Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bundespolizei Virus (Auswertung OTL.txt)

Bundespolizei Virus (Auswertung OTL.txt)


Log-Analyse und Auswertung: Bundespolizei Virus (Auswertung OTL.txt)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 2 1 2
Alt 18.03.2012, 16:56   #1
jürgen69
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Hallo

Ich bin, wie viele andere Personen auch, vom Bundespolizeivirus betroffen und kann den abgesicherten Modus nicht mehr starten.
Wie in einem anderen Thread beschrieben, habe ich die OTL Dateien erstellt und bräuchte nun Hilfe bei deren Auswertung.
Falls mir jemand die Dateien auswerten und sagen könnte, wie ich weiter vorgehen muss, wäre ich sehr dankbar !

vielen Dank

Alt 18.03.2012, 19:06   #2
Swisstreasure
/// Malwareteam
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)




Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Quick-Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Schritt 2

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
explorer.exe
regedit.exe
winlogon.exe
wininit.exe
userinit.exe
/md5stop
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________
Alt 18.03.2012, 19:21   #3
jürgen69
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Danke schonmal für deine Hilfe.

Deine Anleitung erscheint mir relativ klar bis auf den ersten Schritt... Wie soll ich Malwarebytes auf dem PC installieren, wenn ich nicht ins Windows komme?
Sobald ich meinen PC normal hochfahre kommt ja direkt der screen, dass ich das Geld überweisen soll und ich kann nichts mehr anklicken oder installieren...
__________________
Alt 18.03.2012, 19:23   #4
Swisstreasure
/// Malwareteam
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Meld mich wieder

Alt 18.03.2012, 19:24   #5
jürgen69
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Sobald ich den Pc im abgesicherten Modus starte, startet der PC automatisch nach ca 5 Sekunden neu...


Alt 18.03.2012, 22:12   #6
Swisstreasure
/// Malwareteam
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Downloade dir bitte Farbar's Recovery Scan Tool und speichere diese auf einen USB Stick.

Schließe den USB Stick an das infizierte System an

Du musst das System nun in die System Reparatur Option booten.

Über den Boot Manager
  • Starte den Rechner neu auf.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Mit Windows CD/DVD
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu auf und starte von der CD
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !!
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".


Wähle in den Reparaturoptionen Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument --> Datei --> Speichern unter und wähle Computer
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Yes und klicke Scan
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Alt 18.03.2012, 22:36   #7
jürgen69
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


So habe als Ergebnis folgendes herausbekommen:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 14-03-2012
Ran by SYSTEM at 18-03-2012 23:29:42
Running from H:\
Windows 7 Home Premium   (X86) OS Language: German Standard 
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [1687824 2007-07-17] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE [2094352 2007-07-17] (Logitech Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [258512 2011-10-11] (Avira Operations GmbH & Co. KG)
HKU\Mirko\...\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4 [119608 2011-04-13] (ICQ, LLC.)
HKU\Mirko\...\Run: [Steam] "D:\Spiele\Steam\Steam.exe" -silent [x]
HKU\Mirko\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [4240760 2010-11-10] (Microsoft Corporation)
HKU\Mirko\...\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe [3077528 2011-09-02] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

================================ Services (Whitelisted) ==================

2 AntiVirSchedulerService; "C:\Program Files\Avira\AntiVir Desktop\sched.exe" [86224 2011-10-11] (Avira Operations GmbH & Co. KG)
2 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [110032 2011-10-11] (Avira Operations GmbH & Co. KG)
3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [1045256 2011-04-14] (Acresso Software Inc.)
2 hshld; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [298824 2011-07-01] ()
2 HssSrv; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [363336 2011-05-25] (AnchorFree Inc.)
3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [63976 2011-07-01] ()
2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe -product HSS [329544 2011-05-25] ()
2 mitsijm2011; "C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe" [462336 2010-01-23] ()
2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2348352 2012-03-01] (NVIDIA Corporation)
2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2011-09-29] ()
2 Stereo Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382272 2012-02-29] (NVIDIA Corporation)

