Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Google Links verweisen auf andere Seiten und Laptop sehr langsam (https://www.trojaner-board.de/97778-google-links-verweisen-andere-seiten-laptop-sehr-langsam.html)

Espi 20.04.2011 22:10
Google Links verweisen auf andere Seiten und Laptop sehr langsam
 
Erstmal Hallo und liebe Grüsse an alle,

wie im Titel schon beschrieben habe ich seit ein paar Tagen ein Problem mit meinem Laptop. Ich habe mich schon etwas bei google sowie auch hier im Forum umgesehen aber leider hat mir das nicht viel weiter geholfen.

Nun aber zu meinem Problem, und zwar hat alles damit angefangen, dass die Links bei Google mich auf völlig andere seiten geschickt haben wie versprochen.
Kurz darauf fing mein Laptop an immer langsamer zu werden, mittlerweile ist es ganz schlimm, er braucht ewigkeiten um Programme zu Starten und er ist auch fast immer voll ausgelastet.

Ich würde mich freuen wenn mir jemand dabei helfen kann, ich habe auch ein HijackThis erstellt.

Wenn ihr noch etwas braucht einfach bescheit sagen, aber ich habe leider nicht sehr viel Ahnung von dem ganzen und würde euch bitten das zu berücksichtigen. :blabla:
Danke jetzt schonmal :D

Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:45:48, on 20.04.2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\Kbibua.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Flo\Downloads\HiJackThis204.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\WerFault.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.nexon.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Users\Flo\AppData\Roaming\appconf32.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Akenovab] rundll32.exe "C:\Users\Flo\AppData\Local\irocinexilahet.dll",Startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [NexonPlug] C:\Nexon\NexonPlug\NexonPlug.exe
O4 - HKCU\..\Run: [0ESKOMO9JO] C:\Users\Flo\AppData\Local\Temp\Kxh.exe
O4 - HKCU\..\Run: [Lredun] rundll32.exe  "C:\Users\Flo\AppData\Local\WMPDant.dll",Startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Flo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - hxxp://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
 
--
End of file - 6370 bytes
Entschuldigung bitte wegen des Doppelposts, bin leider ein paar minuten zu spät. Aber ich habe grade gelesen, dass HijackThis nur sehr oberflächlich ist, darum habe ich noch einen Scan mit OTS gemacht, ich hoffe das hilft weiter ;D

Code:
OTL logfile created on: 20.04.2011 23:44:16 - Run 2
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Flo\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 420,56 Gb Total Space | 354,28 Gb Free Space | 84,24% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 17,89 Gb Free Space | 59,14% Space Free | Partition Type: NTFS
 
Computer Name: FLO-PC | User Name: Flo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.04.20 23:43:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Flo\Downloads\OTL(2).exe
PRC - [2011.04.17 15:21:33 | 000,170,496 | ---- | M] () -- C:\Users\Flo\AppData\Local\Temp\Kxh.exe
PRC - [2011.04.17 15:21:31 | 000,157,696 | ---- | M] () -- C:\Windows\Kbibua.exe
PRC - [2011.03.26 13:13:25 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.12.08 15:15:35 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.05 14:56:29 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.05.07 16:40:06 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.05.07 16:38:14 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2005.03.09 21:50:18 | 000,018,944 | ---- | M] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusbd-nt.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.04.20 23:43:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Flo\Downloads\OTL(2).exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010.12.08 15:15:35 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.05 14:56:29 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.06.17 23:50:00 | 003,890,920 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010.06.13 18:24:25 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.05.07 16:38:14 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.05.07 16:34:32 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005.03.09 21:50:18 | 000,018,944 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Auto | Running] -- C:\Windows\System32\libusbd-nt.exe -- (libusbd)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.02.11 16:30:18 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.02.11 16:30:18 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.12.20 14:07:20 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.25 14:10:47 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.14 23:19:30 | 000,044,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\funfrm.sys -- (funfrm)
DRV - [2010.06.13 19:16:08 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.25 11:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.02.03 16:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.01.20 06:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009.09.14 20:04:28 | 000,217,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.13 16:32:18 | 001,759,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007.02.16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.03.09 21:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.nexon.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 73 8B 74 6C 1F 0B CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {1E78A8C2-440C-47C8-A6A3-8F71615534DC}:1.9.1
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
 
FF - HKLM\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Flo\AppData\Roaming\5015 [2011.04.17 16:07:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{1E78A8C2-440C-47C8-A6A3-8F71615534DC}: C:\Users\Flo\AppData\Local\{1E78A8C2-440C-47C8-A6A3-8F71615534DC} [2011.04.17 17:30:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.26 13:13:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.26 13:13:25 | 000,000,000 | ---D | M]
 
