-2e22-4857-a03f-04fe7c8d33a6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5baa9f08-31b7-4503-8132-b94738aff13e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5c2f7309-1539-4691-a2cd-5424309be77b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5c4f6108-7bf2-433e-bbda-0f3d534c403e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5d2f87a2-0018-4dd5-8d34-220a5dfcbd70.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5de8cae9-7592-49c8-85ea-186d68f31fbb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5e61e893-0cbd-4442-a7b0-b89a2f31ff9c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5e740978-b9b1-4426-b68e-7a6399ec63dc.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\5ebf5a19-5416-4e16-8b23-633aacb0516d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\61f9b6eb-6202-41e7-932d-184876aa8439.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\622e0716-53b8-4624-b358-b0595ef46e81.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6458f5ba-5585-4140-b30b-89af971a3ce9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\65cfffce-8aed-4774-8ead-5517fd56c3b2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\660e031b-51d4-49a4-8ec1-e1f8033da8df.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\677dc705-a4f1-43fe-8031-a45b4c6463f5.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6948104b-dcc1-4a3b-b829-33376a0f0dbb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\69618347-995a-431d-81e4-11d3a21ecef7.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b113dc4-d60e-4ab7-8f80-5bc3a577f08b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b22287e-33a5-4a76-bd2b-14badcd16cce.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b569990-324b-433b-8913-658ebb071916.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6b9263a5-d282-49c6-affc-e158f198c509.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6bb60d78-094e-4346-8922-52a4da5a5a9a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6d0ba5ba-5ba0-40b3-8455-a3ba8de0a994.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6d8c7a70-8266-4f84-a917-af4335a6cffb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\6f5a312f-c628-4eb8-9b20-d40c17f71018.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\70094552-0be7-46af-b2f5-e48fda1647fe.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\70250457-8ffa-4eb9-96f1-e213c089e128.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7173aed9-2529-4db1-b121-6bf32afa1c4f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7692d40d-dc2b-4f55-b837-372d92b38bfb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\778ffb2f-31a1-4403-8935-86b98aa780ac.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7794a29a-bd48-409a-ba08-c77a436ccbb4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\77d84240-cbad-414f-9c5f-85296546ac84.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\77e63912-2364-4ef9-acc8-956a0b72285b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\78937aa3-3e04-4231-a16e-355aadf98719.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\789a6f63-a6ca-4d6d-b98d-627ec52ff842.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7b0bdae8-8a46-411f-9657-4c9ad94805fa.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7bf8d10a-e4f5-4ba6-8eb7-5d531af47f0c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\7eb46b15-97dd-4027-830a-0f834bcb4984.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\802bd575-c2b2-4a5f-bf7f-8317d76c7b6f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\80308d0e-9f6e-468e-a9e1-fa7f769713ad.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\805b70dd-07c6-4bcb-b15e-2890037cb01f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8216c306-2f3c-4bdf-ab22-160ef6cd6bdf.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\82af9b6d-3e8b-49b0-8aa9-2ea8fca81083.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\84e04d6d-f4c0-47a5-bfb9-5e10e9a191d1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\85dfe300-08e2-4d47-b5f3-4061458c12c4.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8777937a-37df-4d28-9910-bcc5caaf4332.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\87b4aec7-410f-4cbd-b43b-b3ca7ad0676e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\89f68abd-9a6f-480e-aab5-037511323b30.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8a81cac4-d3c4-4f91-9330-47754d359df2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8af96b9b-ddd2-47b9-8d15-4e62b212e80a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8bc59ff7-31d3-4789-8118-103dd6938ede.