========================== Drivers (Whitelisted) =============

2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [74640 2011-10-11] (Avira GmbH)
1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137416 2012-02-15] (Avira GmbH)
1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-10-11] (Avira GmbH)
3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2011-05-25] (AnchorFree Inc.)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
2 NPF_devolo; C:\Windows\System32\drivers\npf_devolo.sys [35840 2008-11-28] (CACE Technologies)
1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-05-25] (AnchorFree Inc)
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [317728 2011-05-26] (Marvell)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-03-18 22:39 - 2012-03-18 22:42 - 0065244 ____A C:\OTL.Txt
2012-03-17 19:55 - 2012-03-17 19:55 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0450155C-8D23-4EFA-B5D1-D79FE30DAB59}
2012-03-17 19:52 - 2012-03-17 19:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FEFC00E7-93A8-442A-978C-7E39BDAF67FB}
2012-03-17 19:49 - 2012-03-17 19:58 - 0804194 ____A C:\Windows\ntbtlog.txt
2012-03-17 19:46 - 2012-03-17 19:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{CE1F9541-6225-42E0-9F8D-505A3683E8BF}
2012-03-17 19:46 - 2012-03-17 19:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2135514A-0268-4F17-8962-A7B6FD5A0530}
2012-03-17 16:39 - 2012-03-17 19:05 - 0000000 ___AD C:\Kaspersky Rescue Disk 10.0
2012-03-17 15:48 - 2012-03-17 15:48 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3E10A6E3-BF43-4F6D-8642-A4C9BA54460C}
2012-03-17 15:45 - 2012-03-17 15:45 - 0000000 ____D C:\Users\Mirko\AppData\Local\{28312DEB-F493-4A36-89D4-44A9F811078D}
2012-03-17 15:18 - 2012-03-17 15:18 - 0001057 ____A C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.6773563434665045.exe.lnk
2012-03-17 15:11 - 2012-03-17 15:11 - 0000000 ____D C:\Users\Mirko\AppData\Local\{615F3950-6032-4383-9DA0-6D3B191AF1C3}
2012-03-17 02:30 - 2012-03-01 00:59 - 5892928 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-03-17 02:30 - 2012-03-01 00:59 - 2517312 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-03-17 02:30 - 2012-03-01 00:59 - 2437440 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-03-17 02:30 - 2012-03-01 00:59 - 19444544 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv32.dll
2012-03-17 02:30 - 2012-03-01 00:59 - 17543488 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-03-17 02:30 - 2012-03-01 00:59 - 10819392 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-03-17 02:30 - 2012-03-01 00:59 - 0061248 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2012-03-17 02:30 - 2012-03-01 00:59 - 0008772 ____A C:\Windows\System32\nvinfo.pb
2012-03-17 00:22 - 2012-03-17 00:22 - 0000000 ____D C:\Users\Mirko\AppData\Local\{DD200355-122D-489C-B119-E4B2E3CE50BB}
2012-03-17 00:21 - 2012-03-17 00:22 - 0000000 ____D C:\Users\Mirko\AppData\Local\{838CA04F-63BA-4179-B9AF-6F606D1C6EFA}
2012-03-15 16:33 - 2012-03-15 16:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{CF18799E-161B-47F3-85C5-8A2FE82AE568}
2012-03-15 16:33 - 2012-03-15 16:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3C33CE78-8B75-4832-AE07-3F9B0CD2586B}
2012-03-14 23:14 - 2011-11-19 15:50 - 3968368 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-03-14 23:14 - 2011-11-19 15:50 - 3913584 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-14 21:33 - 2012-03-14 21:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{784F5B8A-1D31-4BAD-A682-8E3131FC762C}
2012-03-14 20:04 - 2012-03-14 20:04 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B15E9425-479A-4421-A3FE-6ABF5BED320D}
2012-03-14 19:45 - 2012-03-14 19:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3F67D0E6-FCD7-46EB-86E2-8B7D44C78867}
2012-03-14 19:45 - 2012-03-14 19:45 - 0000000 ____D C:\Users\Mirko\AppData\Local\{BE58192C-B8D8-4B90-B114-A8DF7ED74030}
2012-03-14 19:44 - 2012-02-10 06:38 - 1077248 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-03-14 19:44 - 2012-02-03 04:54 - 2343424 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-14 19:43 - 2012-02-17 06:34 - 0826880 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-03-14 19:43 - 2012-02-17 05:14 - 0183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-03-14 19:43 - 2012-02-17 05:13 - 0024576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-03-14 19:43 - 2012-01-25 06:32 - 0129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-03-14 19:43 - 2012-01-25 06:32 - 0058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-03-14 19:43 - 2012-01-25 06:27 - 0008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-03-12 23:47 - 2012-03-12 23:47 - 0000000 ____D C:\Users\Mirko\AppData\Local\{D23A4E70-7595-4F59-823C-660A17A594B2}
2012-03-12 23:47 - 2012-03-12 23:47 - 0000000 ____D C:\Users\Mirko\AppData\Local\{1711D047-5EDA-4C2A-A3E4-D9D514465999}
2012-03-12 23:37 - 2012-03-12 23:38 - 0000000 ____D C:\Users\Mirko\AppData\Local\{950947C9-DA09-4054-B61E-F79174DA7098}
2012-03-12 23:37 - 2012-03-12 23:37 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0DC93FE6-21C1-4D31-A3D5-42613D4C3FA6}
2012-03-11 12:51 - 2012-03-11 12:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{50CB342D-C587-49D6-A511-8A2E6640589C}
2012-03-11 12:50 - 2012-03-11 12:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9091A904-0C16-45DC-BC1E-81610F3B44F2}
2012-03-10 13:07 - 2012-03-10 13:07 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0A74EB33-D3AA-48C7-9D0D-E1A6918CB114}
2012-03-10 13:01 - 2012-03-10 13:01 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E4A4E985-D429-479E-9942-1D5123435AED}
2012-03-10 13:01 - 2012-03-10 13:01 - 0000000 ____D C:\Users\Mirko\AppData\Local\{4420D810-FED1-428D-92B8-BE4A398E6FDC}
2012-03-09 14:02 - 2012-03-09 14:02 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F7195F82-27A7-4BF6-8358-F8FB306EA2CE}
2012-03-09 14:02 - 2012-03-09 14:02 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E962E83B-0C8A-4B05-8CB5-F3F2F71DFB6C}
2012-03-09 12:35 - 2012-03-09 12:35 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E186CF0A-3733-40AA-8A99-0B84539A004C}
2012-03-09 12:34 - 2012-03-09 12:35 - 0000000 ____D C:\Users\Mirko\AppData\Local\{1FB1BF71-85D5-45FF-9C04-677EBF9B3A25}
2012-03-08 13:58 - 2012-03-08 13:58 - 0000000 ____D C:\Users\Mirko\AppData\Local\{CB9E5680-5B0D-447C-9490-3B8F3248425E}
2012-03-08 13:52 - 2012-03-08 13:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9514293D-05AB-481A-94DB-7E21F6D327AD}
2012-03-08 13:52 - 2012-03-08 13:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5E684DA0-3F5E-4B05-A87D-40BA2FFB9D25}
2012-03-08 13:49 - 2012-03-08 13:49 - 0000000 ____D C:\Users\Mirko\Desktop\Neuer Ordner
2012-03-08 13:47 - 2012-03-08 13:48 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6FFEBC7C-F2AA-4C57-9B65-9698C8D2E559}
2012-03-08 13:47 - 2012-03-08 13:47 - 0000000 ____D C:\Users\Mirko\AppData\Local\{BD5E3F62-64C0-4177-B1EE-D4B1931F6CD6}
2012-03-07 22:06 - 2012-03-07 22:06 - 0000000 ____D C:\Users\Mirko\AppData\Roaming\WinRAR
2012-03-07 22:06 - 2012-03-07 22:06 - 0000000 ____D C:\Program Files\WinRAR
2012-03-07 21:42 - 2012-03-07 21:42 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F74A7AAE-2761-4C17-9708-B8E9A1143009}
2012-03-07 21:42 - 2012-03-07 21:42 - 0000000 ____D C:\Users\Mirko\AppData\Local\{8C40ACC5-4B2B-4643-B630-72507EC40461}
2012-03-07 20:17 - 2012-03-07 20:17 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FA4B0869-2DB8-4888-9622-6C16848B5716}