[2010.06.13 20:39:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Extensions
[2011.04.20 22:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\6jfzhmyu.default\extensions
[2010.07.17 19:28:13 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\6jfzhmyu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.20 22:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.12.16 11:16:33 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.06.13 20:52:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.16 11:16:33 | 000,000,000 | ---D | M] (Skype extension) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
[2010.06.13 20:52:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.04.17 17:30:19 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\FLO\APPDATA\LOCAL\{1E78A8C2-440C-47C8-A6A3-8F71615534DC}
[2011.04.17 16:07:30 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\FLO\APPDATA\ROAMING\5015
[2010.06.13 20:52:35 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
Hosts file not found
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Akenovab] C:\Users\Flo\AppData\Local\irocinexilahet.dll (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [0ESKOMO9JO] C:\Users\Flo\AppData\Local\Temp\Kxh.exe ()
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Lredun] C:\Users\Flo\AppData\Local\WMPDant.dll (Acronis)
O4 - HKCU..\Run: [NexonPlug] C:\Nexon\NexonPlug\NexonPlug.exe (Nexon Korea Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Flo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Users\Flo\AppData\Roaming\appconf32.exe) - C:\Users\Flo\AppData\Roaming\appconf32.exe ()
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.20 19:37:14 | 000,000,000 | ---D | C] -- C:\xmldm
[2011.04.20 19:37:14 | 000,000,000 | ---D | C] -- C:\kock
[2011.04.20 19:16:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2011.04.17 17:30:19 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\{1E78A8C2-440C-47C8-A6A3-8F71615534DC}
[2011.04.17 16:24:42 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\UAs
[2011.04.17 16:07:30 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\5015
[2011.04.17 16:07:17 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\xmldm
[2011.04.17 16:07:10 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\kock
[2011.04.17 15:33:14 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ElcomSoft
[2011.04.17 15:09:09 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\GetRightToGo
[2011.04.17 15:09:09 | 000,000,000 | ---D | C] -- C:\Users\Flo\Documents\Downloads
[2011.04.14 17:02:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.14 17:02:47 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.14 17:02:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.14 17:02:43 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.14 17:02:35 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.14 17:02:35 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.14 17:02:35 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.14 17:02:35 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.14 17:02:35 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.14 17:02:35 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.14 17:02:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.14 17:02:35 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.14 17:02:35 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.14 17:02:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.14 17:02:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.14 17:01:51 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011.04.14 17:01:50 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.14 17:01:49 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.09 10:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.5
[2011.04.09 10:19:00 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll
[2011.04.08 21:58:43 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\RevivalOfSilence
[2011.04.08 17:46:25 | 000,114,176 | ---- | C] (CPUID) -- C:\Windows\System32\PCWizard.cpl
[2011.04.08 17:46:25 | 000,000,000 | ---D | C] -- C:\Windows\Java
[2011.04.08 17:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2011.04.08 16:56:19 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\realtech_VR
[2011.04.08 16:56:02 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2011.04.08 16:50:51 | 000,000,000 | ---D | C] -- C:\ProgramData\realtech VR
[2011.04.08 16:50:39 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR
[2011.04.08 16:50:39 | 000,000,000 | ---D | C] -- C:\Programme\realtech VR
[2011.04.08 16:39:54 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\GIANTS Editor 4.1.7
[2011.03.31 02:05:43 | 000,000,000 | ---D | C] -- C:\Nexon
[2011.03.29 15:53:32 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A320
[2011.03.29 15:50:43 | 000,000,000 | ---D | C] -- C:\A320
[2011.03.28 15:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011.03.27 19:49:57 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\Neuer Ordner
[2011.03.26 13:12:55 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011.03.22 22:31:24 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\HELI-X
[2010.06.13 23:50:29 | 000,196,608 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Flo\AppData\Roaming\*.tmp files -> C:\Users\Flo\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.20 23:59:06 | 000,000,242 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.04.20 23:54:03 | 000,000,278 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.04.20 23:44:28 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.20 23:44:28 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.20 23:39:40 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011.04.20 23:39:24 | 000,000,304 | -HS- | M] () -- C:\Windows\tasks\Ubpbft.job
[2011.04.20 23:38:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.20 23:38:20 | 2362,900,480 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.20 22:47:45 | 000,000,228 | ---- | M] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance.job
[2011.04.20 22:26:24 | 259,841,217 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.20 19:37:03 | 000,000,120 | ---- | M] () -- C:\Users\Flo\AppData\Local\Nxojadilakizaxif.dat
[2011.04.20 19:37:01 | 000,000,000 | ---- | M] () -- C:\Users\Flo\AppData\Local\Mvapaciwiman.bin
[2011.04.17 16:07:28 | 000,236,496 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\AcroIEHelpe.dll
[2011.04.17 15:21:31 | 000,157,696 | ---- | M] () -- C:\Windows\Kbibua.exe
[2011.04.17 15:21:29 | 000,114,688 | RHS- | M] () -- C:\Windows\System32\fvecertsh.dll
[2011.04.15 16:02:40 | 003,764,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.15 11:39:03 | 000,657,666 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.15 11:39:03 | 000,618,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.15 11:39:03 | 000,131,024 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.15 11:39:03 | 000,107,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.15 11:35:56 | 039,828,936 | ---- | M] () -- C:\Windows\System32\MRT.exe
[2011.04.09 12:32:36 | 000,001,031 | ---- | M] () -- C:\Users\Flo\Desktop\RevivalOfSilence.lnk