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8c5c81f3-b376-4b8b-bc37-375cc9cad816.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8cb6fb64-48b4-4270-aa4a-8241af283785.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8d1e1620-b405-4a25-9e40-6d3c0b3910d7.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8d790e07-db37-48f6-9cde-60a871397d16.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8e2f19db-ea5d-40ca-b7dd-26210c6443b2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\8fd5a45e-8f05-4ed6-b848-8d5363e2c2c9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9009a268-489f-49b2-825f-8971261e0fe8.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\900e3db4-5989-4933-a349-351bef47a7bd.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\92934aba-3abb-4c28-991a-61fc771acc77.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9785131f-a413-4dfa-8695-39c531da80d1.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\97e2a3e5-77bd-4892-9fb8-5aa94eaa4add.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\97e50b72-98ab-41ef-baeb-9f6a51b29119.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9834dae9-390a-4c2e-9ef7-4c6331a3019c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\98a38be4-5be4-4d56-a608-1a7d38f3b569.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\98b16b22-57ec-460e-8c27-3098bec85dc8.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\99af28f3-6646-4ab9-889f-a28be3246a07.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9a5d80e8-fe85-46cf-afa7-6e3513da925e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9e4fa622-091f-4e3f-9876-aff815e4b91e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9e6b91f9-2a6d-422d-b492-6bf6df7aac8d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\9eab6ea3-6471-4aee-b8c6-00417e5f66d2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a09d750d-b00c-4639-a0ed-454d04d122d6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a0a32a21-8088-4ccd-a679-7023279c8d43.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a0daf90d-1796-4eef-950d-23d8926a418e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a389dc59-793b-4b03-b543-dc1554b851a9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a3e538b0-ae9d-4d2c-bb7e-82cacfb7e034.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a5a860ee-6351-4823-94cc-a90ab6ab8e22.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a648a04c-6b2a-448b-a38f-60973fe38f98.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\a65f01ec-ee54-4282-9d06-4d1228be8636.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ab77cd47-f22d-4061-8618-8a77d5ea7fb2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad148ef6-5ec5-4508-ab71-db0b3e52c9e3.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad28aa0c-9d02-4de0-81b2-37d697cf407a.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ad44745b-e45c-425e-b75e-c93c4c1678b6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b05685c7-4759-4a36-a712-b3b68d5b997f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b07c2a20-f0ee-4c0f-9ae1-9bf92acb2fd7.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b217b4d0-1ea8-4c13-b22c-1a57fb6c3656.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b2f51970-0c7e-443d-8a3d-0d090db9c1ad.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b34cb097-bc3b-4ed0-a268-a81641475f44.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b47ca70a-7b3e-47f6-94fd-04a82a812faa.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b4ad9b39-a925-411c-9257-5317de38c43d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b4dcb516-d92b-41d5-9b2c-38f01a312a33.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b5aaf37c-a10f-441a-9d42-fe2aaa1990d3.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b64a244d-67a3-4377-942e-ce613bc9fe3c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b7ee901e-9d2a-4686-9062-66bbfbcf4a42.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b843c77a-9176-4c41-9ac6-fb8284229e59.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b87abfdd-99f2-4cee-8374-b5e3cf1ff29f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\b988acbc-3cf6-4ca0-b783-96f358030232.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bacbc4a4-15cd-4f71-b86d-e00c6706af01.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bbc70069-82fc-409a-8028-4fb096b42630.