2012-03-07 20:17 - 2012-03-07 20:17 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F69BAB43-0537-43F9-B914-C9E20D31CC63}
2012-03-06 22:10 - 2012-03-06 22:11 - 0000000 ____D C:\Users\Mirko\AppData\Local\{31AD5E9D-8B5C-4CCD-90F2-FABCCFA8763D}
2012-03-06 22:10 - 2012-03-06 22:10 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B99276B6-9388-4AB8-ABF2-1A27C67B570A}
2012-03-06 21:30 - 2012-03-06 21:30 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A90297AE-352D-4ABF-A262-33D9837D602F}
2012-03-06 21:29 - 2012-03-06 21:30 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2EC6BC29-5557-475F-BB49-3CED94A1F910}
2012-03-05 23:31 - 2012-03-05 23:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{512CA563-6226-4F0D-876B-0914910288F0}
2012-03-05 23:31 - 2012-03-05 23:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{4B924EA3-7F1B-4296-87DA-BFAD8CE8D4AE}
2012-03-05 14:01 - 2012-03-05 14:01 - 0000000 ____D C:\Users\Mirko\AppData\Local\{98BA5536-A39A-4642-8429-F67C9C4BF026}
2012-03-05 13:39 - 2012-03-05 13:39 - 0000000 ____D C:\Users\Mirko\AppData\Local\{EFB94444-2ABE-4FAF-A132-E5253D01196D}
2012-03-05 13:39 - 2012-03-05 13:39 - 0000000 ____D C:\Users\Mirko\AppData\Local\{4D2FCFCC-DAD5-4B31-B4D1-9F6C82F0BEA4}
2012-03-04 11:57 - 2012-03-04 11:57 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C90D8238-C89F-4BE0-A376-44CF8D5F900E}
2012-03-04 11:56 - 2012-03-04 11:57 - 0000000 ____D C:\Users\Mirko\AppData\Local\{99163C48-B2DB-4602-AABA-4E65C5B21DF5}
2012-03-03 20:58 - 2012-03-03 20:58 - 0000000 ____D C:\Users\Mirko\AppData\Local\{77839E18-3631-49F3-9436-5712A2696897}
2012-02-29 13:26 - 2012-02-29 13:26 - 0416064 ____A C:\Windows\System32\nvStreaming.exe
2012-02-27 21:10 - 2012-02-27 21:11 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A7672DE6-E988-4A51-84B0-5CC9833D60A3}
2012-02-27 21:10 - 2012-02-27 21:10 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C6A56313-37D9-4F1B-9410-658A52B5A06D}
2012-02-27 21:05 - 2012-02-27 21:05 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6B534BAF-1E47-4BCB-9779-24B400112277}
2012-02-27 20:54 - 2012-02-27 20:54 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FA003975-C086-49C8-94C6-839252838CED}
2012-02-27 20:18 - 2012-02-27 20:18 - 0000000 ____D C:\Users\Mirko\AppData\Local\{ED9056F1-C93F-446B-954E-5E8D44ED3152}
2012-02-27 19:56 - 2012-02-27 19:56 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A347AB25-F19C-4029-8E18-E3CD421C6109}
2012-02-27 19:55 - 2012-02-27 19:56 - 0000000 ____D C:\Users\Mirko\AppData\Local\{AB38F090-F74D-41B3-BD3B-9A88AA671012}
2012-02-25 20:45 - 2012-03-18 22:38 - 0000000 ____D C:\users\UpdatusUser
2012-02-25 20:45 - 2012-02-25 20:45 - 0000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Vorlagen
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Startmenü
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Netzwerkumgebung
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Lokale Einstellungen
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Eigene Dateien
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Druckumgebung
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Eigene Videos
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Eigene Musik
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Eigene Bilder
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Verlauf
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Anwendungsdaten
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 ____D C:\Users\UpdatusUser\AppData\LocalLow
2012-02-25 20:45 - 2009-07-14 09:56 - 0000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs
2012-02-25 18:34 - 2012-02-25 18:34 - 0000000 ____D C:\Users\Mirko\AppData\Local\{59A80B29-220D-46B3-9394-07B29A7A58AB}
2012-02-25 18:34 - 2012-02-25 18:34 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2DF89DFE-63F3-4052-961D-1275A8068DFF}
2012-02-24 20:13 - 2012-02-24 20:13 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3759F4B4-83A3-4B2F-A98E-E87967B579D5}
2012-02-24 20:13 - 2012-02-24 20:13 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2A9B8FDC-42A4-4C48-B378-102330A95621}
2012-02-24 19:32 - 2012-02-24 19:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{BB677BEE-815B-4BB7-8653-2B74E8E51880}
2012-02-24 19:32 - 2012-02-24 19:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B27DF6A7-101E-47FE-AF31-74419004425E}
2012-02-22 21:31 - 2012-02-22 21:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{AC12CA8D-B93D-43B8-A495-62806630D648}
2012-02-22 21:31 - 2012-02-22 21:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0E88C5D7-CBAE-43DD-8986-3CF710C47F6E}
2012-02-22 20:15 - 2012-02-22 20:15 - 0000000 ____D C:\Users\Mirko\AppData\Local\{05F0B6D6-55A6-4988-ADCC-7E331E1E251E}
2012-02-22 20:14 - 2012-02-22 20:15 - 0000000 ____D C:\Users\Mirko\AppData\Local\{33BE397C-68F9-40F4-89A3-9A554D2FC764}
2012-02-20 19:28 - 2012-02-20 19:28 - 0000000 ____D C:\Users\Mirko\AppData\Local\{CD4E1979-64D5-41F5-8052-EB74C6867017}
2012-02-20 19:27 - 2012-02-20 19:28 - 0000000 ____D C:\Users\Mirko\AppData\Local\{474FC755-C538-401B-8685-FD460D49833D}
2012-02-20 18:49 - 2012-02-20 18:49 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C9729181-E033-49E1-B68C-B9799411299A}
2012-02-20 18:48 - 2012-02-20 18:49 - 0000000 ____D C:\Users\Mirko\AppData\Local\{197305BC-0566-438E-8E17-3D757A49FD46}
2012-02-17 20:48 - 2011-12-14 04:30 - 12282368 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-17 20:48 - 2011-12-14 04:10 - 9705472 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-17 20:48 - 2011-12-14 04:04 - 1798656 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-02-17 20:48 - 2011-12-14 03:57 - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-17 20:48 - 2011-12-14 03:57 - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-17 20:48 - 2011-12-14 03:56 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-02-17 20:48 - 2011-12-14 03:55 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-17 20:48 - 2011-12-14 03:54 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-17 20:48 - 2011-12-14 03:53 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-02-17 20:48 - 2011-12-14 03:52 - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-17 20:48 - 2011-12-14 03:50 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-17 20:48 - 2011-12-14 03:50 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-17 20:48 - 2011-12-14 03:47 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-17 19:46 - 2012-02-17 19:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C0718014-6E19-4842-9A39-B081F38CEF3C}
2012-02-17 19:45 - 2012-02-17 19:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A812A777-178F-4C30-A879-6603653A54B7}
2012-02-17 18:41 - 2012-02-17 18:41 - 0000000 ____D C:\Users\Mirko\AppData\Local\{93AAF228-5A47-4024-BF67-3502F2C665C9}
2012-02-17 18:41 - 2012-02-17 18:41 - 0000000 ____D C:\Users\Mirko\AppData\Local\{73BA2A76-E2C6-4AF9-B03D-6502E7C601AA}
2012-02-17 18:37 - 2012-01-04 09:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-02-17 18:37 - 2012-01-04 09:58 - 0442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-02-17 18:37 - 2011-12-30 06:27 - 0478720 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-02-17 18:37 - 2011-12-16 08:52 - 0690688 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-02-17 18:28 - 2012-02-17 18:28 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0B8CEAAD-2FAE-4468-BDE1-46C89377A5FF}
2012-02-17 18:27 - 2012-02-17 18:27 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9459F81F-57DD-4F76-88C8-68FA52A7FF56}