[2011.04.01 22:46:55 | 000,260,926 | ---- | M] () -- C:\Users\Flo\Desktop\bbxjc81RT2.jpg
[2011.03.29 15:54:01 | 000,000,016 | ---- | M] () -- C:\Windows\A320.opt
[2011.03.28 13:00:57 | 000,317,189 | ---- | M] () -- C:\Users\Flo\Desktop\BILD6124.JPG
[2011.03.28 13:00:55 | 000,339,044 | ---- | M] () -- C:\Users\Flo\Desktop\BILD6125.JPG
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Flo\AppData\Roaming\*.tmp files -> C:\Users\Flo\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.04.20 22:47:45 | 000,000,228 | ---- | C] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance.job
[2011.04.20 20:39:14 | 259,841,217 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.04.17 18:06:54 | 000,002,068 | ---- | C] () -- C:\Users\Flo\Desktop\Windows Live Messenger .lnk
[2011.04.17 17:30:20 | 000,000,120 | ---- | C] () -- C:\Users\Flo\AppData\Local\Nxojadilakizaxif.dat
[2011.04.17 17:30:20 | 000,000,000 | ---- | C] () -- C:\Users\Flo\AppData\Local\Mvapaciwiman.bin
[2011.04.17 16:07:28 | 000,236,496 | ---- | C] () -- C:\Users\Flo\AppData\Roaming\AcroIEHelpe.dll
[2011.04.17 15:21:36 | 000,157,696 | ---- | C] () -- C:\Windows\Kbibua.exe
[2011.04.17 15:21:34 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.04.17 15:21:32 | 000,000,194 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.04.17 15:21:29 | 000,114,688 | RHS- | C] () -- C:\Windows\System32\fvecertsh.dll
[2011.04.17 15:21:29 | 000,000,304 | -HS- | C] () -- C:\Windows\tasks\Ubpbft.job
[2011.04.16 17:00:39 | 003,176,960 | ---- | C] () -- C:\Users\Flo\Desktop\Flyff Character Simulator.exe
[2011.04.14 17:02:43 | 000,428,032 | ---- | C] () -- C:\Windows\System32\vbscript.dll
[2011.04.14 17:01:52 | 002,331,136 | ---- | C] () -- C:\Windows\System32\win32k.sys
[2011.04.14 17:01:47 | 000,288,256 | ---- | C] () -- C:\Windows\System32\XpsGdiConverter.dll
[2011.04.09 12:32:36 | 000,001,031 | ---- | C] () -- C:\Users\Flo\Desktop\RevivalOfSilence.lnk
[2011.04.09 10:19:00 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2011.04.01 22:46:52 | 000,260,926 | ---- | C] () -- C:\Users\Flo\Desktop\bbxjc81RT2.jpg
[2011.03.29 15:54:01 | 000,000,016 | ---- | C] () -- C:\Windows\A320.opt
[2011.03.28 13:00:38 | 000,317,189 | ---- | C] () -- C:\Users\Flo\Desktop\BILD6124.JPG
[2011.03.28 13:00:28 | 000,339,044 | ---- | C] () -- C:\Users\Flo\Desktop\BILD6125.JPG
[2011.02.28 23:28:11 | 000,306,688 | ---- | C] () -- C:\Windows\IsUninst.exe
[2011.02.28 23:08:50 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.02.28 23:04:53 | 000,335,363 | ---- | C] () -- C:\Windows\IsUn0407.exe
[2011.02.24 11:48:15 | 000,276,992 | ---- | C] () -- C:\Windows\System32\wcncsvc.dll
[2011.02.23 09:38:40 | 000,442,880 | ---- | C] () -- C:\Windows\System32\XpsPrint.dll
[2011.02.11 16:27:25 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011.02.11 16:27:25 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011.02.11 13:53:45 | 000,204,288 | ---- | C] () -- C:\Windows\System32\upnp.dll
[2011.02.11 13:53:44 | 000,350,720 | ---- | C] () -- C:\Windows\System32\winhttp.dll
[2011.02.11 13:53:44 | 000,204,800 | ---- | C] () -- C:\Windows\System32\WebClnt.dll
[2011.02.11 13:53:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\wscsvc.dll
[2011.02.11 13:53:43 | 000,051,200 | ---- | C] () -- C:\Windows\System32\wscapi.dll
[2011.02.08 14:43:09 | 000,517,448 | ---- | C] () -- C:\Windows\System32\XAudio2_4.dll
[2011.02.08 14:43:09 | 000,235,352 | ---- | C] () -- C:\Windows\System32\xactengine3_4.dll
[2011.02.08 14:43:04 | 000,507,400 | ---- | C] () -- C:\Windows\System32\XAudio2_1.dll
[2011.02.08 14:43:04 | 000,238,088 | ---- | C] () -- C:\Windows\System32\xactengine3_1.dll
[2011.02.08 14:43:04 | 000,065,032 | ---- | C] () -- C:\Windows\System32\XAPOFX1_0.dll
[2011.02.08 14:43:02 | 000,479,752 | ---- | C] () -- C:\Windows\System32\XAudio2_0.dll
[2011.02.08 14:43:02 | 000,238,088 | ---- | C] () -- C:\Windows\System32\xactengine3_0.dll
[2011.02.08 14:43:00 | 000,267,272 | ---- | C] () -- C:\Windows\System32\xactengine2_10.dll
[2011.02.08 14:42:58 | 000,267,112 | ---- | C] () -- C:\Windows\System32\xactengine2_9.dll
[2011.02.08 14:42:57 | 000,266,088 | ---- | C] () -- C:\Windows\System32\xactengine2_8.dll
[2011.02.08 14:42:51 | 000,261,480 | ---- | C] () -- C:\Windows\System32\xactengine2_7.dll
[2011.02.08 14:42:51 | 000,081,768 | ---- | C] () -- C:\Windows\System32\xinput1_3.dll
[2011.02.08 14:42:50 | 000,255,848 | ---- | C] () -- C:\Windows\System32\xactengine2_6.dll
[2011.02.08 14:42:49 | 000,251,672 | ---- | C] () -- C:\Windows\System32\xactengine2_5.dll
[2011.02.08 14:42:48 | 000,237,848 | ---- | C] () -- C:\Windows\System32\xactengine2_4.dll
[2011.02.08 14:42:46 | 000,236,824 | ---- | C] () -- C:\Windows\System32\xactengine2_3.dll
[2011.02.08 14:42:46 | 000,230,168 | ---- | C] () -- C:\Windows\System32\xactengine2_2.dll
[2011.02.08 14:42:46 | 000,062,744 | ---- | C] () -- C:\Windows\System32\xinput1_2.dll
[2011.02.08 14:42:46 | 000,062,672 | ---- | C] () -- C:\Windows\System32\xinput1_1.dll
[2011.02.08 14:42:45 | 000,229,584 | ---- | C] () -- C:\Windows\System32\xactengine2_1.dll
[2011.02.08 14:42:26 | 000,230,096 | ---- | C] () -- C:\Windows\System32\xactengine2_0.dll
[2011.01.20 14:28:43 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys
[2011.01.12 19:32:08 | 001,619,456 | ---- | C] () -- C:\Windows\System32\WMVDECOD.DLL
[2011.01.12 19:32:07 | 000,135,168 | ---- | C] () -- C:\Windows\System32\XpsRasterService.dll
[2011.01.02 21:26:17 | 000,000,036 | ---- | C] () -- C:\Windows\mafosav.INI
[2010.12.16 11:22:58 | 000,496,128 | ---- | C] () -- C:\Windows\System32\taskschd.dll
[2010.12.16 11:22:58 | 000,351,232 | ---- | C] () -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.16 11:22:57 | 000,305,152 | ---- | C] () -- C:\Windows\System32\taskcomp.dll
[2010.12.16 11:22:32 | 000,314,368 | ---- | C] () -- C:\Windows\System32\webio.dll
[2010.12.04 13:07:38 | 000,193,210 | ---- | C] () -- C:\Windows\hphins34.dat
[2010.12.04 13:07:38 | 000,000,532 | ---- | C] () -- C:\Windows\hphmdl34.dat
[2010.12.02 15:13:59 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.10.23 15:31:27 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010.10.23 15:31:27 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010.10.23 15:31:27 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010.10.14 21:27:23 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010.10.14 21:27:23 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2010.10.14 21:27:23 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2010.10.13 22:05:30 | 011,406,848 | ---- | C] () -- C:\Windows\System32\wmp.dll
[2010.10.13 22:05:29 | 012,625,408 | ---- | C] () -- C:\Windows\System32\wmploc.DLL
[2010.10.13 22:05:17 | 000,738,816 | ---- | C] () -- C:\Windows\System32\wmpmde.dll
[2010.08.31 20:52:12 | 000,437,951 | ---- | C] () -- C:\Windows\svchost.exe
[2010.08.26 00:09:06 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.07.06 22:24:56 | 000,305,152 | ---- | C] () -- C:\Windows\System32\Neuz.exe.gz
[2010.07.06 17:02:56 | 000,398,848 | ---- | C] () -- C:\Windows\System32\TVWizudlg.exe