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd2c87c0-b355-4eee-8f78-704351a9cb9e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd49d8c7-80eb-4584-a837-42f3a6b5d862.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bd82aa01-9714-40ed-bf1c-b2eb8bd4706d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bda30f22-acbd-47a2-aaba-c62dd4e8b1c5.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bdcc18e5-794a-486a-80d2-53cb535ae1be.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be073235-0f8a-43b2-a4a2-3e6d02c02b47.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be788a1b-2e0a-44ce-a669-e5b787beaa8b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\be8743c2-5add-43f0-a565-de4f8b6e39db.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\bfc4a6a6-1739-407d-b87c-af3c9eb5ab42.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c0c22d8f-7a86-4c74-8581-52caf880f794.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c0cf4f90-cd60-4757-a2e5-5d99b26fb834.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c15c1caa-f11b-4d04-bde7-f221c605b0f6.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c20643cf-465b-4b7c-939d-bc13552ddbc0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c4274673-e2af-4073-a904-16996d717aeb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c44572f4-e5fb-480f-a092-1a92682a0921.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c5805a90-445e-4f5d-ba5d-a4301175900e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c6149441-afd8-47f2-bec9-8a87da91ec66.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c6408267-d35a-4c75-80dc-e287d2623a4c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c72aa6fc-55b0-4fde-812b-752e975b8bfd.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\c911b72f-3f30-49b3-817f-fdbe77b4f806.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ca77d85b-84ad-4c0f-a46a-b1256dceeb09.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\caeff903-89ec-4f5e-ad72-7336723f3817.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cba71b78-cbdc-4462-97a9-f9b14c6a351e.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cd20eb31-d9f7-40e7-b80c-43c304de0a08.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\cd5e6b43-e13e-4973-a0b9-bc73a2407600.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ceb570ec-fff3-4d61-8ed6-4dfb6886403c.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d01112d8-ecc5-4893-97b0-f833362dfaf2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d0444ba0-0ee0-4582-a9c5-fe95f7c9bd7d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d218efa4-a33d-4884-a711-87dd31b86d2d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d28c7378-cef4-49a3-8b9e-23f97913cfd9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d33da0ba-7bab-48d4-b7c6-00f93bc2caf9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d37b7bb6-dc73-4e9e-a342-aeb22fbf7f91.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d3e2a15c-ec27-4506-a0d2-ecc5728e43fc.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d44b3f5d-e2f9-4b64-a7c4-4829e76fc747.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d461205c-c0ee-406d-b0ff-2cfd3b69d3d0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d56402bb-e8b1-42fc-a6ee-9d61856cd2a2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d5a7763d-1a87-4ffc-a339-559910401724.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d6196911-b6d3-447c-b823-19d541c3cd24.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d6f56658-453a-4a16-bfab-5af733a49fd9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\d7f23f30-b744-449b-84c9-5b6e8143f6da.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\da51d6b0-b96a-4730-9702-645b422d151b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\df10f224-3a42-4922-8f71-6c5ed5199c98.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\dfb35b77-ecf6-45b8-97ec-f09552020d60.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e070f596-72aa-484c-8f65-6905612ddd99.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1432d1a-2c0a-4b21-b66c-c7eae315ff7f.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1a0e70b-c932-4dd9-9f5f-ed73df1740d0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e1af67b5-f9b6-4cab-adcd-501d3a12c846.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e34b7e81-2094-42c1-b591-07906238a8fe.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e5367c43-fe2c-4266-8f9b-751c754d5cb3.