============ 3 Months Modified Files and Folders ===============

2012-03-18 23:29 - 2012-03-18 23:29 - 0000000 ____D C:\FRST
2012-03-18 23:21 - 2011-09-20 00:46 - 0000000 ____D C:\Users\All Users\NVIDIA
2012-03-18 23:21 - 2011-09-20 00:46 - 0000000 ____D C:\ProgramData\NVIDIA
2012-03-18 23:21 - 2009-07-14 05:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-03-18 23:21 - 2009-07-14 05:39 - 0047690 ____A C:\Windows\setupact.log
2012-03-18 23:20 - 2011-04-13 22:39 - 2616545280 __ASH C:\hiberfil.sys
2012-03-18 23:19 - 2011-09-02 19:36 - 0000000 ____D C:\Users\Mirko\AppData\Local\PMB Files
2012-03-18 23:19 - 2011-07-04 17:08 - 0000000 ____D C:\Users\Mirko\Tracing
2012-03-18 23:19 - 2011-07-03 20:04 - 0000000 ____D C:\Users\Mirko\AppData\Local\Deployment
2012-03-18 22:42 - 2012-03-18 22:39 - 0065244 ____A C:\OTL.Txt
2012-03-18 22:38 - 2012-02-25 20:45 - 0000000 ____D C:\users\UpdatusUser
2012-03-18 22:38 - 2011-04-13 22:54 - 0000000 ____D C:\users\Mirko
2012-03-17 19:58 - 2012-03-17 19:49 - 0804194 ____A C:\Windows\ntbtlog.txt
2012-03-17 19:55 - 2012-03-17 19:55 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0450155C-8D23-4EFA-B5D1-D79FE30DAB59}
2012-03-17 19:54 - 2011-04-13 22:42 - 2045560 ____A C:\Windows\WindowsUpdate.log
2012-03-17 19:54 - 2009-07-14 05:34 - 0015120 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-03-17 19:54 - 2009-07-14 05:34 - 0015120 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-03-17 19:52 - 2012-03-17 19:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FEFC00E7-93A8-442A-978C-7E39BDAF67FB}
2012-03-17 19:51 - 2011-04-13 23:31 - 0000000 ____D C:\Users\Mirko\AppData\Roaming\Dropbox
2012-03-17 19:46 - 2012-03-17 19:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{CE1F9541-6225-42E0-9F8D-505A3683E8BF}
2012-03-17 19:46 - 2012-03-17 19:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2135514A-0268-4F17-8962-A7B6FD5A0530}
2012-03-17 19:05 - 2012-03-17 16:39 - 0000000 ___AD C:\Kaspersky Rescue Disk 10.0
2012-03-17 15:48 - 2012-03-17 15:48 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3E10A6E3-BF43-4F6D-8642-A4C9BA54460C}
2012-03-17 15:45 - 2012-03-17 15:45 - 0000000 ____D C:\Users\Mirko\AppData\Local\{28312DEB-F493-4A36-89D4-44A9F811078D}
2012-03-17 15:18 - 2012-03-17 15:18 - 0001057 ____A C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.6773563434665045.exe.lnk
2012-03-17 15:11 - 2012-03-17 15:11 - 0000000 ____D C:\Users\Mirko\AppData\Local\{615F3950-6032-4383-9DA0-6D3B191AF1C3}
2012-03-17 15:11 - 2011-05-06 15:45 - 0000000 ____D C:\Program Files\Common Files\Steam
2012-03-17 02:35 - 2011-06-23 21:37 - 0000000 ____D C:\Users\Mirko\AppData\Roaming\Skype
2012-03-17 02:35 - 2011-04-13 23:23 - 0000000 ____D C:\Users\Mirko\AppData\Roaming\ICQ
2012-03-17 02:35 - 2009-07-14 03:37 - 0000000 ____D C:\Windows\System32\DriverStore
2012-03-17 02:34 - 2011-04-13 23:34 - 0000000 ____D C:\Program Files\NVIDIA Corporation
2012-03-17 02:32 - 2011-09-23 17:50 - 0000000 ____D C:\NVIDIA
2012-03-17 00:22 - 2012-03-17 00:22 - 0000000 ____D C:\Users\Mirko\AppData\Local\{DD200355-122D-489C-B119-E4B2E3CE50BB}
2012-03-17 00:22 - 2012-03-17 00:21 - 0000000 ____D C:\Users\Mirko\AppData\Local\{838CA04F-63BA-4179-B9AF-6F606D1C6EFA}
2012-03-15 16:33 - 2012-03-15 16:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{CF18799E-161B-47F3-85C5-8A2FE82AE568}
2012-03-15 16:33 - 2012-03-15 16:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3C33CE78-8B75-4832-AE07-3F9B0CD2586B}
2012-03-15 16:31 - 2009-07-14 05:33 - 0401968 ____A C:\Windows\System32\FNTCACHE.DAT
2012-03-14 23:14 - 2011-04-13 23:08 - 54215544 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-03-14 21:33 - 2012-03-14 21:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{784F5B8A-1D31-4BAD-A682-8E3131FC762C}
2012-03-14 20:04 - 2012-03-14 20:04 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B15E9425-479A-4421-A3FE-6ABF5BED320D}
2012-03-14 19:46 - 2012-03-14 19:45 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3F67D0E6-FCD7-46EB-86E2-8B7D44C78867}
2012-03-14 19:45 - 2012-03-14 19:45 - 0000000 ____D C:\Users\Mirko\AppData\Local\{BE58192C-B8D8-4B90-B114-A8DF7ED74030}
2012-03-12 23:47 - 2012-03-12 23:47 - 0000000 ____D C:\Users\Mirko\AppData\Local\{D23A4E70-7595-4F59-823C-660A17A594B2}
2012-03-12 23:47 - 2012-03-12 23:47 - 0000000 ____D C:\Users\Mirko\AppData\Local\{1711D047-5EDA-4C2A-A3E4-D9D514465999}
2012-03-12 23:38 - 2012-03-12 23:37 - 0000000 ____D C:\Users\Mirko\AppData\Local\{950947C9-DA09-4054-B61E-F79174DA7098}
2012-03-12 23:37 - 2012-03-12 23:37 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0DC93FE6-21C1-4D31-A3D5-42613D4C3FA6}
2012-03-11 12:51 - 2012-03-11 12:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{50CB342D-C587-49D6-A511-8A2E6640589C}
2012-03-11 12:51 - 2012-03-11 12:50 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9091A904-0C16-45DC-BC1E-81610F3B44F2}
2012-03-10 13:07 - 2012-03-10 13:07 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0A74EB33-D3AA-48C7-9D0D-E1A6918CB114}
