Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar

Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar


Plagegeister aller Art und deren Bekämpfung: Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 29.05.2012, 17:16   #1
dennis8
 
Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar - Standard

Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar


Hallo,

ich kann Webseiten von microsoft, avira etc. nicht mehr aufrufen. Werde entweder auf die google Startseite oder eine google Fehlerseite (404) geleitet.
Die Vermutung liegt also nahe, dass ich eine Schadsoftware drauf habe. Ansonsten habe ich bisher keine Veränderungen festgestellt.
Scan mit AntiVir bringt keine Lösung.

Kenne mich da nicht so mit aus, aber vielleicht könnt ihr aus den OTL Ergebnissen etwas lesen.


OTL.txt
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 29.05.2012 17:40:58 - Run 1
OTL by OldTimer - Version 3.2.44.0     Folder = C:\Users\xx\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,73% Memory free
5,99 Gb Paging File | 4,83 Gb Available in Paging File | 80,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,71 Gb Total Space | 325,92 Gb Free Space | 71,52% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 9,92 Gb Free Space | 99,23% Space Free | Partition Type: NTFS
Drive F: | 4,11 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: PC | User Name:  | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.29 17:39:44 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\xx\Desktop\OTL.exe
PRC - [2012.05.28 15:06:18 | 000,867,080 | ---- | M] (Acresso Software Inc.) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2011.09.29 16:19:26 | 000,020,880 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011.09.29 16:19:16 | 003,508,112 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.08.07 19:19:05 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe
PRC - [2011.07.07 08:16:04 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.03.28 21:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.03.28 16:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.20 23:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 23:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.09.15 11:11:22 | 000,339,312 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2010.06.17 21:56:44 | 000,370,176 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2010.05.11 06:06:40 | 001,885,512 | ---- | M] (Sanford, L.P.) -- C:\Programme\DYMO\DYMO Label Software\DymoQuickPrint.exe
PRC - [2010.05.11 05:53:16 | 000,055,808 | ---- | M] (Sanford, L.P.) -- C:\Programme\DYMO\DYMO Label Software\DLSService.exe
PRC - [2010.04.23 16:20:36 | 001,670,144 | ---- | M] (ESRI) -- C:\Programme\ArcGIS\License10.0\bin\ARCGIS.exe
PRC - [2009.08.18 03:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2008.11.06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) -- C:\Programme\ArcGIS\License10.0\bin\lmgrd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.12 10:55:10 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
MOD - [2012.05.12 10:53:45 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
MOD - [2012.05.12 10:53:38 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012.05.11 20:35:34 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\041b1bcf6ae9ab58925791d8198c37e2\PresentationFramework.ni.dll
MOD - [2012.05.11 20:35:19 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a1de74c8d0dfd15e3246e5dd394013bf\PresentationCore.ni.dll
MOD - [2012.05.11 20:35:10 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\4b7adff986a085bb562222d0c5fdf5aa\WindowsBase.ni.dll
MOD - [2012.05.11 20:35:08 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012.05.11 20:32:54 | 013,197,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9ee9841d9e33fe5dceba4cd7d90f2ae0\System.Windows.Forms.ni.dll
MOD - [2012.05.11 20:32:51 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012.05.11 20:32:48 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012.05.11 20:32:45 | 001,665,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\03b5233f1511f5fdb39eb681b04e5506\System.Drawing.ni.dll
MOD - [2012.05.11 20:32:43 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012.05.11 20:32:37 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012.02.15 17:04:18 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\a717cdb44ec0d3238c621efa420a9956\System.Messaging.ni.dll
MOD - [2012.02.15 14:25:10 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MOD - [2012.02.15 14:24:56 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012.02.15 14:24:38 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012.02.15 14:24:22 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012.02.15 14:24:14 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012.02.15 14:24:11 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012.02.15 14:24:00 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012.02.15 14:23:55 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012.02.15 14:23:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012.02.15 14:23:50 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011.12.30 20:15:03 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.12.29 18:20:24 | 000,115,137 | ---- | M] () -- C:\Users\xx\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
MOD - [2011.09.29 16:19:26 | 000,020,880 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.05.11 05:52:30 | 000,094,208 | ---- | M] () -- C:\Programme\DYMO\DYMO Label Software\DYMO.Common.dll
MOD - [2006.12.10 21:51:08 | 000,077,824 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006.12.10 21:51:08 | 000,065,536 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmlparse.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2012.05.28 15:06:18 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.07.07 08:16:04 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.11.20 23:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.20 23:29:48 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010.11.20 23:29:32 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2009.07.14 03:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Programme\ArcGIS\License10.0\bin\lmgrd.exe -- (ArcGIS License Manager)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.07 08:16:04 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.07 08:16:04 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:12 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.18 04:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 03:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2009.07.14 00:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {2279C29F-823D-4444-815A-CF161E9B6251}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2279C29F-823D-4444-815A-CF161E9B6251}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.30 17:57:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011.05.01 10:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xx\AppData\Roaming\mozilla\Extensions
[2012.05.02 12:56:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xx\AppData\Roaming\mozilla\Firefox\Profiles\ft2iwcdl.default\extensions