[2010.07.06 17:02:56 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010.07.06 16:50:40 | 000,527,192 | ---- | C] () -- C:\Windows\System32\XAudio2_7.dll
[2010.07.06 16:50:40 | 000,239,960 | ---- | C] () -- C:\Windows\System32\xactengine3_7.dll
[2010.07.06 16:50:40 | 000,074,072 | ---- | C] () -- C:\Windows\System32\XAPOFX1_5.dll
[2010.07.06 16:50:39 | 000,528,216 | ---- | C] () -- C:\Windows\System32\XAudio2_6.dll
[2010.07.06 16:50:39 | 000,515,416 | ---- | C] () -- C:\Windows\System32\XAudio2_5.dll
[2010.07.06 16:50:39 | 000,238,936 | ---- | C] () -- C:\Windows\System32\xactengine3_6.dll
[2010.07.06 16:50:39 | 000,074,072 | ---- | C] () -- C:\Windows\System32\XAPOFX1_4.dll
[2010.07.06 16:50:38 | 000,238,936 | ---- | C] () -- C:\Windows\System32\xactengine3_5.dll
[2010.07.06 16:50:37 | 000,069,464 | ---- | C] () -- C:\Windows\System32\XAPOFX1_3.dll
[2010.07.06 16:50:36 | 000,514,384 | ---- | C] () -- C:\Windows\System32\XAudio2_3.dll
[2010.07.06 16:50:36 | 000,070,992 | ---- | C] () -- C:\Windows\System32\XAPOFX1_2.dll
[2010.07.06 16:50:35 | 000,509,448 | ---- | C] () -- C:\Windows\System32\XAudio2_2.dll
[2010.07.06 16:50:35 | 000,238,088 | ---- | C] () -- C:\Windows\System32\xactengine3_2.dll
[2010.07.06 16:50:35 | 000,235,856 | ---- | C] () -- C:\Windows\System32\xactengine3_3.dll
[2010.07.06 16:50:35 | 000,068,616 | ---- | C] () -- C:\Windows\System32\XAPOFX1_1.dll
[2010.06.14 23:19:32 | 000,626,688 | ---- | C] () -- C:\Windows\msvcr80.dll
[2010.06.14 23:19:32 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll
[2010.06.14 23:19:32 | 000,044,544 | ---- | C] () -- C:\Windows\System32\drivers\funfrm.sys
[2010.06.14 23:18:42 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll
[2010.06.13 23:50:32 | 000,327,680 | ---- | C] () -- C:\Windows\System32\vsnp2uvc.dll
[2010.06.13 23:50:31 | 001,759,616 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2010.06.13 23:50:31 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2010.06.13 23:50:30 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2010.06.13 19:35:24 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.06.13 19:11:48 | 000,172,032 | ---- | C] () -- C:\Windows\System32\wintrust.dll
[2010.03.12 05:59:18 | 008,194,584 | ---- | C] () -- C:\Windows\System32\TVWSetup.exe
[2010.03.12 05:59:18 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.03.12 05:59:17 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2010.03.12 05:59:17 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.03.12 05:59:16 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.02.09 21:56:09 | 000,507,568 | ---- | C] () -- C:\Windows\System32\winload.exe
[2010.02.09 21:56:09 | 000,442,920 | ---- | C] () -- C:\Windows\System32\winresume.exe
[2010.02.09 21:56:05 | 002,614,272 | ---- | C] () -- C:\Windows\explorer.exe
[2010.02.09 21:56:05 | 000,285,696 | ---- | C] () -- C:\Windows\System32\winlogon.exe
[2010.01.18 18:54:54 | 001,419,232 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01005.dll
[2009.12.08 18:22:06 | 000,014,021 | ---- | C] () -- C:\Programme\Common Files\logo.jpg
[2009.09.14 19:05:04 | 000,374,064 | ---- | C] () -- C:\Windows\System32\twnlib4.dll
[2009.07.14 10:56:28 | 000,213,504 | ---- | C] () -- C:\Windows\System32\vmicsvc.exe
[2009.07.14 10:56:28 | 000,116,224 | ---- | C] () -- C:\Windows\System32\VmbusCoinstaller.dll
[2009.07.14 10:56:28 | 000,053,760 | ---- | C] () -- C:\Windows\System32\vmicres.dll
[2009.07.14 10:56:28 | 000,047,616 | ---- | C] () -- C:\Windows\System32\vmictimeprovider.dll
[2009.07.14 10:56:28 | 000,044,544 | ---- | C] () -- C:\Windows\System32\vmbusres.dll
[2009.07.14 10:56:27 | 000,113,664 | ---- | C] () -- C:\Windows\System32\VmdCoinstall.dll
[2009.07.14 10:47:43 | 000,657,666 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,131,024 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 003,764,616 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,618,912 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,107,232 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:41:41 | 002,504,192 | ---- | C] () -- C:\Windows\System32\WMVCORE.DLL
[2009.07.14 02:24:08 | 003,405,312 | ---- | C] () -- C:\Windows\System32\xpsrchvw.exe
[2009.07.14 02:22:04 | 001,712,640 | ---- | C] () -- C:\Windows\System32\xpsservices.dll
[2009.07.14 02:20:17 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xmllite.dll
[2009.07.14 02:20:00 | 000,352,768 | ---- | C] () -- C:\Windows\System32\termmgr.dll
[2009.07.14 02:19:51 | 000,855,552 | ---- | C] () -- C:\Windows\System32\tapi3.dll
[2009.07.14 02:19:49 | 000,222,208 | ---- | C] () -- C:\Windows\System32\wavemsp.dll
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 02:19:30 | 000,930,816 | ---- | C] () -- C:\Windows\System32\xpssvcs.dll
[2009.07.14 02:18:41 | 000,489,472 | ---- | C] () -- C:\Windows\System32\win32spl.dll
[2009.07.14 02:18:17 | 000,185,344 | ---- | C] () -- C:\Windows\System32\WSDMon.dll
[2009.07.14 02:18:15 | 000,148,992 | ---- | C] () -- C:\Windows\System32\tcpmon.dll
[2009.07.14 02:18:07 | 000,057,856 | ---- | C] () -- C:\Windows\System32\WSDPrintProxy.DLL
[2009.07.14 02:17:56 | 000,601,600 | ---- | C] () -- C:\Windows\System32\XpsFilt.dll
[2009.07.14 02:17:29 | 001,553,408 | ---- | C] () -- C:\Windows\System32\tquery.dll
[2009.07.14 02:16:55 | 000,443,904 | ---- | C] () -- C:\Windows\System32\XPSSHHDR.dll
[2009.07.14 02:15:32 | 001,912,832 | ---- | C] () -- C:\Windows\System32\wuaueng.dll
[2009.07.14 02:15:14 | 000,444,928 | ---- | C] () -- C:\Windows\System32\wiashext.dll
[2009.07.14 02:15:13 | 000,088,576 | ---- | C] () -- C:\Windows\System32\wiaacmgr.exe
[2009.07.14 02:15:12 | 000,802,304 | ---- | C] () -- C:\Windows\System32\WFS.exe
[2009.07.14 02:15:11 | 000,416,256 | ---- | C] () -- C:\Windows\System32\wiadefui.dll
[2009.07.14 02:15:09 | 000,669,184 | ---- | C] () -- C:\Windows\System32\WFSR.dll
[2009.07.14 02:15:04 | 002,414,080 | ---- | C] () -- C:\Windows\System32\wucltux.dll
[2009.07.14 02:14:56 | 000,544,256 | ---- | C] () -- C:\Windows\System32\wiaaut.dll
[2009.07.14 02:14:48 | 000,055,808 | ---- | C] () -- C:\Windows\System32\WSDScanProxy.dll
[2009.07.14 02:14:44 | 000,462,336 | ---- | C] () -- C:\Windows\System32\wiaservc.dll
[2009.07.14 02:14:42 | 000,110,080 | ---- | C] () -- C:\Windows\System32\wiavideo.dll
[2009.07.14 02:14:38 | 000,560,128 | ---- | C] () -- C:\Windows\System32\wuapi.dll
[2009.07.14 02:14:38 | 000,113,664 | ---- | C] () -- C:\Windows\System32\wiadss.dll
[2009.07.14 02:14:35 | 000,087,552 | ---- | C] () -- C:\Windows\System32\wiascanprofiles.dll
[2009.07.14 02:14:33 | 000,051,200 | ---- | C] () -- C:\Windows\twain_32.dll
[2009.07.14 02:14:20 | 000,047,104 | ---- | C] () -- C:\Windows\System32\wuauclt.exe
[2009.07.14 02:14:17 | 000,164,352 | ---- | C] () -- C:\Windows\System32\wuwebv.dll
[2009.07.14 02:14:15 | 000,087,552 | ---- | C] () -- C:\Windows\System32\wudriver.dll
[2009.07.14 02:13:58 | 001,397,248 | ---- | C] () -- C:\Windows\System32\Utilman.exe
[2009.07.14 02:13:11 | 000,054,784 | ---- | C] () -- C:\Windows\System32\xmlfilter.dll
[2009.07.14 02:12:58 | 000,497,152 | ---- | C] () -- C:\Windows\HelpPane.exe