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e53c9836-14f8-453a-92de-8f0b9c7e5afe.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e5565435-ffa9-455f-b570-b8580fa281c2.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e595a4c8-8ee9-4f14-9c89-b2c29cafad97.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e829d56d-4f0e-48eb-868e-3e531f43426b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e8c3f912-3bef-4f2b-908d-2fd3d502b2ab.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\e96c959b-2964-4a2b-88b9-a8c3c329d04b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\eac321e2-0518-40db-9e82-57293db4bf49.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ecbf9389-8c68-4085-bd6d-441420ba4238.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\edf17e9a-2c1a-4635-9431-b0c6c079cbe8.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee0c0dc3-400d-4fb8-9887-f20b6fc9b0e0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee2965b4-f57f-4479-b6bd-23879994050b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ee9be351-67d3-40cc-b231-dc26bb20ebe9.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\eeac15af-8c81-4ae3-b99f-fe602161c3ea.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\ef916e33-274c-44c3-9a5e-ed2bed79be05.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f1305f9e-e7a5-4a23-a75b-125850fd2429.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f1493e7c-d162-40aa-9ff2-eccbab4832fb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f180e9b7-ed95-4ab7-981d-b026b050ab11.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f28db5f2-500b-45a5-9c08-89fb3d36c4b0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f316bb3c-4a45-4506-bcc1-097b37c99ddb.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f31fa173-68b5-4792-9abd-4a03af8e5a4b.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f33a2758-5de8-4a0b-abe0-b9c7602e047d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f344e2d4-0f2b-40d3-bc52-bf35cfd774fe.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f3d55941-15e6-4d23-accf-b87cab83fba5.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f412b387-4e81-4db3-8ddd-400fe3852232.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f4491798-c9a2-44bb-a32f-7fcaa2deec20.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f4eaed98-8f38-47b8-843a-e44024438575.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f5595d4f-3542-4904-aaed-95b89d55d279.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f5c007de-26cd-4e54-90fd-867076adf7b0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f896f61b-efc6-4313-9518-3ab800e1bf14.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f8a1df4e-d8a3-4568-a87c-08a3eba5496d.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f94ba19c-e9b2-4312-84e5-e04c3b9eee04.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\f99beb76-688a-4c1c-91ce-c2527b715910.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fc0ee807-e844-449a-ba2e-9b6735dd1700.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fc7fcacc-d859-4fe9-800b-03ee236aaec0.png
c:\users\Sascha & Nancy\AppData\Roaming\Toshiba\ReelTime\UserData\fcb037cf-2ca3-4cac-b1fa-1eac5fe12f96.png
c:\users\Sascha & Nancy\videos\layout.bin
c:\users\Sascha & Nancy\videos\Setup.exe
c:\windows\UA000073.DLL
D:\install.exe
|
|
04.02.2014, 18:05
| #6 |
| | Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- OnlinebankingCode:
ATTFilter .
.
((((((((((((((((((((((( Dateien erstellt von 2014-01-04 bis 2014-02-04 ))))))))))))))))))))))))))))))
.
.
2014-02-04 14:36 . 2014-02-04 14:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-04 14:25 . 2014-02-04 14:25 -------- d-----w- c:\users\Sascha & Nancy\AppData\Roaming\TOSHIBA
2014-02-04 10:03 . 2014-02-04 10:03 -------- d-----w- c:\program files\HitmanPro
2014-02-04 09:41 . 2014-02-04 13:42 -------- d-----w- C:\FRST
2014-02-04 09:03 . 2014-02-04 09:03 -------- d-----w- c:\users\Sascha & Nancy\AppData\Roaming\Malwarebytes
2014-02-04 09:02 . 2014-02-04 09:02 -------- d-----w- c:\programdata\Malwarebytes
2014-02-04 09:02 . 2014-02-04 09:02 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-04 09:02 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-04 08:37 . 2014-02-04 08:37 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75DAD2A7-0F7A-4F65-8939-E8D2A6F97D83}\offreg.dll
2014-02-04 08:08 . 2014-02-04 08:08 -------- d-----w- c:\program files\iPod