[2012.03.29 20:13:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\xx\AppData\Roaming\mozilla\Firefox\Profiles\ft2iwcdl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.05.24 16:34:49 | 000,000,950 | ---- | M] () -- C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\ft2iwcdl.default\searchplugins\icqplugin-1.xml
[2011.11.06 12:45:18 | 000,001,056 | ---- | M] () -- C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\ft2iwcdl.default\searchplugins\icqplugin.xml
[2012.01.09 11:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.30 08:26:17 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DLSService] C:\Program Files\DYMO\DYMO Label Software\DLSService.exe (Sanford, L.P.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKCU..\Run: [Cixyi] C:\Users\xx\AppData\Roaming\Xoyz\olow.exe (Asus)
O4 - HKCU..\Run: [DymoQuickPrint] C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5759352-0A3C-4DF4-B67E-99428EFF0E84}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.12.04 19:52:28 | 000,000,041 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{9aba0abc-3230-11e1-b5d3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9aba0abc-3230-11e1-b5d3-806e6f6e6963}\Shell\AutoRun\command - "" = F:\ESRI.exe -- [2010.08.27 02:37:17 | 005,403,032 | R--- | M] (ESRI)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.29 17:39:44 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\xx\Desktop\OTL.exe
[2012.05.29 17:19:43 | 000,000,000 | ---D | C] -- C:\Users\x\AppData\Local\{D658E1F5-8797-4EC4-BB0C-99C2D7DD1602}
[2012.05.29 17:19:21 | 000,000,000 | ---D | C] -- C:\Users\x\AppData\Local\{AA231AA0-461A-42F5-AC79-F8AA71522E47}
[2012.05.28 21:27:54 | 000,000,000 | ---D | C] -- C:\Users\x\AppData\Local\{07F2B0D4-2A42-445E-89C6-A6C6D506DE84}
[2012.05.28 21:27:33 | 000,000,000 | ---D | C] -- C:\Users\x\AppData\Local\{C5629840-B195-415E-93F7-5B6EDF0F7472}
[2012.05.28 19:23:50 | 000,000,000 | ---D | C] -- C:\Users\x\AppData\Local\{00343808-B43E-4FDF-8ABB-EA139981E271}
[2012.05.28 19:23:28 | 000,000,000 | ---D | C] -- C:\Users\x\AppData\Local\{9B64C16F-7202-473A-B752-F4F2FAB9604F}
[2012.05.28 18:06:58 | 000,000,000 | ---D | C] -- C:\Users\x\AppData\Local\{60A3A18D-70D4-45A1-942D-1B4AEFE4AD90}
[2012.05.28 18:06:37 | 000,000,000 | ---D | C] -- C:\Users\x\AppData\Local\{4C0D9836-7A22-43D5-98A7-D48EDD5C220A}
[2012.05.28 16:39:16 | 000,000,000 | ---D | C] -- C:\Users\x\AppData\Local\{A466910F-A396-4E96-A407-5D79E6F6A32D}
[2012.05.28 16:38:54 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9CC06A2B-6EE2-4F7C-9769-35013BC140D9}
[2012.05.28 15:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012.05.28 15:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012.05.28 15:06:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012.05.28 15:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
[2012.05.28 15:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\ArcGIS
[2012.05.28 14:56:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C2893615-A733-4A5D-ACA6-E232C27EC629}
[2012.05.28 14:27:10 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0A92EDC7-577C-4C6C-BC9F-AC8BB71C824C}
[2012.05.28 14:26:46 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{BCB4E447-9936-4C1E-ADE9-B4037BAFF057}
[2012.05.28 11:46:13 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{60A4B995-9CBD-4557-B94C-EF12AD74C514}
[2012.05.28 11:45:51 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{742DB147-F5C4-4343-BE2E-CC8BE54003A2}
[2012.05.28 09:33:22 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E27A8F2E-58A4-4CAA-AF5A-0C5F187A6A38}
[2012.05.28 09:33:01 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{93D8BFA6-314C-4E34-ACB2-1AABCDF0045B}
[2012.05.27 13:32:00 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F2BB5EC1-2DF6-479E-90DC-9BD0A82EC8C4}
[2012.05.27 13:31:39 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A7323F44-DC1F-4B70-BEA8-13383F129BF0}
[2012.05.27 12:25:18 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{40D01E2C-8FD5-4A74-A578-0E334774B93C}
[2012.05.27 12:24:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3E76BDB9-3830-4457-BA64-F2EEB8CD4F90}
[2012.05.27 09:31:26 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{08713810-3D9F-4A88-9F35-1BDD1051B8F1}
[2012.05.27 09:31:05 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8645FB2B-0576-4819-90D9-697F3C40E25B}
[2012.05.27 08:06:44 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{298615DD-D5BC-493D-8CB2-CB82C97C072F}
[2012.05.27 08:06:22 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{497FA8D0-6319-429C-A945-3B2688E82840}
[2012.05.26 23:21:30 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C72D7920-63D0-4D44-A550-C1EFBA4AF678}
[2012.05.26 23:21:09 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A360A2E4-CC63-4692-A71C-3FF661A3A59F}
[2012.05.26 23:18:17 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8F4A5933-DAAF-40B0-9E1E-AB605CF887C2}
[2012.05.26 22:27:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Roaming\Xoyz
[2012.05.26 22:27:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Roaming\Xosaax
[2012.05.26 22:27:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Roaming\Hepou
[2012.05.26 17:53:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{FFCD3756-4629-47D6-BFF5-5A170CFFB1CA}
[2012.05.26 17:53:33 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{27336804-5A83-43AC-81C3-32C5CEE32017}
[2012.05.26 08:17:35 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2EE7A628-23D2-414C-8DD1-AFCAC7D6FA5D}
[2012.05.26 08:17:24 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6A5BCAA0-C426-45A3-9B15-A8C44404A808}
[2012.05.25 20:53:05 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0212FF09-A0C0-4ECD-A468-9110CFE6725E}
[2012.05.25 20:52:43 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{BF670025-0425-4642-A295-D86D54D2C513}
[2012.05.25 20:22:45 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D10CE2B9-B337-45E1-9CB3-8DB6F4A69899}
[2012.05.25 20:22:35 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0902F138-D908-4BA6-B33E-03AD914688AF}
[2012.05.25 20:01:18 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B9C93B3D-D966-4E3E-B29D-5A548DD1BB0D}
[2012.05.25 20:00:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{991697C6-980C-4C93-AA83-1B389BE88F91}
[2012.05.25 18:54:32 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{FBFCCF18-255C-4230-9E4C-0C9A848F2E74}
[2012.05.25 18:54:11 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9D186EBA-944A-49D6-A9BC-68680FC00CE9}
[2012.05.25 18:28:25 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{36FD2A69-1B65-466E-B9CA-4371A77DBAB7}
[2012.05.25 18:28:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{30D82AA4-E94E-4AF7-899E-FBA93112FA87}
[2012.05.25 18:20:24 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{661C5169-CE36-4504-91C0-A1454A4E435D}
[2012.05.25 18:20:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D19FF07F-33B7-47CC-906A-8A4A6144BBDE}
[2012.05.25 18:14:07 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{005694A0-279A-49FE-976D-62B20C1896E7}
[2012.05.25 18:13:44 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8E13B2F4-58B0-4F84-9119-A1511D79B306}
[2012.05.25 17:36:37 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D27F983F-334E-497C-BC95-059A896624CC}