[2009.07.14 02:11:37 | 000,313,856 | ---- | C] () -- C:\Windows\System32\thawbrkr.dll
[2009.07.14 02:10:20 | 000,046,592 | ---- | C] () -- C:\Windows\System32\WavDest.dll
[2009.07.14 02:09:58 | 001,003,008 | ---- | C] () -- C:\Windows\System32\WMNetMgr.dll
[2009.07.14 02:09:30 | 001,624,064 | ---- | C] () -- C:\Windows\System32\WMPEncEn.dll
[2009.07.14 02:09:24 | 000,344,576 | ---- | C] () -- C:\Windows\System32\wmpeffects.dll
[2009.07.14 02:09:23 | 000,299,520 | ---- | C] () -- C:\Windows\System32\wmpdxm.dll
[2009.07.14 02:09:16 | 000,541,184 | ---- | C] () -- C:\Windows\System32\WMVSDECD.DLL
[2009.07.14 02:09:11 | 000,278,528 | ---- | C] () -- C:\Windows\System32\unregmp2.exe
[2009.07.14 02:09:10 | 000,105,472 | ---- | C] () -- C:\Windows\System32\wmpshell.dll
[2009.07.14 02:09:06 | 000,143,872 | ---- | C] () -- C:\Windows\System32\wmpps.dll
[2009.07.14 02:09:05 | 001,568,768 | ---- | C] () -- C:\Windows\System32\WMVENCOD.DLL
[2009.07.14 02:08:55 | 000,182,272 | ---- | C] () -- C:\Windows\System32\wmpsrcwp.dll
[2009.07.14 02:08:33 | 000,237,568 | ---- | C] () -- C:\Windows\System32\WMASF.DLL
[2009.07.14 02:08:32 | 000,902,656 | ---- | C] () -- C:\Windows\System32\WMADMOD.DLL
[2009.07.14 02:08:27 | 000,155,136 | ---- | C] () -- C:\Windows\System32\wmidx.dll
[2009.07.14 02:08:16 | 000,739,328 | ---- | C] () -- C:\Windows\System32\WMSPDMOD.DLL
[2009.07.14 02:08:08 | 000,664,576 | ---- | C] () -- C:\Windows\System32\WMVXENCD.DLL
[2009.07.14 02:08:08 | 000,358,400 | ---- | C] () -- C:\Windows\System32\WMVSENCD.DLL
[2009.07.14 02:08:03 | 000,144,896 | ---- | C] () -- C:\Windows\System32\wmvdspa.dll
[2009.07.14 02:08:02 | 001,325,056 | ---- | C] () -- C:\Windows\System32\WMSPDMOE.DLL
[2009.07.14 02:07:54 | 000,812,032 | ---- | C] () -- C:\Windows\System32\WMADMOE.DLL
[2009.07.14 02:07:48 | 000,318,464 | ---- | C] () -- C:\Windows\System32\WMPhoto.dll
[2009.07.14 02:07:48 | 000,154,112 | ---- | C] () -- C:\Windows\System32\VIDRESZR.DLL
[2009.07.14 02:07:34 | 002,311,168 | ---- | C] () -- C:\Windows\System32\wpdshext.dll
[2009.07.14 02:07:33 | 001,202,176 | ---- | C] () -- C:\Windows\System32\WMALFXGFXDSP.dll
[2009.07.14 02:07:19 | 000,198,144 | ---- | C] () -- C:\Windows\System32\wpdwcn.dll
[2009.07.14 02:07:15 | 000,053,760 | ---- | C] () -- C:\Windows\System32\wmcodecdspps.dll
[2009.07.14 02:07:14 | 000,296,960 | ---- | C] () -- C:\Windows\System32\WinSync.dll
[2009.07.14 02:07:09 | 000,173,056 | ---- | C] () -- C:\Windows\System32\WinSyncMetastore.dll
[2009.07.14 02:07:09 | 000,116,736 | ---- | C] () -- C:\Windows\System32\WinSyncProviders.dll
[2009.07.14 02:07:08 | 000,058,880 | ---- | C] () -- C:\Windows\System32\WABSyncProvider.dll
[2009.07.14 02:07:02 | 000,105,984 | ---- | C] () -- C:\Windows\System32\WPDShServiceObj.dll
[2009.07.14 02:06:57 | 000,577,024 | ---- | C] () -- C:\Windows\System32\wpd_ci.dll
[2009.07.14 02:06:53 | 000,350,720 | ---- | C] () -- C:\Windows\System32\WPDSp.dll
[2009.07.14 02:06:50 | 000,084,480 | ---- | C] () -- C:\Windows\System32\wpdbusenum.dll
[2009.07.14 02:06:10 | 000,616,960 | ---- | C] () -- C:\Windows\System32\wmdrmsdk.dll
[2009.07.14 02:06:02 | 000,507,392 | ---- | C] () -- C:\Windows\System32\wmdrmdev.dll
[2009.07.14 02:05:54 | 000,436,736 | ---- | C] () -- C:\Windows\System32\wmdrmnet.dll
[2009.07.14 02:03:43 | 000,194,048 | ---- | C] () -- C:\Windows\System32\winmm.dll
[2009.07.14 02:03:21 | 000,056,832 | ---- | C] () -- C:\Windows\System32\vfwwdm32.dll
[2009.07.14 02:03:12 | 000,172,032 | ---- | C] () -- C:\Windows\System32\wdmaud.drv
[2009.07.14 02:03:10 | 000,594,432 | ---- | C] () -- C:\Windows\System32\TSWorkspace.dll
[2009.07.14 02:03:00 | 000,154,624 | ---- | C] () -- C:\Windows\System32\umrdp.dll
[2009.07.14 02:02:55 | 000,262,656 | ---- | C] () -- C:\Windows\System32\tsmf.dll
[2009.07.14 02:02:49 | 000,543,232 | ---- | C] () -- C:\Windows\System32\termsrv.dll
[2009.07.14 02:02:34 | 000,130,048 | ---- | C] () -- C:\Windows\System32\tspubwmi.dll
[2009.07.14 02:02:29 | 000,156,160 | ---- | C] () -- C:\Windows\System32\winsta.dll
[2009.07.14 02:02:22 | 000,153,600 | ---- | C] () -- C:\Windows\System32\tscfgwmi.dll
[2009.07.14 02:01:50 | 000,223,232 | ---- | C] () -- C:\Windows\System32\wksprt.exe
[2009.07.14 02:01:49 | 000,070,144 | ---- | C] () -- C:\Windows\System32\tlscsp.dll
[2009.07.14 02:01:46 | 000,046,080 | ---- | C] () -- C:\Windows\System32\TSWbPrxy.exe
[2009.07.14 01:59:10 | 000,103,424 | ---- | C] () -- C:\Windows\System32\verifier.exe
[2009.07.14 01:56:53 | 000,284,672 | ---- | C] () -- C:\Windows\System32\WWanAPI.dll
[2009.07.14 01:56:43 | 000,163,328 | ---- | C] () -- C:\Windows\System32\Wwanadvui.dll
[2009.07.14 01:56:41 | 000,196,608 | ---- | C] () -- C:\Windows\System32\wwanconn.dll
[2009.07.14 01:56:41 | 000,185,856 | ---- | C] () -- C:\Windows\System32\wwansvc.dll
[2009.07.14 01:56:38 | 000,674,304 | ---- | C] () -- C:\Windows\System32\wwanmm.dll
[2009.07.14 01:56:37 | 000,042,496 | ---- | C] () -- C:\Windows\System32\wwancfg.dll
[2009.07.14 01:56:35 | 000,056,320 | ---- | C] () -- C:\Windows\System32\WWanHC.dll
[2009.07.14 01:56:04 | 001,326,592 | ---- | C] () -- C:\Windows\System32\wlanpref.dll
[2009.07.14 01:55:50 | 000,669,696 | ---- | C] () -- C:\Windows\System32\WLanConn.dll
[2009.07.14 01:55:49 | 000,638,976 | ---- | C] () -- C:\Windows\System32\VAN.dll
[2009.07.14 01:55:48 | 000,748,544 | ---- | C] () -- C:\Windows\System32\WlanMM.dll
[2009.07.14 01:55:41 | 000,266,752 | ---- | C] () -- C:\Windows\System32\upnphost.dll
[2009.07.14 01:55:24 | 000,045,056 | ---- | C] () -- C:\Windows\System32\udhisapi.dll
[2009.07.14 01:55:22 | 000,059,392 | ---- | C] () -- C:\Windows\System32\unimdmat.dll
[2009.07.14 01:55:06 | 000,051,712 | ---- | C] () -- C:\Windows\System32\wsnmp32.dll
[2009.07.14 01:55:04 | 000,068,608 | ---- | C] () -- C:\Windows\System32\winsockhc.dll
[2009.07.14 01:55:02 | 000,056,832 | ---- | C] () -- C:\Windows\System32\wscmisetup.dll
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:54:45 | 000,237,056 | ---- | C] () -- C:\Windows\System32\vpnike.dll
[2009.07.14 01:53:29 | 000,994,816 | ---- | C] () -- C:\Windows\System32\wcnwiz.dll
[2009.07.14 01:53:06 | 000,080,896 | ---- | C] () -- C:\Windows\System32\wzcdlg.dll
[2009.07.14 01:53:01 | 000,086,528 | ---- | C] () -- C:\Windows\System32\WcnApi.dll
[2009.07.14 01:52:56 | 000,066,048 | ---- | C] () -- C:\Windows\System32\WfHC.dll
[2009.07.14 01:52:53 | 000,070,144 | ---- | C] () -- C:\Windows\System32\winipsec.dll
[2009.07.14 01:52:44 | 000,048,128 | ---- | C] () -- C:\Windows\System32\ucmhc.dll
[2009.07.14 01:52:43 | 000,082,944 | ---- | C] () -- C:\Windows\System32\winethc.dll
[2009.07.14 01:52:08 | 000,505,856 | ---- | C] () -- C:\Windows\System32\wlandlg.dll
[2009.07.14 01:52:07 | 000,410,112 | ---- | C] () -- C:\Windows\System32\wlanui.dll
[2009.07.14 01:52:01 | 000,829,440 | ---- | C] () -- C:\Windows\System32\wlansvc.dll
[2009.07.14 01:51:56 | 000,428,032 | ---- | C] () -- C:\Windows\System32\wlanmsm.dll
[2009.07.14 01:51:56 | 000,411,648 | ---- | C] () -- C:\Windows\System32\wlangpui.dll
[2009.07.14 01:51:56 | 000,077,312 | ---- | C] () -- C:\Windows\System32\wlanext.exe