2012-03-10 13:04 - 2011-04-19 21:56 - 0000000 ____D C:\Users\Mirko\AppData\Roaming\vlc
2012-03-10 13:03 - 2011-04-13 23:23 - 0000000 ____D C:\Users\Mirko\AppData\Roaming\Winamp
2012-03-10 13:01 - 2012-03-10 13:01 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E4A4E985-D429-479E-9942-1D5123435AED}
2012-03-10 13:01 - 2012-03-10 13:01 - 0000000 ____D C:\Users\Mirko\AppData\Local\{4420D810-FED1-428D-92B8-BE4A398E6FDC}
2012-03-09 15:03 - 2009-07-14 03:37 - 0000000 ____D C:\Windows\Microsoft.NET
2012-03-09 14:02 - 2012-03-09 14:02 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F7195F82-27A7-4BF6-8358-F8FB306EA2CE}
2012-03-09 14:02 - 2012-03-09 14:02 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E962E83B-0C8A-4B05-8CB5-F3F2F71DFB6C}
2012-03-09 12:35 - 2012-03-09 12:35 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E186CF0A-3733-40AA-8A99-0B84539A004C}
2012-03-09 12:35 - 2012-03-09 12:34 - 0000000 ____D C:\Users\Mirko\AppData\Local\{1FB1BF71-85D5-45FF-9C04-677EBF9B3A25}
2012-03-08 13:58 - 2012-03-08 13:58 - 0000000 ____D C:\Users\Mirko\AppData\Local\{CB9E5680-5B0D-447C-9490-3B8F3248425E}
2012-03-08 13:52 - 2012-03-08 13:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9514293D-05AB-481A-94DB-7E21F6D327AD}
2012-03-08 13:52 - 2012-03-08 13:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5E684DA0-3F5E-4B05-A87D-40BA2FFB9D25}
2012-03-08 13:51 - 2011-04-13 23:00 - 1498506 ____A C:\Windows\System32\PerfStringBackup.INI
2012-03-08 13:49 - 2012-03-08 13:49 - 0000000 ____D C:\Users\Mirko\Desktop\Neuer Ordner
2012-03-08 13:48 - 2012-03-08 13:47 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6FFEBC7C-F2AA-4C57-9B65-9698C8D2E559}
2012-03-08 13:47 - 2012-03-08 13:47 - 0000000 ____D C:\Users\Mirko\AppData\Local\{BD5E3F62-64C0-4177-B1EE-D4B1931F6CD6}
2012-03-07 22:06 - 2012-03-07 22:06 - 0000000 ____D C:\Users\Mirko\AppData\Roaming\WinRAR
2012-03-07 22:06 - 2012-03-07 22:06 - 0000000 ____D C:\Program Files\WinRAR
2012-03-07 21:42 - 2012-03-07 21:42 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F74A7AAE-2761-4C17-9708-B8E9A1143009}
2012-03-07 21:42 - 2012-03-07 21:42 - 0000000 ____D C:\Users\Mirko\AppData\Local\{8C40ACC5-4B2B-4643-B630-72507EC40461}
2012-03-07 20:17 - 2012-03-07 20:17 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FA4B0869-2DB8-4888-9622-6C16848B5716}
2012-03-07 20:17 - 2012-03-07 20:17 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F69BAB43-0537-43F9-B914-C9E20D31CC63}
2012-03-06 22:11 - 2012-03-06 22:10 - 0000000 ____D C:\Users\Mirko\AppData\Local\{31AD5E9D-8B5C-4CCD-90F2-FABCCFA8763D}
2012-03-06 22:10 - 2012-03-06 22:10 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B99276B6-9388-4AB8-ABF2-1A27C67B570A}
2012-03-06 21:30 - 2012-03-06 21:30 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A90297AE-352D-4ABF-A262-33D9837D602F}
2012-03-06 21:30 - 2012-03-06 21:29 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2EC6BC29-5557-475F-BB49-3CED94A1F910}
2012-03-05 23:31 - 2012-03-05 23:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{512CA563-6226-4F0D-876B-0914910288F0}
2012-03-05 23:31 - 2012-03-05 23:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{4B924EA3-7F1B-4296-87DA-BFAD8CE8D4AE}
2012-03-05 14:01 - 2012-03-05 14:01 - 0000000 ____D C:\Users\Mirko\AppData\Local\{98BA5536-A39A-4642-8429-F67C9C4BF026}
2012-03-05 13:39 - 2012-03-05 13:39 - 0000000 ____D C:\Users\Mirko\AppData\Local\{EFB94444-2ABE-4FAF-A132-E5253D01196D}
2012-03-05 13:39 - 2012-03-05 13:39 - 0000000 ____D C:\Users\Mirko\AppData\Local\{4D2FCFCC-DAD5-4B31-B4D1-9F6C82F0BEA4}
2012-03-04 11:57 - 2012-03-04 11:57 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C90D8238-C89F-4BE0-A376-44CF8D5F900E}
2012-03-04 11:57 - 2012-03-04 11:56 - 0000000 ____D C:\Users\Mirko\AppData\Local\{99163C48-B2DB-4602-AABA-4E65C5B21DF5}
2012-03-03 20:59 - 2011-04-13 23:34 - 0001017 ____A C:\Users\Mirko\Desktop\Dropbox.lnk
2012-03-03 20:59 - 2011-04-13 23:33 - 0000997 ____A C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-03-03 20:58 - 2012-03-03 20:58 - 0000000 ____D C:\Users\Mirko\AppData\Local\{77839E18-3631-49F3-9436-5712A2696897}
2012-03-01 00:59 - 2012-03-17 02:30 - 5892928 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-03-01 00:59 - 2012-03-17 02:30 - 2517312 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-03-01 00:59 - 2012-03-17 02:30 - 2437440 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-03-01 00:59 - 2012-03-17 02:30 - 19444544 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv32.dll
2012-03-01 00:59 - 2012-03-17 02:30 - 17543488 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-03-01 00:59 - 2012-03-17 02:30 - 10819392 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-03-01 00:59 - 2012-03-17 02:30 - 0061248 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2012-03-01 00:59 - 2012-03-17 02:30 - 0008772 ____A C:\Windows\System32\nvinfo.pb
2012-03-01 00:59 - 2011-09-23 17:51 - 1000256 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco32.dll