[2012.05.25 17:36:15 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{02EE096A-3A16-4FDB-9BE0-A93DE98B3543}
[2012.05.25 17:15:48 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6B41EA12-2D5C-45D2-8C56-2D98784C43DD}
[2012.05.25 17:15:26 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2F88112A-BDBC-47B5-9943-168FEE9FC28A}
[2012.05.25 15:04:28 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{BA2C61DA-E263-4BDF-AEBC-FA6AE7125492}
[2012.05.25 15:04:07 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C90C043B-207B-4701-85C3-C3B99367A4C0}
[2012.05.25 14:53:01 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{80AE2BD3-C9F1-42D1-8E90-BCBBAF399F03}
[2012.05.25 14:52:39 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0CDC75E3-09A3-4338-B5CA-D067661946A8}
[2012.05.25 14:40:08 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4336CBBF-1F93-45F4-AAB8-424572EDB844}
[2012.05.25 14:21:26 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C0D44067-34E0-4C16-8313-84869C33B2BA}
[2012.05.25 14:21:05 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1A712885-A1A4-4A08-9FC4-7069359768CB}
[2012.05.25 13:41:27 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{66D49911-84EE-4FCC-80F7-C931F5E07D37}
[2012.05.25 13:41:06 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6F3A567F-CCDE-48A0-A3C1-C13AFFE3FDB8}
[2012.05.25 13:28:20 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4BB2EF86-55F7-4472-B062-D9175200C633}
[2012.05.25 13:27:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{44227E19-32EF-4E95-A6E6-86CE232C10D7}
[2012.05.25 11:25:21 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6072DCFA-9723-4A65-973F-1B9FCDA63124}
[2012.05.25 11:25:00 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{FD950060-AD4E-445F-8719-795B73DDD1DB}
[2012.05.25 10:50:35 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B57D63CA-4B55-42D5-BD23-EAA1793CDBAE}
[2012.05.25 10:50:14 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{79E392EE-9CB1-4145-88DA-488ED6C3B9E5}
[2012.05.25 10:41:41 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D61537C7-748E-4253-9BAB-D558B9CACDF7}
[2012.05.25 10:13:47 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2DA1F4CF-60B8-4A21-9ECA-43AE78B58F34}
[2012.05.25 10:13:26 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9633F56D-8A9F-4AB5-A1C7-900C06F8E223}
[2012.05.25 09:04:52 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2CD74460-0169-4C4F-93BA-8054E880654C}
[2012.05.25 09:04:30 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{5F422A0A-7077-4FE1-8075-F8BC710BEE20}
[2012.05.24 21:15:16 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3D51B460-9A23-4E73-AD69-589D4626996A}
[2012.05.24 21:15:05 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{12E8F401-A437-4A61-8BDA-D5739D0282ED}
[2012.05.24 17:51:27 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1A6CF54A-1DA7-431B-9AAE-1AB1D51D7BA6}
[2012.05.24 17:51:17 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C3E01E22-024B-42AA-AA52-75C7B8372DF0}
[2012.05.24 16:33:15 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F45A194D-EB75-4760-9DB6-B63145077EBB}
[2012.05.24 16:32:55 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{92C60E8E-3A1B-4DB2-84D8-69F47DD3B1A0}
[2012.05.15 08:17:20 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D0954CB4-37AE-472D-A5B4-C9E439C69AF3}
[2012.05.15 08:16:59 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{5D91AEDB-7660-4BF1-BAF1-9B4CD0DDF35E}
[2012.05.15 07:47:28 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4B7BE732-4192-4A7A-9458-D31D55AF1E12}
[2012.05.15 07:47:07 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{48E98118-8B2F-4165-AA48-7C6C97E88530}
[2012.05.14 23:38:34 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{251A22EB-D166-4D5D-83FE-25E3610794B3}
[2012.05.14 23:38:11 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{170A0DB5-E29E-4876-923C-D3AC2A845D48}
[2012.05.14 21:49:53 | 000,000,000 | ---D | C] -- C:\Users\xx\Desktop\foto
[2012.05.14 19:14:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F2106E34-EF5E-41F6-A465-95AF095F8326}
[2012.05.14 19:14:35 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{980F52DF-29B1-4D9F-BB0C-CDE9293B46AB}
[2012.05.14 17:34:12 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{403769FC-DB4A-47CF-A76D-3A3F7DEF03F2}
[2012.05.14 17:33:50 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{59935BE2-0D72-4FA2-9979-D3816613771F}
[2012.05.14 15:13:21 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{99C23DCB-5137-4C21-82D0-87EFA1EDCE86}
[2012.05.14 15:13:00 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{FC79BC1D-4B90-41C0-B364-0FC27F1EE0D0}
[2012.05.14 13:18:50 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{DF4FF6A1-40AE-48D4-912F-1E96D5F8AF09}
[2012.05.14 13:18:29 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F78FABA6-39FC-4975-88C1-69B283F7DBF2}
[2012.05.14 13:10:27 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{45B84C9B-5721-46AF-BC0D-86D98F9C9CD8}
[2012.05.14 13:10:06 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{CC8ABC48-0BDD-47DB-AE56-E538946DA09F}
[2012.05.14 10:58:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9446AD88-5D0B-451B-A05E-4D10B0E4CDCA}
[2012.05.14 10:58:31 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{41E7FBDE-067E-4B63-B1C9-5A4125FCF8AD}
[2012.05.14 08:36:39 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8B13BDB3-C698-43D7-8652-85C67F47FCAA}
[2012.05.14 08:36:16 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B062D5CD-82F9-43A6-8768-E782CE348249}
[2012.05.13 18:53:27 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D5353F02-D786-4EAF-804E-E8FAD1597E57}
[2012.05.13 18:53:05 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{03AADE15-E763-4587-AC15-390CF6E3B8D8}
[2012.05.13 17:11:27 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{294CABAC-7487-4F8B-8651-60E287963CE5}
[2012.05.13 12:12:24 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0F59A9D5-C817-4D25-B6E5-5D59CEE61B79}
[2012.05.13 12:12:00 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{16715EA2-2E4E-44B5-B360-F7F63472FB80}
[2012.05.13 10:32:17 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{FDBB505A-A4B1-46C0-A348-93CF9E1D7ED4}
[2012.05.13 10:31:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9E02B95A-658F-4869-9518-B44A23339039}
[2012.05.13 09:41:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0F58300E-F15D-4A14-BEDE-331DF02BF81D}
[2012.05.13 09:41:35 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D59414A1-08DC-4BF3-A2CA-480A2384EE9A}
[2012.05.12 20:00:30 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{7037CA83-CB45-41AB-99F2-63702BC94DCC}
[2012.05.12 20:00:08 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{77B3F4C8-C0F6-4DAF-A6ED-5986C851AB8F}
[2012.05.12 19:32:04 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{101DE2CB-3367-4432-96B2-9521156E4369}
[2012.05.12 19:31:43 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A7A94A89-0437-4E88-869E-C638F2E35CB5}
[2012.05.12 16:49:55 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0D36C219-509F-46D9-9342-2628DA79D09C}
[2012.05.12 16:49:33 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6FCFFA4F-D50A-49C8-8DA4-4E8DD4A9F5AF}