2014-02-04 08:08 . 2014-02-04 08:09 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 08:08 . 2014-02-04 08:09 -------- d-----w- c:\program files\iTunes
2014-02-04 08:08 . 2014-02-04 08:09 -------- d-----w- c:\program files (x86)\iTunes
2014-02-04 08:08 . 2014-02-04 08:08 -------- d-----w- c:\users\Default\AppData\Roaming\Apple Computer
2014-02-04 08:08 . 2014-02-04 08:08 -------- d-----w- c:\users\Default\AppData\Local\Apple Computer
2014-02-04 07:42 . 2014-02-04 07:59 -------- d-----w- c:\programdata\HitmanPro
2014-02-04 07:29 . 2014-02-04 07:29 -------- d-s---w- c:\windows\SysWow64\Microsoft
2014-02-04 07:28 . 2014-02-04 07:29 -------- d-----w- c:\program files (x86)\OpenOffice 4
2014-02-04 07:27 . 2014-02-04 07:27 -------- d-----w- c:\programdata\CSIS
2014-02-04 07:27 . 2014-02-04 07:27 -------- d-----w- c:\program files (x86)\Heimdal
2014-02-04 07:25 . 2014-02-04 07:25 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-02-04 07:17 . 2014-02-04 07:17 -------- d-----w- c:\users\Sascha & Nancy\AppData\Local\Secunia PSI
2014-02-04 07:17 . 2014-02-04 07:17 -------- d-----w- c:\program files (x86)\Secunia
2014-02-04 07:13 . 2014-02-04 07:13 533424 ----a-w- c:\windows\SysWow64\hmpalert.dll
2014-02-04 07:13 . 2014-02-04 07:13 488104 ----a-w- c:\windows\system32\hmpalert.dll
2014-02-04 07:13 . 2014-02-04 07:13 17416 ----a-w- c:\windows\system32\drivers\hmpalert.sys
2014-02-04 07:13 . 2014-02-04 07:13 -------- d-----w- c:\program files (x86)\HitmanPro.Alert
2014-02-04 07:01 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75DAD2A7-0F7A-4F65-8939-E8D2A6F97D83}\mpengine.dll
2014-02-04 06:59 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-04 06:27 . 2014-02-04 06:27 312744 ----a-w- c:\windows\system32\javaws.exe
2014-02-04 06:27 . 2014-02-04 06:27 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-02-04 06:27 . 2014-02-04 06:27 189352 ----a-w- c:\windows\system32\javaw.exe
2014-02-04 06:27 . 2014-02-04 06:27 189352 ----a-w- c:\windows\system32\java.exe
2014-02-04 06:27 . 2014-02-04 06:27 -------- d-----w- c:\program files\Java
2014-02-03 05:46 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-30 11:55 . 2014-01-30 11:58 -------- d-----w- c:\programdata\BlueStacksSetup
2014-01-25 11:23 . 2014-01-25 11:23 -------- d-----w- c:\program files (x86)\GotClip
2014-01-23 06:31 . 2014-01-12 15:01 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0D1839D3-5915-4785-9DAE-77DA76C5D54D}\gapaengine.dll
2014-01-23 06:22 . 2013-12-06 00:16 874312 ----a-w- c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2014-01-23 06:22 . 2013-12-05 19:41 22370928 ----a-w- c:\program files (x86)\Mozilla Firefox\xul.dll
2014-01-23 06:22 . 2013-12-05 19:37 276592 ----a-w- c:\program files (x86)\Mozilla Firefox\updater.exe
2014-01-23 06:22 . 2013-12-05 19:37 153712 ----a-w- c:\program files (x86)\Mozilla Firefox\softokn3.dll
2014-01-23 06:22 . 2013-12-05 19:37 18544 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-container.exe
2014-01-23 06:22 . 2013-12-05 19:37 92272 ----a-w- c:\program files (x86)\Mozilla Firefox\nssdbm3.dll
2014-01-23 06:22 . 2013-12-05 19:37 393840 ----a-w- c:\program files (x86)\Mozilla Firefox\nssckbi.dll
2014-01-23 06:22 . 2013-12-05 19:37 1776240 ----a-w- c:\program files (x86)\Mozilla Firefox\nss3.dll
2014-01-23 06:22 . 2013-12-05 19:34 302192 ----a-w- c:\program files (x86)\Mozilla Firefox\freebl3.dll
2014-01-23 06:22 . 2013-12-05 19:34 275568 ----a-w- c:\program files (x86)\Mozilla Firefox\firefox.exe
2014-01-23 06:22 . 2013-12-05 19:34 117360 ----a-w- c:\program files (x86)\Mozilla Firefox\crashreporter.exe
2014-01-23 06:22 . 2013-12-05 19:34 20080 ----a-w- c:\program files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2014-01-21 21:33 . 2013-10-25 06:17 15404032 ----a-w- c:\windows\system32\ieframe.dll
2014-01-21 21:33 . 2013-10-25 06:18 19271168 ----a-w- c:\windows\system32\mshtml.dll
2014-01-19 02:04 . 2014-01-19 02:04 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-01-17 16:23 . 2014-01-17 16:23 -------- d-----w- c:\users\Sascha & Nancy\AppData\Local\Microsoft Help
2014-01-17 16:23 . 2014-01-21 07:32 -------- d-----w- c:\programdata\Microsoft Help