[2009.07.14 01:51:55 | 000,177,152 | ---- | C] () -- C:\Windows\System32\wlancfg.dll
[2009.07.14 01:51:55 | 000,158,208 | ---- | C] () -- C:\Windows\System32\WLanHC.dll
[2009.07.14 01:51:55 | 000,084,480 | ---- | C] () -- C:\Windows\System32\wlanhlp.dll
[2009.07.14 01:51:55 | 000,081,408 | ---- | C] () -- C:\Windows\System32\wlanapi.dll
[2009.07.14 01:51:53 | 000,118,784 | ---- | C] () -- C:\Windows\System32\wlgpclnt.dll
[2009.07.14 01:51:45 | 000,392,192 | ---- | C] () -- C:\Windows\System32\wlansec.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:51:41 | 000,354,816 | ---- | C] () -- C:\Windows\System32\xwizards.dll
[2009.07.14 01:51:41 | 000,041,472 | ---- | C] () -- C:\Windows\System32\xwizard.exe
[2009.07.14 01:51:38 | 000,158,208 | ---- | C] () -- C:\Windows\System32\xwtpdui.dll
[2009.07.14 01:51:37 | 000,107,520 | ---- | C] () -- C:\Windows\System32\xwtpw32.dll
[2009.07.14 01:51:36 | 000,085,504 | ---- | C] () -- C:\Windows\System32\xwreg.dll
[2009.07.14 01:50:21 | 000,567,808 | ---- | C] () -- C:\Windows\System32\WUDFx.dll
[2009.07.14 01:50:16 | 000,195,584 | ---- | C] () -- C:\Windows\System32\WUDFHost.exe
[2009.07.14 01:50:16 | 000,162,304 | ---- | C] () -- C:\Windows\System32\WUDFPlatform.dll
[2009.07.14 01:50:16 | 000,064,512 | ---- | C] () -- C:\Windows\System32\WUDFSvc.dll
[2009.07.14 01:47:42 | 000,334,336 | ---- | C] () -- C:\Windows\System32\wisptis.exe
[2009.07.14 01:46:51 | 002,969,600 | ---- | C] () -- C:\Windows\System32\UIHub.dll
[2009.07.14 01:46:48 | 000,782,336 | ---- | C] () -- C:\Windows\System32\webservices.dll
[2009.07.14 01:44:12 | 000,090,624 | ---- | C] () -- C:\Windows\System32\txflog.dll
[2009.07.14 01:44:03 | 000,077,312 | ---- | C] () -- C:\Windows\System32\trkwks.dll
[2009.07.14 01:44:02 | 000,047,616 | ---- | C] () -- C:\Windows\System32\xolehlp.dll
[2009.07.14 01:43:55 | 000,229,376 | ---- | C] () -- C:\Windows\System32\webcheck.dll
[2009.07.14 01:43:18 | 000,131,584 | ---- | C] () -- C:\Windows\System32\url.dll
[2009.07.14 01:43:16 | 002,983,424 | ---- | C] () -- C:\Windows\System32\UIRibbon.dll
[2009.07.14 01:42:51 | 000,141,824 | ---- | C] () -- C:\Windows\System32\wscript.exe
[2009.07.14 01:42:43 | 000,151,552 | ---- | C] () -- C:\Windows\System32\wextract.exe
[2009.07.14 01:42:38 | 000,080,896 | ---- | C] () -- C:\Windows\System32\wshext.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 01:41:47 | 000,079,872 | ---- | C] () -- C:\Windows\System32\winver.exe
[2009.07.14 01:41:31 | 000,222,720 | ---- | C] () -- C:\Windows\System32\zgmprxy.dll
[2009.07.14 01:41:11 | 000,080,896 | ---- | C] () -- C:\Windows\System32\usbui.dll
[2009.07.14 01:41:04 | 000,179,712 | ---- | C] () -- C:\Windows\notepad.exe
[2009.07.14 01:40:59 | 000,233,472 | ---- | C] () -- C:\Windows\System32\taskbarcpl.dll
[2009.07.14 01:40:51 | 002,157,056 | ---- | C] () -- C:\Windows\System32\themecpl.dll
[2009.07.14 01:40:48 | 000,600,064 | ---- | C] () -- C:\Windows\System32\usercpl.dll
[2009.07.14 01:40:40 | 000,078,848 | ---- | C] () -- C:\Windows\System32\UserAccountControlSettings.dll
[2009.07.14 01:40:37 | 002,146,304 | ---- | C] () -- C:\Windows\System32\SyncCenter.dll
[2009.07.14 01:40:36 | 000,327,680 | ---- | C] () -- C:\Windows\System32\zipfldr.dll
[2009.07.14 01:40:34 | 000,192,512 | ---- | C] () -- C:\Windows\System32\UserAccountControlSettings.exe
[2009.07.14 01:40:24 | 000,308,736 | ---- | C] () -- C:\Windows\System32\Wpc.dll
[2009.07.14 01:40:24 | 000,292,864 | ---- | C] () -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2009.07.14 01:40:18 | 000,766,464 | ---- | C] () -- C:\Windows\System32\wpccpl.dll
[2009.07.14 01:40:15 | 000,082,944 | ---- | C] () -- C:\Windows\System32\thumbcache.dll
[2009.07.14 01:39:59 | 000,179,200 | ---- | C] () -- C:\Windows\System32\wpcumi.dll
[2009.07.14 01:39:59 | 000,146,432 | ---- | C] () -- C:\Windows\System32\twext.dll
[2009.07.14 01:39:57 | 000,128,512 | ---- | C] () -- C:\Windows\System32\wpcao.dll
[2009.07.14 01:39:20 | 002,755,072 | ---- | C] () -- C:\Windows\System32\themeui.dll
[2009.07.14 01:37:45 | 000,084,480 | ---- | C] () -- C:\Windows\System32\wkssvc.dll
[2009.07.14 01:37:38 | 000,047,104 | ---- | C] () -- C:\Windows\System32\wkscli.dll
[2009.07.14 01:37:19 | 000,933,376 | ---- | C] () -- C:\Windows\System32\Vault.dll
[2009.07.14 01:37:18 | 000,151,552 | ---- | C] () -- C:\Windows\System32\wbiosrvc.dll
[2009.07.14 01:37:15 | 000,057,856 | ---- | C] () -- C:\Windows\System32\winbio.dll
[2009.07.14 01:37:08 | 000,196,096 | ---- | C] () -- C:\Windows\System32\vaultsvc.dll
[2009.07.14 01:37:02 | 000,070,144 | ---- | C] () -- C:\Windows\System32\VaultCredProvider.dll
[2009.07.14 01:36:49 | 000,096,256 | ---- | C] () -- C:\Windows\System32\wininit.exe
[2009.07.14 01:34:19 | 000,079,360 | ---- | C] () -- C:\Windows\System32\userenv.dll
[2009.07.14 01:34:12 | 000,171,520 | ---- | C] () -- C:\Windows\System32\wdigest.dll
[2009.07.14 01:34:10 | 000,065,024 | ---- | C] () -- C:\Windows\System32\TSpkg.dll
[2009.07.14 01:33:55 | 000,134,144 | ---- | C] () -- C:\Windows\System32\WinSCard.dll
[2009.07.14 01:33:37 | 001,086,464 | ---- | C] () -- C:\Windows\System32\wevtsvc.dll
[2009.07.14 01:33:32 | 000,288,768 | ---- | C] () -- C:\Windows\System32\w32time.dll
[2009.07.14 01:33:24 | 000,065,536 | ---- | C] () -- C:\Windows\System32\w32tm.exe
[2009.07.14 01:31:52 | 000,095,744 | ---- | C] () -- C:\Windows\System32\wscinterop.dll
[2009.07.14 01:31:43 | 001,175,040 | ---- | C] () -- C:\Windows\System32\WsmSvc.dll
[2009.07.14 01:31:26 | 000,248,832 | ---- | C] () -- C:\Windows\System32\WSManMigrationPlugin.dll
[2009.07.14 01:31:25 | 000,198,144 | ---- | C] () -- C:\Windows\System32\WSManHTTPConfig.exe
[2009.07.14 01:31:18 | 000,213,504 | ---- | C] () -- C:\Windows\System32\WsmWmiPl.dll
[2009.07.14 01:31:17 | 000,240,128 | ---- | C] () -- C:\Windows\System32\winrscmd.dll
[2009.07.14 01:31:12 | 000,145,920 | ---- | C] () -- C:\Windows\System32\WsmAuto.dll
[2009.07.14 01:31:08 | 000,054,272 | ---- | C] () -- C:\Windows\System32\WsmRes.dll
[2009.07.14 01:30:48 | 000,362,496 | ---- | C] () -- C:\Windows\System32\wbemcomn.dll
[2009.07.14 01:30:22 | 000,262,144 | ---- | C] () -- C:\Windows\System32\wevtapi.dll
[2009.07.14 01:30:21 | 000,175,616 | ---- | C] () -- C:\Windows\System32\wevtutil.exe
[2009.07.14 01:30:12 | 000,080,384 | ---- | C] () -- C:\Windows\System32\wecutil.exe
[2009.07.14 01:30:05 | 000,147,968 | ---- | C] () -- C:\Windows\System32\wecsvc.dll
[2009.07.14 01:29:57 | 000,083,456 | ---- | C] () -- C:\Windows\System32\wevtfwd.dll
[2009.07.14 01:29:56 | 000,058,368 | ---- | C] () -- C:\Windows\System32\wecapi.dll
[2009.07.14 01:29:40 | 001,294,336 | ---- | C] () -- C:\Windows\System32\wsecedit.dll
[2009.07.14 01:29:14 | 001,011,200 | ---- | C] () -- C:\Windows\System32\WindowsCodecs.dll
[2009.07.14 01:29:05 | 001,164,800 | ---- | C] () -- C:\Windows\System32\UIRibbonRes.dll
[2009.07.14 01:28:16 | 000,099,328 | ---- | C] () -- C:\Windows\System32\UIAnimation.dll
[2009.07.14 01:27:58 | 001,063,936 | ---- | C] () -- C:\Windows\System32\werconcpl.dll
[2009.07.14 01:27:45 | 000,192,512 | ---- | C] () -- C:\Windows\System32\WindowsCodecsExt.dll