[2012.05.12 15:07:49 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{EDF750BF-1DDF-4572-8A69-612F63F83F9D}
[2012.05.12 15:07:39 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8603F018-6FB5-4A47-AFEB-BF8386DB0349}
[2012.05.12 12:00:02 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{80929EA8-30FE-46FF-981D-4315D7C586E4}
[2012.05.12 11:59:41 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2B99FF08-7BF7-48A9-A400-2A041BD9CB8E}
[2012.05.12 11:52:08 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8C3C472F-80DE-4C43-BBB1-D3B4D1A64FAE}
[2012.05.12 10:19:25 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C839D9AC-27D7-40AD-92CC-5CFE4B0B8CFF}
[2012.05.12 10:19:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{241CE05E-4B76-4046-A602-7767ECE3E770}
[2012.05.11 19:14:38 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F17E0A7E-2E16-4C1E-AFCC-7BFDE120A4EC}
[2012.05.11 19:14:17 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{459DCCE8-527C-4C81-9B1F-5BFA73AF7007}
[2012.05.11 15:53:49 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2348FE0D-6ABC-46B1-BE73-D77BFD1646B9}
[2012.05.11 15:53:28 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0E63C6AB-CBDF-4136-BE63-3D48FBF29AC2}
[2012.05.11 15:15:28 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A162A7AC-72F9-4FF3-99B8-D5301D934BAF}
[2012.05.11 15:15:06 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C343F827-5C7C-40D2-92B7-6C496E736B86}
[2012.05.11 14:30:39 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{DCB0EC85-1F7F-46A2-BE7D-1B0B627C4164}
[2012.05.11 14:30:17 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3913FE54-E832-47BA-BDE8-F1F6198C6BA8}
[2012.05.11 13:33:26 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3164D095-720D-4DAF-8FA7-A8A16220ECC7}
[2012.05.11 13:33:04 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1ECEA121-FF7D-4036-B850-BB0D4931D87C}
[2012.05.11 13:17:59 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{75B2FDD6-8DFD-4974-B7CC-20A7BB3F6D2F}
[2012.05.11 11:34:32 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{7450978E-9E5D-4E72-95C7-69998C51895D}
[2012.05.11 11:14:09 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{36815B47-A848-4FF9-B1C2-3672A06D31CD}
[2012.05.11 11:13:58 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3AC47F3B-568A-4DFD-A8E5-3F12FC12FAAE}
[2012.05.11 10:24:16 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1ABE7749-4367-4733-8D7C-76A9B867E100}
[2012.05.11 10:18:49 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1F8AD832-18C3-4E86-87E0-5836E213F0DA}
[2012.05.11 10:00:01 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E075EA29-2EAD-4B58-8C4B-C63CC0F73C27}
[2012.05.11 08:50:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4519251C-E854-492B-9DA3-5B50BE0A7A90}
[2012.05.11 08:50:31 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0976E110-010A-440F-AA14-D0D6BF1A183E}
[2012.05.10 20:38:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{43185240-A453-45F6-90FD-4B08889F8382}
[2012.05.10 19:41:20 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9E8EA6A8-A810-45FD-BBA5-88CF75CA6FF3}
[2012.05.10 18:03:51 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{78A68F4A-A060-42BA-AA9A-42A3D542E181}
[2012.05.10 18:03:30 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E205E88E-A9B1-48AE-A26E-E21ABA059612}
[2012.05.10 15:03:06 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{49317E5E-DCF0-49CE-AEDD-909CBDEEB263}
[2012.05.10 15:02:45 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8B3557C5-9ED4-4D54-8346-D5F517975885}
[2012.05.10 13:38:18 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C5892683-DE14-4BA5-8CAA-926D9C672EB4}
[2012.05.10 13:37:55 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{850C4E53-E044-4AC0-837E-7B3C56B1DDAF}
[2012.05.10 11:47:12 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{586C6FEF-68A7-438A-9388-C8EDBA175BC9}
[2012.05.10 11:46:50 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4D1FD077-FAB9-4EA8-8E1D-D77CA2C3519A}
[2012.05.10 11:28:23 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{76EE74E7-0C94-4423-A8C1-779090EF002E}
[2012.05.10 11:05:10 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{231F5D8F-AC09-474F-861D-C9721973B2B9}
[2012.05.10 11:04:49 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1C912D5D-C410-4E9E-BF84-A38EFC4FC697}
[2012.05.10 10:25:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A79CFEBB-E594-4C7F-A8DF-28104F25D190}
[2012.05.10 10:24:41 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3CDB9613-2ED2-457B-95C3-6F6C2A426A18}
[2012.05.10 10:05:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{7C322F5A-D160-41AE-9F19-BCA8A09FEC3B}
[2012.05.10 08:14:52 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{5068AC62-14F7-49C7-ACA0-045BABF36B59}
[2012.05.10 08:14:33 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9FA1E644-8E0B-47BA-97A3-819DA11567EB}
[2012.05.09 17:38:20 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9399DC5D-ACC8-4570-85A5-E63F7F592978}
[2012.05.09 17:37:58 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{23D8BE80-7976-4699-B312-965E1852CE3A}
[2012.05.09 16:34:40 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{FE2E0C8E-3E77-4792-80BF-1B64D95F47A7}
[2012.05.09 16:34:29 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4F68CBEE-7284-4FF2-A23C-371C40D75EF7}
[2012.05.09 12:10:18 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{ED7311A3-6091-4119-9C4A-7B5278BC73DF}
[2012.05.09 12:09:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{77CC069A-9268-453C-853D-A1BD64D782F5}
[2012.05.09 11:02:09 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{EAC449A8-3F96-45DB-BD51-8F9316993E94}
[2012.05.09 11:01:47 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{BCCB81D1-FE74-4273-8F84-8A128C62C7D3}
[2012.05.09 09:16:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{852EF71B-D4CB-490E-A398-9AC750D73EE2}
[2012.05.09 09:15:41 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8EE4F4D1-B87B-42C9-A923-0F3D0D263DCA}
[2012.05.08 22:29:52 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2F52BC99-3040-410A-AB17-092F3788299D}
[2012.05.08 22:16:15 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{88E6049F-2E09-4D15-B734-823C953488B8}
[2012.05.08 22:15:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{BBBF19CC-45BA-43A8-A64E-1675DEB054D7}
[2012.05.08 21:26:22 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A9A2CF99-92EB-4D8A-9988-158064198CB0}
[2012.05.08 21:25:59 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D0DA44AC-6F8C-48F0-9F24-EC77B3764313}
[2012.05.08 17:22:42 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2DCF3A5E-8EDF-498D-9F73-45CA9A419502}
[2012.05.08 17:22:19 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{15BC3C1A-06B1-42C8-A204-CD4CE2E5FD3D}
[2012.05.08 15:41:34 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3016AFF8-9B61-4A5B-8956-85F36167D4DB}
[2012.05.08 15:41:12 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A1A5ED68-B4FA-436A-848A-DD9ACF136F5F}
[2012.05.08 13:45:22 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8340721D-2DB6-4026-B65C-A72D80CE9C7D}
[2012.05.08 13:45:01 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4CE3BD25-9283-4E79-A362-DECC99447F3F}