2014-01-15 04:23 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 04:23 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 04:23 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 04:23 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 04:23 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 04:23 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 04:23 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 04:23 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 04:23 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-04 07:24 . 2012-06-13 06:15 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-04 07:24 . 2012-06-13 06:15 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-19 07:33 . 2011-09-03 07:38 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-15 21:18 . 2011-06-13 13:57 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-06 14:47 . 2013-12-06 14:47 18456 ----a-w- c:\windows\system32\drivers\psi_mf_amd64.sys
2013-11-23 18:26 . 2013-12-12 13:29 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 13:29 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-12 13:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-12 13:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-26 102400]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-6-28 2721184]
Heimdal.lnk - c:\program files (x86)\Heimdal\Client\HeimdalAgent.exe [2013-11-6 1170080]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R1 pmplcahk;pmplcahk;c:\windows\system32\drivers\pmplcahk.sys;c:\windows\SYSNATIVE\drivers\pmplcahk.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys;c:\windows\SYSNATIVE\DRIVERS\ASPI32.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 HeimdalSecureDNS;Heimdal Secure DNS Service;c:\program files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe;c:\program files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [x]
S2 HeimdalService;Heimdal Service;c:\program files (x86)\Heimdal\Service\HeimdalAgentService.exe;c:\program files (x86)\Heimdal\Service\HeimdalAgentService.exe [x]
S2 hmpalert;HitmanPro.Alert Support Driver;c:\windows\system32\drivers\hmpalert.sys;c:\windows\SYSNATIVE\drivers\hmpalert.sys [x]
S2 hmpalertsvc;HitmanPro.Alert Service;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WinisoCDBus;WinISO Virtual CD Drive;c:\windows\system32\drivers\WinisoCDBus.sys;c:\windows\SYSNATIVE\drivers\WinisoCDBus.sys [x]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys;c:\windows\SYSNATIVE\drivers\CHDMI64.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PWLDIPOW
*Deregistered* - pwldipow
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 07:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Sascha & Nancy\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{A5B9220D-875B-4C63-A4B1-AABF1D74E973}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\users\Sascha & Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\3u1jr7fi.default\
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{62d40876-df18-411f-9d34-a9dd7a197bc5} - (no file)
Toolbar-Locked - (no file)
Toolbar-{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - (no file)
Toolbar-10 - (no file)
Toolbar-!{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file)
Wow6432Node-HKCU-Run-AppsHat - c:\users\Sascha & Nancy\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
Wow6432Node-HKLM-Run-ProtectedNET - c:\users\Sascha & Nancy\Desktop\Laufwerk\Jappy Rang + Credit Hack by JiNNy.exe
Wow6432Node-HKLM-Run-NPSStartup - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - c:\progra~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000\Software\SecuROM\License information*]
"datasecu"=hex:03,95,f1,c1,3b,2e,06,99,bc,29,33,e4,07,9b,1e,9f,42,9e,6b,d3,c6,
3e,68,d8,18,2f,80,fd,1c,28,25,1f,54,31,08,b5,57,0e,af,b6,f8,31,a1,a5,71,2e,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\GAMES\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\games\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
Code:
ATTFilter .
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-2086433155-968339950-4243989774-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_70"
.
|
|
| Themen zu Windows7 - eGdpSvc.exe Trojan - Internetoptionen geht nicht- Onlinebanking |
| .dll, adblock, adobe, bonjour, branding, cid, converter, desktop, device driver, ebanking, error, explorer, fehler, firefox, flash player, gmx.net, google, heimdal, home, homepage, installation, internetoptionen, malware, mozilla, online banking, registry, scan, secunia psi, security, services.exe, software, svchost.exe, trojan, trojaner, wildtangent games, windows, winlogon.exe, wscript.exe |
Hybrid-Darstellung