[2009.07.14 01:27:40 | 000,377,856 | ---- | C] () -- C:\Windows\System32\wer.dll
[2009.07.14 01:27:32 | 000,360,448 | ---- | C] () -- C:\Windows\System32\WerFault.exe
[2009.07.14 01:27:31 | 000,561,664 | ---- | C] () -- C:\Windows\System32\UIAutomationCore.dll
[2009.07.14 01:27:27 | 000,065,024 | ---- | C] () -- C:\Windows\System32\wersvc.dll
[2009.07.14 01:27:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\wercplsupport.dll
[2009.07.14 01:27:22 | 000,254,976 | ---- | C] () -- C:\Windows\System32\wsqmcons.exe
[2009.07.14 01:27:20 | 000,160,256 | ---- | C] () -- C:\Windows\System32\werui.dll
[2009.07.14 01:27:20 | 000,053,760 | ---- | C] () -- C:\Windows\System32\wermgr.exe
[2009.07.14 01:26:27 | 000,170,496 | ---- | C] () -- C:\Windows\System32\WmpDui.dll
[2009.07.14 01:26:00 | 000,056,320 | ---- | C] () -- C:\Windows\System32\vga256.dll
[2009.07.14 01:25:49 | 000,169,472 | ---- | C] () -- C:\Windows\System32\winsrv.dll
[2009.07.14 01:25:21 | 001,169,408 | ---- | C] () -- C:\Windows\System32\sysmain.dll
[2009.07.14 01:24:53 | 001,025,536 | ---- | C] () -- C:\Windows\System32\VSSVC.exe
[2009.07.14 01:24:44 | 000,379,904 | ---- | C] () -- C:\Users\Flo\AppData\Local\irocinexilahet.dll
[2009.07.14 01:24:44 | 000,099,328 | ---- | C] () -- C:\Users\Flo\AppData\Local\WMPDant.dll
[2009.07.14 01:24:35 | 000,239,616 | ---- | C] () -- C:\Windows\System32\uDWM.dll
[2009.07.14 01:24:05 | 000,452,608 | ---- | C] () -- C:\Windows\System32\vds.exe
[2009.07.14 01:23:50 | 000,115,200 | ---- | C] () -- C:\Windows\System32\vssadmin.exe
[2009.07.14 01:23:48 | 001,202,688 | ---- | C] () -- C:\Windows\System32\wbengine.exe
[2009.07.14 01:23:37 | 000,047,616 | ---- | C] () -- C:\Windows\System32\vdsvd.dll
[2009.07.14 01:23:32 | 000,518,144 | ---- | C] () -- C:\Windows\System32\vdsdyn.dll
[2009.07.14 01:23:31 | 000,160,256 | ---- | C] () -- C:\Windows\System32\vdsbas.dll
[2009.07.14 01:23:31 | 000,151,040 | ---- | C] () -- C:\Windows\System32\vdsutil.dll
[2009.07.14 01:23:28 | 000,044,544 | ---- | C] () -- C:\Windows\System32\vds_ps.dll
[2009.07.14 01:23:22 | 000,224,768 | ---- | C] () -- C:\Windows\System32\wbadmin.exe
[2009.07.14 01:23:08 | 003,367,424 | ---- | C] () -- C:\Windows\System32\WinSAT.exe
[2009.07.14 01:23:03 | 000,458,240 | ---- | C] () -- C:\Windows\System32\WSDApi.dll
[2009.07.14 01:22:54 | 000,050,688 | ---- | C] () -- C:\Windows\System32\umb.dll
[2009.07.14 01:22:35 | 000,314,880 | ---- | C] () -- C:\Windows\System32\wusa.exe
[2009.07.14 01:22:33 | 000,341,504 | ---- | C] () -- C:\Windows\System32\verifier.dll
[2009.07.14 01:22:06 | 000,335,872 | ---- | C] () -- C:\Windows\System32\WinSATAPI.dll
[2009.07.14 01:20:59 | 000,282,112 | ---- | C] () -- C:\Windows\System32\wow32.dll
[2009.07.14 01:20:31 | 000,227,328 | ---- | C] () -- C:\Windows\System32\taskmgr.exe
[2009.07.14 01:20:25 | 001,227,776 | ---- | C] () -- C:\Windows\System32\wdc.dll
[2009.07.14 01:20:01 | 000,364,544 | ---- | C] () -- C:\Windows\System32\tracerpt.exe
[2009.07.14 01:20:00 | 000,606,720 | ---- | C] () -- C:\Windows\System32\tdh.dll
[2009.07.14 01:19:57 | 000,444,928 | ---- | C] () -- C:\Windows\System32\wvc.dll
[2009.07.14 01:19:47 | 000,076,288 | ---- | C] () -- C:\Windows\System32\wdi.dll
[2009.07.14 01:19:45 | 000,170,496 | ---- | C] () -- C:\Windows\System32\ubpm.dll
[2009.07.14 01:18:03 | 000,406,016 | ---- | C] () -- C:\Windows\System32\wimgapi.dll
[2009.07.14 01:18:03 | 000,327,680 | ---- | C] () -- C:\Windows\System32\wimserv.exe
[2009.07.14 01:17:47 | 000,118,272 | ---- | C] () -- C:\Windows\System32\uxlib.dll
[2009.07.14 01:17:12 | 000,189,952 | ---- | C] () -- C:\Windows\System32\wdscore.dll
[2009.07.14 01:17:09 | 000,201,728 | ---- | C] () -- C:\Windows\System32\unattend.dll
[2009.07.14 01:17:08 | 000,398,336 | ---- | C] () -- C:\Windows\regedit.exe
[2009.07.14 01:16:51 | 000,119,808 | ---- | C] () -- C:\Windows\System32\umpo.dll
[2009.07.14 01:16:50 | 000,294,400 | ---- | C] () -- C:\Windows\System32\umpnpmgr.dll
[2009.07.14 01:15:45 | 000,047,616 | ---- | C] () -- C:\Windows\System32\tzutil.exe
[2009.07.14 01:15:37 | 000,043,008 | ---- | C] () -- C:\Windows\System32\whoami.exe
[2009.07.14 01:15:00 | 000,108,544 | ---- | C] () -- C:\Windows\System32\ulib.dll
[2009.07.14 01:14:58 | 000,346,112 | ---- | C] () -- C:\Windows\System32\untfs.dll
[2009.07.14 01:14:56 | 000,135,680 | ---- | C] () -- C:\Windows\System32\uudf.dll
[2009.07.14 01:14:55 | 000,095,232 | ---- | C] () -- C:\Windows\System32\ufat.dll
[2009.07.14 01:14:55 | 000,068,096 | ---- | C] () -- C:\Windows\System32\uexfat.dll
[2009.07.14 01:13:55 | 000,065,024 | ---- | C] () -- C:\Windows\bfsvc.exe
[2009.07.14 01:13:12 | 000,047,104 | ---- | C] () -- C:\Windows\System32\ucsvc.exe
[2009.07.14 01:12:52 | 000,094,720 | ---- | C] () -- C:\Windows\System32\TpmInit.exe
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008.12.09 17:23:13 | 000,047,848 | RHS- | C] () -- C:\Users\Flo\AppData\Roaming\appconf32.exe
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.04.17 16:07:30 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\5015
[2011.01.07 16:15:09 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Armagetron
[2010.10.14 21:34:33 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\concept design
[2010.06.13 19:30:32 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\DAEMON Tools Lite
[2010.07.17 19:28:13 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.17 15:10:17 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\GetRightToGo
[2011.04.16 14:52:27 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\ICQ
[2011.04.17 16:07:10 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\kock
[2011.02.19 23:23:13 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Need for Speed World
[2010.08.02 23:47:03 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\SecondLife
[2010.12.24 17:32:45 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Teeworlds
[2010.06.13 18:24:19 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\TuneUp Software
[2011.04.20 22:37:38 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\UAs
[2011.02.08 14:46:29 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Ubisoft
[2010.07.06 17:24:03 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Warsow 0.5
[2011.04.20 22:37:43 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\xmldm
[2011.04.20 22:46:44 | 000,018,016 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.20 22:47:45 | 000,000,228 | ---- | M] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance.job
[2011.04.20 23:39:24 | 000,000,304 | -HS- | M] () -- C:\Windows\Tasks\Ubpbft.job
[2011.04.20 23:54:03 | 000,000,278 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.04.20 23:59:06 | 000,000,242 | -H-- | M] () -- C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011.01.13 03:56:17 | 000,000,650 | ---- | M] ()(C:\Users\Flo\AppData\Local\PMB Files.?an) -- C:\Users\Flo\AppData\Local\PMB Files.聰an
[2011.01.13 03:56:17 | 000,000,650 | ---- | C] ()(C:\Users\Flo\AppData\Local\PMB Files.?an) -- C:\Users\Flo\AppData\Local\PMB Files.聰an
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:5D2D79003E07E81A
 