[2012.05.08 13:11:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{32D0909F-58D2-4D70-8A7D-A87C7535F615}
[2012.05.08 13:11:30 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{595FFE8E-DD21-43AD-8833-EBE63AF1B9D2}
[2012.05.08 10:22:37 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3ED05CB1-BED6-42B2-9E4D-0C5EC6ED92F4}
[2012.05.08 10:22:15 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F4AD339B-C8C8-4A10-8EEE-492571B363DC}
[2012.05.07 21:27:47 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F88EDD84-38EB-4873-A625-ADBFBB213346}
[2012.05.07 21:00:39 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C5EB7A82-9118-4B7E-9342-7C9339AF5733}
[2012.05.07 21:00:29 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A1DC0383-46F8-4FB1-892E-FD74ACB44B71}
[2012.05.07 19:59:48 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{7BD1E531-3646-4BB7-991A-72A5C823594F}
[2012.05.07 19:59:24 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{42E9B44B-094D-4E47-AA1F-1C776A19CE74}
[2012.05.07 15:03:58 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2F192615-9F2F-4D2D-9BFF-FCBAE74642E7}
[2012.05.07 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0B559915-0469-464B-96E1-56D7CE186D95}
[2012.05.07 14:27:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D930A873-653B-41E0-9744-28DF31077386}
[2012.05.07 14:27:34 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D6FA7D2B-CBFE-444E-A61D-A913B3562AC2}
[2012.05.07 13:56:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A21A6857-FB11-47EF-B855-8C4125233F46}
[2012.05.07 13:55:41 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{23BBB9A8-312D-4419-89C4-79B9EBF87C9B}
[2012.05.07 12:17:46 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{EA1DAC33-F560-4A76-9AC4-B13F781BF205}
[2012.05.07 12:17:24 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3B23D8DB-901A-4836-A7A0-02B9E579E652}
[2012.05.07 11:11:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{27670651-BEF2-4EA8-A88B-559B1AADA285}
[2012.05.07 10:35:55 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6B1D29BF-5916-4256-BC4D-04BACCDA2A1E}
[2012.05.07 10:35:34 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{DA7CEBB1-F5B7-4C9C-8103-15FC126BC82F}
[2012.05.07 10:16:01 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1FDEE904-E041-4F9A-B4BA-0CADDFA0F7AD}
[2012.05.07 10:15:39 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6F42815D-7CD3-4FDD-A553-708FD087580F}
[2012.05.07 08:56:02 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1CD0466E-CD0C-41BF-9820-A6DE70C93B18}
[2012.05.07 08:55:39 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6F117CD2-F4CE-46DA-B3A8-07C2DAA353B2}
[2012.05.06 20:14:42 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6319B5E3-030E-4B2E-B695-206C05427C86}
[2012.05.06 20:14:31 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1A7C3000-58F5-4DA5-AA7E-CCD11317B5E2}
[2012.05.06 20:13:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E734CB88-23EC-4E23-8E03-F1C76B9CF110}
[2012.05.06 20:03:28 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{360E4314-0F56-4ADC-A653-F5BE585A2454}
[2012.05.06 20:03:07 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{69A1D156-E1A2-4107-BF15-CB20907D6992}
[2012.05.06 17:58:01 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{7B620A09-7B6D-4676-9ADF-6C018C05C3C4}
[2012.05.06 17:57:40 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B7975320-C31F-4437-853C-C54C836170DD}
[2012.05.06 17:21:45 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{26F3E1CC-FF2B-4BF0-81B9-2D2F7FBBD9D8}
[2012.05.06 16:31:00 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{7FF457EB-C95F-4539-98FA-5641DEB4F47C}
[2012.05.06 16:30:38 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{7A13062B-0D57-4696-BA08-20D6C505BFE1}
[2012.05.06 16:00:17 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{36371AD3-6E44-4ED5-BD78-DC5B611CE962}
[2012.05.06 15:59:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A171FD44-FA88-4ED6-A640-08AE38B9A097}
[2012.05.06 14:47:54 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4C8FB5F6-04E0-46DF-8BA7-AD468F11A2AD}
[2012.05.06 14:40:43 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{863F9346-1471-4701-A42B-D743B530E7DE}
[2012.05.06 14:23:25 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C0446758-98CB-433A-9D4B-B45DDAC88E0C}
[2012.05.06 14:23:15 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A452E53F-41B8-4640-8656-05039781134F}
[2012.05.06 14:10:28 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{900BA2AF-20BD-4386-8F51-19371C9E0D0B}
[2012.05.06 14:10:06 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3A4BB5E9-490E-4D0F-8849-720B40E4D612}
[2012.05.06 13:07:36 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2BE70C0E-6027-44AA-81B9-C50DEE327311}
[2012.05.06 13:07:14 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9461BD85-D419-48E1-853B-3FD0236A4AD2}
[2012.05.06 11:19:18 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{05362B8B-AC3B-4DA8-A644-95674E6535EF}
[2012.05.06 11:18:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3021883C-0987-4526-A486-D04BA8A47F78}
[2012.05.05 17:49:50 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6848EF48-6459-4A57-8050-F5E71E4DB728}
[2012.05.05 17:49:28 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{196F56B1-1B81-494A-ACF4-AA2B0499F5C0}
[2012.05.05 16:50:42 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6B387F78-E0C7-403D-941F-49F29E8491F0}
[2012.05.05 16:50:20 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9FD225B4-7DB2-4FD5-85A5-0750F4213FF8}
[2012.05.05 14:23:09 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{66FA493D-51C1-42CE-8623-0544026C6E0B}
[2012.05.05 14:22:47 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0F610F05-D1EA-4570-88E2-F0B59D6F3C80}
[2012.05.05 14:12:26 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{02BDB5C5-43FD-4D53-9C89-1F14C421F48A}
[2012.05.05 14:10:10 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2A57202B-780C-44EF-BB72-6EBD62343D35}
[2012.05.05 14:09:48 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{81B3E19F-38A0-4195-BAD0-EA639C73434C}
[2012.05.05 13:46:19 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{86D1FA25-0305-49F6-97D7-EAA6948AF2C3}
[2012.05.05 13:45:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{20DBB036-01EB-4982-93F2-ABFFFB111179}
[2012.05.05 13:28:12 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C00B5C87-7DDB-4E00-ADAA-F3601085966D}
[2012.05.05 11:07:19 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9133D96F-05D2-4182-8CF3-3DF628AA7AC0}
[2012.05.05 11:06:54 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8528E100-F294-4C8C-B0F2-D8611A951095}
[2012.05.05 10:04:49 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{30B53A7B-A84E-40F8-8CD4-2EB8AC03E79B}
[2012.05.05 08:46:10 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{714AF90B-5DEF-49DD-AF9F-3B3B8A031F73}
[2012.05.05 08:45:48 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{45B73F91-AFE7-465E-89E2-47E232E29BCC}
[2012.05.04 21:54:20 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{7CDEB09B-25FD-431E-95A4-FA63A9C1423F}
[2012.05.04 21:53:59 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{06C7DD18-A283-46E1-B5EE-E61044014914}