2012-03-01 00:59 - 2011-09-23 17:51 - 0881984 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco32.dll
2012-03-01 00:59 - 2011-05-21 05:01 - 2301248 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi.dll
2012-03-01 00:59 - 2011-02-23 07:27 - 15009600 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dum.dll
2012-03-01 00:59 - 2009-07-13 23:09 - 7713088 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2um.dll
2012-02-29 21:56 - 2011-09-20 00:46 - 3881792 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2012-02-29 21:55 - 2011-09-20 00:46 - 2719040 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc.dll
2012-02-29 21:53 - 2011-09-20 00:46 - 2561344 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2012-02-29 21:53 - 2011-09-20 00:46 - 0645440 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2012-02-29 21:53 - 2011-09-20 00:46 - 0108352 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2012-02-29 21:53 - 2011-09-20 00:46 - 0062272 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2012-02-29 13:26 - 2012-02-29 13:26 - 0416064 ____A C:\Windows\System32\nvStreaming.exe
2012-02-27 21:11 - 2012-02-27 21:10 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A7672DE6-E988-4A51-84B0-5CC9833D60A3}
2012-02-27 21:10 - 2012-02-27 21:10 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C6A56313-37D9-4F1B-9410-658A52B5A06D}
2012-02-27 21:05 - 2012-02-27 21:05 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6B534BAF-1E47-4BCB-9779-24B400112277}
2012-02-27 20:54 - 2012-02-27 20:54 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FA003975-C086-49C8-94C6-839252838CED}
2012-02-27 20:18 - 2012-02-27 20:18 - 0000000 ____D C:\Users\Mirko\AppData\Local\{ED9056F1-C93F-446B-954E-5E8D44ED3152}
2012-02-27 19:56 - 2012-02-27 19:56 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A347AB25-F19C-4029-8E18-E3CD421C6109}
2012-02-27 19:56 - 2012-02-27 19:55 - 0000000 ____D C:\Users\Mirko\AppData\Local\{AB38F090-F74D-41B3-BD3B-9A88AA671012}
2012-02-25 20:45 - 2012-02-25 20:45 - 0000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Vorlagen
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Startmenü
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Netzwerkumgebung
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Lokale Einstellungen
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Eigene Dateien
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Druckumgebung
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Eigene Videos
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Eigene Musik
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Eigene Bilder
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Verlauf
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 __SHD C:\Users\UpdatusUser\Anwendungsdaten
2012-02-25 20:45 - 2012-02-25 20:45 - 0000000 ____D C:\Users\UpdatusUser\AppData\LocalLow
2012-02-25 18:34 - 2012-02-25 18:34 - 0000000 ____D C:\Users\Mirko\AppData\Local\{59A80B29-220D-46B3-9394-07B29A7A58AB}
2012-02-25 18:34 - 2012-02-25 18:34 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2DF89DFE-63F3-4052-961D-1275A8068DFF}
2012-02-24 20:13 - 2012-02-24 20:13 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3759F4B4-83A3-4B2F-A98E-E87967B579D5}
2012-02-24 20:13 - 2012-02-24 20:13 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2A9B8FDC-42A4-4C48-B378-102330A95621}
2012-02-24 19:32 - 2012-02-24 19:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{BB677BEE-815B-4BB7-8653-2B74E8E51880}
2012-02-24 19:32 - 2012-02-24 19:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B27DF6A7-101E-47FE-AF31-74419004425E}
2012-02-23 09:18 - 2011-04-13 23:08 - 0237072 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-02-22 21:31 - 2012-02-22 21:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{AC12CA8D-B93D-43B8-A495-62806630D648}
2012-02-22 21:31 - 2012-02-22 21:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0E88C5D7-CBAE-43DD-8986-3CF710C47F6E}
2012-02-22 20:15 - 2012-02-22 20:15 - 0000000 ____D C:\Users\Mirko\AppData\Local\{05F0B6D6-55A6-4988-ADCC-7E331E1E251E}
2012-02-22 20:15 - 2012-02-22 20:14 - 0000000 ____D C:\Users\Mirko\AppData\Local\{33BE397C-68F9-40F4-89A3-9A554D2FC764}
2012-02-20 19:28 - 2012-02-20 19:28 - 0000000 ____D C:\Users\Mirko\AppData\Local\{CD4E1979-64D5-41F5-8052-EB74C6867017}
2012-02-20 19:28 - 2012-02-20 19:27 - 0000000 ____D C:\Users\Mirko\AppData\Local\{474FC755-C538-401B-8685-FD460D49833D}
2012-02-20 18:49 - 2012-02-20 18:49 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C9729181-E033-49E1-B68C-B9799411299A}
2012-02-20 18:49 - 2012-02-20 18:48 - 0000000 ____D C:\Users\Mirko\AppData\Local\{197305BC-0566-438E-8E17-3D757A49FD46}
2012-02-20 18:47 - 2011-04-13 22:55 - 0000174 ___SH C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-20 18:45 - 2011-07-04 17:03 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2012-02-17 20:44 - 2011-04-13 23:21 - 0000000 ____D C:\Program Files\Mozilla Firefox