< End of report >

markusg 21.04.2011 10:12
• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

:OTL
O4 - HKLM..\Run: [Akenovab] C:\Users\Flo\AppData\Local\irocinexilahet.dll (ELAN Microelectronic Corp.)
O4 - HKCU..\Run: [0ESKOMO9JO] C:\Users\Flo\AppData\Local\Temp\Kxh.exe ()
O4 - HKCU..\Run: [Lredun] C:\Users\Flo\AppData\Local\WMPDant.dll (Acronis)
O20 - HKLM Winlogon: UserInit - (C:\Users\Flo\AppData\Roaming\appconf32.exe) - C:\Users\Flo\AppData\Roaming\appconf32.exe ()
[2011.04.20 19:37:03 | 000,000,120 | ---- | M] () -- C:\Users\Flo\AppData\Local\Nxojadilakizaxif.dat
[2011.04.20 19:37:01 | 000,000,000 | ---- | M] () -- C:\Users\Flo\AppData\Local\Mvapaciwiman.bin
:Files
C:\Users\Flo\AppData\Local\irocinexilahet.dll
C:\Users\Flo\AppData\Local\Temp\Kxh.exe
C:\Users\Flo\AppData\Local\WMPDant.dll
C:\Users\Flo\AppData\Roaming\appconf32.exe) - C:\Users\Flo\AppData\Roaming\appconf32.exe
C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\Ubpbft.job
C:\Users\Flo\AppData\Roaming\AcroIEHelpe.dll
C:\Windows\Kbibua.exe
C:\Windows\System32\fvecertsh.dll
ipconfig /flushdns /c
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.

öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
das archiv nach anleitung hochladen:
http://www.trojaner-board.de/54791-a...ner-board.html

markusg 22.04.2011 12:00
das nächste mal schreib hier rein, wie ichs geschrieben hab, ich gucke ja nicht ständig in den upload channel

bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Espi 22.04.2011 21:23
Tut mir leid das ich hier nicht bescheit gesagt habe, aber ich musste gestern abend unbedingt ins Bett.

Aber jetzt zu Thema, wenn ich ComboFix installieren will stürtzt mein Laptop ab, soll heißen dass der Installationsbalken noch fast bis zum Ende lädt, aber kurz bevor es fertig ist kommt ein blauer Bildschirm auf dem jede menge steht wovon ich keine Ahnung habe :( und dann startet er neu.
Ich habe das ganze auch schon mehrfach versucht aber es ist immer das gleiche.

Lg und Danke,
Espi

markusg 26.04.2011 18:35
lösche combofix, hohle dir die neueste version.
dann starte im abgesicherten modus, bei pc start meist mit f8 und dort noch mal combofix versuchen


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:28 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27