[2012.05.04 21:02:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A899BE83-83F4-48C2-8312-4672FB175377}
[2012.05.04 19:49:29 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A2272B9F-4707-4504-BFA4-C76A70073670}
[2012.05.04 19:49:06 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{31C6322E-8F7E-4989-9AD8-1B32C1F4B6A7}
[2012.05.04 17:10:29 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B222BF4A-3E0D-4B3D-8F76-1654C841DDB1}
[2012.05.04 17:10:06 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D9A9AF27-75EC-40FE-A47D-9C814895B9C6}
[2012.05.04 14:28:15 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0C7D4F9E-60F9-442F-83E3-353052BECA78}
[2012.05.04 14:27:52 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{79E12A7E-3A78-43B6-85FA-15433AAC24E7}
[2012.05.04 09:28:31 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D04C7C83-DBA3-4CBD-86AB-12D2E36650ED}
[2012.05.04 09:28:09 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4C9EC0A0-F470-4E5A-90F4-626E089C496B}
[2012.05.03 18:33:51 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D0432769-A14F-47F1-BE31-D6B29FC9E9D3}
[2012.05.03 18:33:28 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3CA90F15-0D7B-48B4-8BEC-02A06F43B9BD}
[2012.05.03 16:48:37 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B4E51AFE-D513-403F-B81C-D91A10AA873C}
[2012.05.03 16:32:13 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{EBD3682D-6D70-4BC8-897A-F1C01A9FBDE7}
[2012.05.03 16:31:51 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{8FC02A4B-7F96-4E6F-872F-A91A776051D1}
[2012.05.03 15:53:38 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{160CB6E8-7A4F-4A0A-8516-7EEBFF599AEA}
[2012.05.03 15:37:48 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{5F0C2BD5-2CA2-4F35-8E4C-0819DD8166A8}
[2012.05.03 15:37:26 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{EEA95213-0129-42DF-94D1-E1D28E06F0B6}
[2012.05.03 15:26:23 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{02D72FF2-7635-4740-B4FD-10FA87D02596}
[2012.05.03 15:26:01 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2AF44B0B-EDEB-4FB6-A7C5-54E93C188627}
[2012.05.03 15:09:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6819A8FE-19AE-48EB-9E47-F109BF747021}
[2012.05.03 15:09:32 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{75B87AD0-00BF-4D0B-A5D0-CA535F9D0AF6}
[2012.05.03 14:43:45 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0324C1EF-6827-4063-9A1C-4EA47727E573}
[2012.05.03 14:43:24 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3EC694FE-8597-4D2A-9385-A627DADDCE04}
[2012.05.03 13:12:55 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{34D24274-9497-4E29-88F4-40622EF97372}
[2012.05.03 13:12:33 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F2ABA762-E9BF-43F0-8EF8-B7305FBC1EE8}
[2012.05.03 11:44:02 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E426819E-94F5-4F0F-BAAF-5580E5250CF2}
[2012.05.03 11:43:40 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{76AC2EC3-3689-467E-A6EE-A2B002ED60A5}
[2012.05.03 11:41:44 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{FDD6B722-C907-4062-A98E-BB9E7B741ED0}
[2012.05.03 11:12:28 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{890A9BDB-86DA-403E-8435-902EAC42237D}
[2012.05.03 11:12:07 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{BF95EE4D-3415-4703-9AE7-7F4593268FB4}
[2012.05.03 08:13:22 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{EE65D24D-36B4-403D-B319-3A510B1BC012}
[2012.05.03 08:13:00 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{18349B0C-DFF4-4E3A-8509-A2E93945EF01}
[2012.05.02 23:03:56 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F6B8EB20-E5E4-4090-A147-BB7E704F9DA2}
[2012.05.02 23:03:46 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C99362BB-B7BD-4BC8-8AC4-360995AA4E95}
[2012.05.02 21:12:11 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E3573892-F488-4953-B72A-92D589A6B666}
[2012.05.02 21:11:49 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1163D44B-C227-4743-8296-FF1537544BCC}
[2012.05.02 21:10:16 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{98B50064-E606-4691-BE18-A73369B5E9BA}
[2012.05.02 17:37:59 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{DC53EAB6-0F56-4179-ABD8-3DD5D4E19891}
[2012.05.02 17:37:37 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{31F6F1A8-DE0F-490E-B0F3-0903716FC807}
[2012.05.02 16:16:38 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{CD4BDF3A-7BCF-414F-B799-EABDB837B33E}
[2012.05.02 16:16:16 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{056348E0-C663-4317-B040-2193D1491DE8}
[2012.05.02 14:41:34 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B95F9269-46E1-49A9-AC99-6BFEE847D513}
[2012.05.02 14:41:13 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B789889D-DD36-43B5-B539-2F3F1E69A075}
[2012.05.02 13:12:25 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{5D71CB35-FCB3-4E40-A47B-211FBF58A907}
[2012.05.02 12:48:05 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{91C21659-F7E3-4DEB-BED3-EE8F9916E4AD}
[2012.05.02 11:25:40 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D23560FB-11CB-46B7-B17B-ADCC48D8A735}
[2012.05.02 11:25:18 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{2C0C74B6-F526-4B94-996F-F63E9DB23C22}
[2012.05.02 11:03:58 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{047D45B6-8F36-46B7-AB5F-B8C84D0E3E1E}
[2012.05.02 11:03:36 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D34E1FD8-9D4A-4251-8E53-8641E1D1B041}
[2012.05.02 11:01:02 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A0F1956E-A62E-48A2-ABF4-18153B3FD11B}
[2012.05.02 11:00:40 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B2E4B3E3-7226-4D65-A130-FBFDF2C31E84}
[2012.05.02 10:42:49 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A954ABAB-F4B6-4847-A33C-86D9F7F8C806}
[2012.05.02 10:17:24 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B9BD8C68-7C34-4366-BAC4-F4742AAAE001}
[2012.05.02 10:17:14 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6756F3EB-C9FB-4ABA-9395-56E743ACD40A}
[2012.05.02 10:02:15 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A4BB59F5-E793-4B8F-8429-402CE65A5BA6}
[2012.05.02 10:01:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{5A913478-0B36-402A-8C4D-172DEA6C2382}
[2012.05.02 09:40:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{59E6D643-E0F8-48F8-9C13-3759B0B7F022}
[2012.05.02 09:40:35 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6F4FEEC0-4810-46CC-BC95-E1DCE78DDBE6}
[2012.05.02 09:30:55 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E19B8728-D7FE-472A-853F-061532917963}
[2012.05.02 09:30:45 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9DB52C75-9EFE-4A47-ACF2-84551EC5478F}
[2012.05.02 08:58:43 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{5AF3EA0D-2EE7-490E-B5FB-D74510FBB383}
[2012.05.02 08:58:21 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{13A63180-3270-4F9E-8A2C-0A18ED2BABA6}
[2012.05.02 08:32:15 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A8D01CB2-A9EA-460C-B2AC-A39A07073B0B}
[2012.05.02 08:31:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{03B1E90D-8B1B-4347-915E-4D7D9C3C0EB3}