2012-02-17 19:46 - 2012-02-17 19:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C0718014-6E19-4842-9A39-B081F38CEF3C}
2012-02-17 19:46 - 2012-02-17 19:45 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A812A777-178F-4C30-A879-6603653A54B7}
2012-02-17 18:41 - 2012-02-17 18:41 - 0000000 ____D C:\Users\Mirko\AppData\Local\{93AAF228-5A47-4024-BF67-3502F2C665C9}
2012-02-17 18:41 - 2012-02-17 18:41 - 0000000 ____D C:\Users\Mirko\AppData\Local\{73BA2A76-E2C6-4AF9-B03D-6502E7C601AA}
2012-02-17 18:28 - 2012-02-17 18:28 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0B8CEAAD-2FAE-4468-BDE1-46C89377A5FF}
2012-02-17 18:27 - 2012-02-17 18:27 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9459F81F-57DD-4F76-88C8-68FA52A7FF56}
2012-02-17 06:34 - 2012-03-14 19:43 - 0826880 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-17 05:14 - 2012-03-14 19:43 - 0183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-17 05:13 - 2012-03-14 19:43 - 0024576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-15 20:15 - 2012-02-15 20:15 - 0000000 ____D C:\Users\Mirko\AppData\Local\{56A74B23-5C8C-4699-9844-6C0A9BCCE419}
2012-02-15 20:15 - 2012-02-15 20:15 - 0000000 ____D C:\Users\Mirko\AppData\Local\{05730CCA-A3C7-4631-9D29-038FB1E2A904}
2012-02-15 19:35 - 2011-10-16 21:18 - 0137416 ____A (Avira GmbH) C:\Windows\System32\Drivers\avipbb.sys
2012-02-14 19:58 - 2012-02-14 19:58 - 0000000 ____D C:\Users\Mirko\AppData\Local\{41687A02-7D0E-4E36-BA19-DE20CE7E061E}
2012-02-14 19:58 - 2012-02-14 19:58 - 0000000 ____D C:\Users\Mirko\AppData\Local\{39288098-27A9-4C14-B70E-66592973B29F}
2012-02-14 18:40 - 2012-02-14 18:40 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9ABE9666-E999-4270-80EC-CB93DDBE0B7A}
2012-02-14 18:40 - 2012-02-14 18:40 - 0000000 ____D C:\Users\Mirko\AppData\Local\{40CDD55C-7B87-4E68-BBBF-7E34FBEAA8EE}
2012-02-13 20:37 - 2012-02-13 20:36 - 0000000 ____D C:\Users\Mirko\AppData\Local\{672A775A-0EDA-47E6-BF65-33AD80925A6E}
2012-02-13 20:36 - 2012-02-13 20:36 - 0000000 ____D C:\Users\Mirko\AppData\Local\{1881B5C5-E7A8-45CF-9610-4F14DF20E69A}
2012-02-13 18:54 - 2012-02-13 18:54 - 0000000 ____D C:\Users\Mirko\AppData\Local\{71EF622F-CBF4-4875-A5C8-191BDA7652FC}
2012-02-13 18:54 - 2012-02-13 18:53 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B425B048-540A-4616-ABF0-7FE512F4D644}
2012-02-13 17:17 - 2012-02-13 17:17 - 0000000 ____D C:\Users\Mirko\AppData\Local\{93F8576F-7215-4AFF-863C-614618C61C39}
2012-02-13 17:17 - 2012-02-13 17:16 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9DE8EF9B-B021-496D-8258-2FB20B32E68D}
2012-02-12 19:17 - 2012-02-12 19:17 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E71E3684-D424-4F93-8380-297558C1A839}
2012-02-12 19:17 - 2012-02-12 19:17 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5CBDC6BE-0853-4B0F-878D-596ED4C8F9A3}
2012-02-12 18:26 - 2012-02-12 18:26 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C8CFE387-0316-4462-8D28-7A3AA4F55487}
2012-02-12 18:22 - 2012-02-12 18:22 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B546E188-F9F1-4B3C-BEC2-DD273D3B2F69}
2012-02-12 18:21 - 2012-02-12 18:21 - 0000000 ____D C:\Users\Mirko\AppData\Local\{15276D90-8AE6-4FBF-A96F-72BE257852E6}
2012-02-12 18:19 - 2012-02-12 18:18 - 0000000 ____D C:\Users\Mirko\AppData\Local\{20BA0EFF-7AB1-4FA4-BFBE-FE53102706F0}
2012-02-12 18:18 - 2012-02-12 18:18 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9923F636-61B7-4065-9A67-3EECF0210476}
2012-02-10 06:38 - 2012-03-14 19:44 - 1077248 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-08 23:51 - 2012-02-08 23:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{DE47105B-882B-42A3-B07D-B156A545A9E1}
2012-02-08 23:51 - 2012-02-08 23:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{DBA56054-7CAD-401A-9888-127D1B18204A}
2012-02-08 23:33 - 2012-02-08 23:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C23967B0-1E23-4CF5-93B5-FA9464897F89}
2012-02-08 23:32 - 2012-02-08 23:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{690BD672-95E5-4E71-87AD-AE19AFDEED6C}
2012-02-08 19:52 - 2012-02-08 19:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F55C4AA5-3576-4D57-8357-11ECDF86CDD3}
2012-02-08 19:51 - 2012-02-08 19:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{75319829-DB09-428C-93F2-53C94555C41D}
2012-02-06 17:50 - 2012-02-06 17:50 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B13CE63A-6165-43ED-BDBC-A76A92B36A15}
2012-02-06 17:49 - 2012-02-06 17:49 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9CCB3A5D-068E-4941-B791-DC2FABDE3A75}
2012-02-03 20:42 - 2012-02-03 20:42 - 0000000 ____D C:\Users\Mirko\AppData\Local\{1ECF584D-22A3-4092-8CDB-CBB68E295F6D}
2012-02-03 18:52 - 2012-02-03 18:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E721D3DB-5FB8-4A04-A95C-A93851260615}
2012-02-03 18:52 - 2012-02-03 18:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{D4331679-B067-4DBE-B65D-B2926DCD3B0B}