[2012.05.01 23:51:32 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F5E12E48-41EE-421B-AC9A-0CF08F6648D3}
[2012.05.01 23:51:11 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{00FB2A33-CD65-42DD-9995-1BD1C845B9A1}
[2012.05.01 19:32:15 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{5D9C8D91-8F36-4C55-A4E5-0AAF375C755A}
[2012.05.01 19:31:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{381F1162-D6C2-4DE3-8CAC-D6A9A9119BC7}
[2012.05.01 19:16:20 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D589C444-6999-45B2-BE93-656B759C083B}
[2012.05.01 18:08:42 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F6D67715-4A30-427D-B8DF-3A73DC6DFB11}
[2012.05.01 18:08:21 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E878B1D2-5D58-4789-9E3B-D69551339E40}
[2012.05.01 17:46:54 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4D04ED97-9A6D-4D0A-8043-C0D74D3C85E7}
[2012.05.01 17:02:50 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{BE06EB67-CEF2-4081-8E34-6CDAADB1DF41}
[2012.05.01 17:02:29 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{7B9E6F20-6107-4CAF-AAC1-B87485E1E5B5}
[2012.05.01 16:44:21 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{F9B2A582-20D5-4A89-9742-8473A96E6443}
[2012.05.01 16:43:59 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{202E4AEF-30EB-4A1D-A441-1C1633E93873}
[2012.05.01 15:59:02 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{531A6141-03D7-49CC-A2AD-CBCBF744E962}
[2012.05.01 15:58:40 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6F8776F2-F0D1-4596-B6A9-B32A8CD95128}
[2012.05.01 15:25:39 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{4A91203A-C212-4BEA-A9E6-77E7B67328AF}
[2012.05.01 14:12:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E530942B-9CAB-4E61-9751-0C46290F2A50}
[2012.05.01 14:12:35 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B3253A26-55FD-4B13-980F-9DDB8581D884}
[2012.05.01 11:47:40 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{90B09AD5-737D-4CC6-A318-87F7C48032A3}
[2012.05.01 11:47:18 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{81B78B87-7CBB-43F2-95AD-1D097D72D6CA}
[2012.05.01 09:40:52 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{957E0448-4E1B-46B7-BE3A-35F3359CD8B2}
[2012.05.01 09:40:31 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6BC278D9-260C-4D1F-BC3B-7DBC67D0D69E}
[2012.04.30 20:50:07 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{19924D40-5778-4537-B8D9-130BF15B194F}
[2012.04.30 20:49:46 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{5AF57097-105F-40D8-841D-E55B734DFBBB}
[2012.04.30 19:19:08 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{1461BD9C-8631-4255-9F56-2D2C44D94BC0}
[2012.04.30 19:18:47 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{62CE3328-FA23-4F19-B4CB-1D8CC6440017}
[2012.04.30 17:40:09 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{12E55AE8-6CA0-4C19-858E-AD136657CB59}
[2012.04.30 17:39:47 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E0A74F56-70FD-4920-ABE4-D1C9E87978DC}
[2012.04.30 16:55:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0109A97A-9A7A-4629-87C8-A7897DC7CF32}
[2012.04.30 16:54:49 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{45B41BFF-4CF3-48AD-8D5B-CE5CD2E6D0AD}
[2012.04.30 16:15:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0F43B0B2-4D0B-4204-AF75-D2AB03663410}
[2012.04.30 16:14:41 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0FE56A96-BF07-457A-9FF9-7D18531870ED}
[2012.04.30 15:04:57 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A173567D-DA65-4F6C-9F0E-9D45E2934988}
[2012.04.30 15:04:36 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{52A87637-842F-41F0-BDFB-A1708C96A0AD}
[2012.04.30 11:51:08 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{43E14B9B-0D4D-4BCE-A8C2-BD372DE28705}
[2012.04.30 11:50:47 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{60159523-6861-4B7E-A3AF-2265980D82F7}
[2012.04.30 11:40:01 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C377D8EB-1F6E-4A06-9008-5C8DC1B1DAA7}
[2012.04.30 11:39:51 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{B1546157-4FA2-4721-A0EA-7EE8E8DB7DC6}
[2012.04.30 11:39:16 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{CF3ACB61-9D96-4B68-9A0E-8A830FD9CAB4}
[2012.04.30 11:38:54 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C8FB7B15-3199-45B3-8177-C2234848846D}
[2012.04.30 11:11:08 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{22659F5B-6006-47AC-ABEE-95537D5213D2}
[2012.04.30 11:10:47 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{78218E4A-26B9-4108-803B-4412DC0EBBE0}
[2012.04.30 10:04:23 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3270CBBB-649D-412E-8696-6ECB119B11E6}
[2012.04.30 10:04:01 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{BE2009DF-CB57-43AC-B391-60EBACB2281A}
[2012.04.30 09:13:34 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{776E9D30-5E3D-4C4D-841F-BD73050088D8}
[2012.04.30 08:58:10 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{9009B97C-08EE-4011-B5DB-AC63518C2F83}
[2012.04.30 08:57:48 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{6381CB23-4D20-489B-B626-624158B72D3A}
[2012.04.29 21:12:03 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C17F7961-FCBE-4B77-99F4-4F9F70E4F7A7}
[2012.04.29 21:11:53 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{D1AB2362-B591-47CB-8D83-FEBED561E9AB}
[2012.04.29 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{DEF6E506-1B42-4776-ABFE-87DFBF49ACE2}
[2012.04.29 21:03:05 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{E7E0AB84-F4FE-4345-AAD1-9FBAA45152A2}
[2012.04.29 19:25:06 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{0AE6B320-00B5-44CD-AB7F-F8F22846D943}
[2012.04.29 19:24:45 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{A91B3F5C-36D0-4638-8930-8AE0FA9D56DD}
[2012.04.29 17:52:42 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{3860351B-CC2F-4191-B3FB-241049A3F04B}
[2012.04.29 17:52:19 | 000,000,000 | ---D | C] -- C:\Users\xx\AppData\Local\{C2D44593-BA5C-4DDA-96D8-09F0C2CF46A1}
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.29 17:39:44 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\xx\Desktop\OTL.exe
[2012.05.29 17:38:22 | 000,000,000 | ---- | M] () -- C:\Users\xx\defogger_reenable
[2012.05.29 17:37:01 | 000,050,477 | ---- | M] () -- C:\Users\xx\Desktop\Defogger.exe
[2012.05.29 17:23:37 | 000,011,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.29 17:23:37 | 000,011,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.29 17:14:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.29 17:14:54 | 2414,481,408 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.28 14:27:26 | 001,812,736 | ---- | M] () -- C:\Users\xx\Desktop\InVeKoS_2012_Einführung.pdf
[2012.05.28 10:04:19 | 000,007,411 | ---- | M] () -- C:\Users\xx\Desktop\328_5026_1854_Bestätigung der Annahme UStVA 2012 - 1. Quartal_ElsterOnline6.pdf
[2012.05.25 15:09:23 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.25 15:09:23 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.25 15:09:23 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.25 15:09:23 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.02 09:30:21 | 000,507,372 | ---- | M] () -- C:\Users\xx\Desktop\Scannen0038.pdf
 
========== Files Created - No Company Name ==========
 
[2012.05.29 17:38:22 | 000,000,000 | ---- | C] () -- C:\Users\xx\defogger_reenable
[2012.05.29 17:37:01 | 000,050,477 | ---- | C] () -- C:\Users\xx\Desktop\Defogger.exe
[2012.05.28 14:27:25 | 001,812,736 | ---- | C] () -- C:\Users\xx\Desktop\InVeKoS_2012_Einführung.pdf
[2012.05.28 10:04:19 | 000,007,411 | ---- | C] () -- C:\Users\xx\Desktop\328_5026_1854_Bestätigung der Annahme UStVA 2012 - 1. Quartal_ElsterOnline6.pdf
[2012.05.02 09:30:21 | 000,507,372 | ---- | C] () -- C:\Users\xx\Desktop\Scannen0038.pdf
[2012.04.05 13:29:53 | 000,299,073 | ---- | C] () -- C:\Windows\System32\PythonCOM21.dll
[2012.04.05 13:29:53 | 000,065,536 | ---- | C] () -- C:\Windows\System32\PyWinTypes21.dll
[2011.12.29 20:45:35 | 000,000,138 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.12.29 17:57:12 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011.12.29 17:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.16 11:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.09.16 11:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.09.16 11:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.09.16 11:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.09.16 11:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.05.13 10:04:16 | 000,208,896 | ---- | C] () -- C:\Windows\System32\LXPrnUtil10.dll
[2011.05.13 10:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\System32\dnt27VC8.dll
[2011.05.13 10:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dntvmc27VC8.dll
[2011.05.13 10:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dntvm27VC8.dll
[2011.05.01 19:35:30 | 000,167,018 | ---- | C] () -- C:\Windows\hpwins05.dat
[2011.05.01 01:32:09 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011.05.01 01:32:09 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2011.04.30 16:15:52 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.04.12 03:30:05 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 03:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 03:30:05 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 03:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.11.20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010.06.11 10:57:08 | 000,024,456 | ---- | C] () -- C:\Windows\System32\TALDM32A.dll
[2010.06.11 10:57:06 | 000,052,616 | ---- | C] () -- C:\Windows\System32\TAL12832.DLL
[2010.06.11 10:57:06 | 000,022,920 | ---- | C] () -- C:\Windows\System32\TALDM32.DLL
[2010.06.11 10:57:00 | 000,042,376 | ---- | C] () -- C:\Windows\System32\SBSPAINT.DLL
[2010.06.11 10:56:58 | 000,255,368 | ---- | C] () -- C:\Windows\System32\SBSPAIN3.DLL
[2010.06.11 10:56:56 | 000,050,568 | ---- | C] () -- C:\Windows\System32\SBSPAIN2.DLL
[2010.06.11 10:56:54 | 000,075,656 | ---- | C] () -- C:\Windows\System32\ENCODE32.DLL
 
========== LOP Check ==========
 
[2011.12.29 17:39:22 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\Easy Thumbnails
[2012.03.12 15:53:23 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\elsterformular
[2012.04.05 13:33:30 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\ESRI
[2012.05.26 22:27:56 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\Hepou
[2012.01.28 15:07:23 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\ICQ
[2012.01.07 18:46:26 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\Lexware
[2011.12.29 17:39:23 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\MAXON
[2011.12.29 17:39:31 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\Nemetschek
[2011.12.29 17:39:31 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\PlagiarismFinder
[2011.12.29 17:39:31 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\Samsung
[2011.12.30 11:17:00 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\Windows Live Writer
[2012.05.29 17:36:14 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\Xosaax
[2012.05.26 22:27:56 | 000,000,000 | ---D | M] -- C:\Users\xx\AppData\Roaming\Xoyz
[2012.05.28 16:33:17 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
< End of report >
--- --- ---
 

Themen zu Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar
adobe, antivir, asus, aufrufe, autorun, avira, bho, bonjour, defender, document, error, explorer, firefox, format, google, google earth, google startseite, helper, logfile, microsoft, object, plug-in, programme, registry, searchscopes, senden, temp, version=1.0, wallpaper, windows, winlogon, wmp


« Sie haben sich mit einem Windows-Verschlüsselungs Trojaner infiziert | Avira findet Malware "TR/ATRAPS.Gen", kann nicht gelöscht werden, kommt immer wieder? »


Ähnliche Themen: Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar


  1. Eigene Dateien nicht mehr aufrufbar! Desktop, Dokumente etc.
    Plagegeister aller Art und deren Bekämpfung - 09.04.2015 (15)
  2. Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar
    Log-Analyse und Auswertung - 28.08.2014 (5)
  3. Windows 7: Viele Webseiten sporadisch nicht aufrufbar oder langsam, Google Earth findet Server nicht
    Log-Analyse und Auswertung - 12.12.2013 (17)
  4. Windows 7 öffnet machne Webseiten nicht mehr !
    Plagegeister aller Art und deren Bekämpfung - 15.10.2013 (5)
  5. Google leitet mich auf falsche Webseiten + Microsoft Security Essentials lässt sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 30.01.2013 (18)
  6. Sicherheitsrelevante Webseiten nicht aufrufbar
    Log-Analyse und Auswertung - 07.01.2013 (5)
  7. Webseiten von Microsoft, Avira etc. nicht aufrufbar
    Log-Analyse und Auswertung - 27.12.2012 (7)
  8. Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.09.2012 (9)
  9. Firefox , taskmngr , regedit & progammer nicht mehr aufrufbar
    Log-Analyse und Auswertung - 07.09.2011 (1)
  10. Ich komme auf einige webseiten nicht mehr drauf!!
    Plagegeister aller Art und deren Bekämpfung - 21.02.2011 (5)
  11. Avira Antivir startet nicht mehr - Download von Dateien nicht mehr möglich
    Log-Analyse und Auswertung - 06.10.2010 (34)
  12. Komme von buch.de nicht mehr auf andere Webseiten
    Log-Analyse und Auswertung - 16.03.2010 (22)
  13. avira plötzlich nicht mehr aktiv und lässt sich nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 24.12.2009 (13)
  14. Google Links und leider mehr - einige Seiten nicht aufrufbar
    Plagegeister aller Art und deren Bekämpfung - 03.10.2008 (13)
  15. Diverse Domains nicht mehr aufrufbar! Bitte um Prüfung des HJ Logfiles
    Log-Analyse und Auswertung - 02.03.2007 (1)
  16. Windows ME Systemsteuerungsoptionen nicht aufrufbar + Fehler bei Microsoft-Install.
    Alles rund um Windows - 22.08.2005 (7)
  17. Webseiten nicht mehr zu öffnen - HILFE!!!
    Plagegeister aller Art und deren Bekämpfung - 30.01.2005 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar - Hallo, ich kann Webseiten von microsoft, avira etc. nicht mehr aufrufen. Werde entweder auf die google Startseite oder eine google Fehlerseite (404) geleitet. Die Vermutung liegt also nahe, dass ich - Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar...

Alle Zeitangaben in WEZ +1. Es ist jetzt 21:18 Uhr.

Kontakt - Trojaner-Board - Archiv - Datenschutzerklärung - Nach oben

Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131