2012-02-03 04:54 - 2012-03-14 19:44 - 2343424 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-02 21:21 - 2012-02-02 21:21 - 0000000 ____D C:\Users\Mirko\AppData\Local\{24409264-137C-403C-B2FE-B4A8456D06CA}
2012-02-02 21:21 - 2012-02-02 21:20 - 0000000 ____D C:\Users\Mirko\AppData\Local\{40F5A90E-5BD6-4D90-8C69-26CE195BBC27}
2012-02-02 20:40 - 2012-02-02 20:40 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2D4EADF6-ED72-4736-85BA-D94E112E169E}
2012-02-02 20:40 - 2012-02-02 20:40 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0F7152F9-62C2-48F5-9296-36DDC5A93622}
2012-02-02 19:27 - 2012-02-02 19:27 - 0000000 ____D C:\Users\Mirko\AppData\Local\{4CF9C31A-C872-4E8C-9501-16AF8F5585D0}
2012-02-02 19:27 - 2012-02-02 19:27 - 0000000 ____D C:\Users\Mirko\AppData\Local\{31316BAC-DAFB-4D08-9321-A3C3D679443E}
2012-02-01 23:12 - 2012-02-01 23:12 - 0000000 ____D C:\Users\Mirko\AppData\Local\{BE29F7C4-F240-44B1-8409-2BBE8312537C}
2012-02-01 21:49 - 2012-02-01 21:49 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5E8E8B79-FCBC-4686-9A10-EB83FB72E1C0}
2012-02-01 21:27 - 2012-02-01 21:27 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B8B9D7D4-B93F-4C58-9DC2-EC034C197FAD}
2012-02-01 21:27 - 2012-02-01 21:27 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B4419D61-48B1-4AD5-BD6D-7990538122AB}
2012-02-01 21:27 - 2012-02-01 21:27 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2283B092-CA73-4BE2-BDC2-18F400090FF9}
2012-02-01 20:24 - 2012-02-01 20:24 - 0000000 ____D C:\Users\Mirko\AppData\Local\{7DDB9154-DA94-4EE5-B0A5-C8D3558A2AFC}
2012-02-01 20:24 - 2012-02-01 20:24 - 0000000 ____D C:\Users\Mirko\AppData\Local\{7497A17B-5B2B-4F04-A7D1-616182784FCE}
2012-02-01 19:33 - 2012-02-01 19:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{52455798-5646-4F1F-874E-FE617BB032D4}
2012-02-01 19:33 - 2012-02-01 19:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C20F62DF-8684-496D-A487-9DF0525A62C8}
2012-01-31 21:35 - 2012-01-31 21:35 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B65AC318-55E9-44AF-9832-A3E1FF0FCE1E}
2012-01-31 21:35 - 2012-01-31 21:35 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A58DE2F4-E556-4843-A24A-0CA797F5482E}
2012-01-31 19:59 - 2012-01-31 19:58 - 0000000 ____D C:\Users\Mirko\AppData\Local\{49137185-2849-480B-84EE-9CDF1A0CCD83}
2012-01-31 19:58 - 2012-01-31 19:58 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3C8E2D89-7B0F-4401-B9EA-1A4185F3C9DA}
2012-01-30 23:19 - 2012-01-30 23:19 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A44DAB0D-B185-420E-9C33-74F31F2F51AC}
2012-01-30 23:19 - 2012-01-30 23:19 - 0000000 ____D C:\Users\Mirko\AppData\Local\{20AF7421-3A7D-4D9B-891C-9A047C1FEEC5}
2012-01-30 23:18 - 2012-01-30 23:18 - 0000000 ____D C:\Users\Mirko\AppData\Local\{929151AF-7542-4E83-9216-B2DF83CBEE34}
2012-01-30 23:18 - 2012-01-30 23:18 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5EF2E0DB-5A08-4993-9C3A-0954F0BA5D0D}
2012-01-30 18:04 - 2012-01-30 18:04 - 0000000 ____D C:\Users\All Users\SplitMediaLabs
2012-01-30 18:04 - 2012-01-30 18:04 - 0000000 ____D C:\ProgramData\SplitMediaLabs
2012-01-30 18:04 - 2012-01-30 18:04 - 0000000 ____D C:\Program Files\SplitMediaLabs
2012-01-30 18:03 - 2012-01-30 18:03 - 0000000 ____D C:\Users\Mirko\AppData\Roaming\SplitMediaLabs
2012-01-30 17:52 - 2012-01-30 17:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C59F6B62-4C0C-4F6B-9586-8E010BC5C3A9}
2012-01-30 17:51 - 2012-01-30 17:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3257EBC3-F843-40D5-BC78-D24D945CC7AC}
2012-01-29 23:05 - 2012-01-29 23:05 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6AA4CD06-FFD3-4B9A-A35C-33A45DFAA467}
2012-01-29 23:05 - 2012-01-29 23:05 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5F5343C0-227B-4F86-8404-5F34266B7AB7}
2012-01-29 22:46 - 2012-01-29 22:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{7E0534DD-A17F-4B91-83DB-BA800AF671C5}
2012-01-29 22:46 - 2012-01-29 22:45 - 0000000 ____D C:\Users\Mirko\AppData\Local\{ED3B5FC6-FFA1-4404-99E0-EAC22FA9564A}
2012-01-29 20:41 - 2012-01-29 20:41 - 0000000 ____D C:\Users\Mirko\AppData\Local\{8704A40D-3703-4246-A9A2-7BD8CBE47619}
2012-01-29 20:41 - 2012-01-29 20:40 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E64D65E4-F894-4BF4-A96C-0F6C3E78BF14}
2012-01-29 17:52 - 2012-01-29 17:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{7AF5CE5B-6AA8-4E75-B9A5-0CAB144E54C1}
2012-01-29 17:52 - 2012-01-29 17:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{33CAE601-2212-4364-84EF-A8A19938EC8B}
2012-01-29 16:42 - 2011-07-27 17:52 - 0000000 ____D C:\Users\Mirko\AppData\Roaming\Xfire
2012-01-29 16:42 - 2011-07-27 17:52 - 0000000 ____D C:\Users\All Users\Xfire
2012-01-29 16:42 - 2011-07-27 17:52 - 0000000 ____D C:\ProgramData\Xfire
2012-01-29 16:14 - 2012-01-29 16:14 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F785EE98-61F7-45A7-A9CF-AC28C56B847C}
2012-01-29 16:14 - 2012-01-29 16:14 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C5DAAA6B-0947-4215-B0D7-AAAC705DD200}
2012-01-28 15:21 - 2012-01-28 15:21 - 0000000 ____D C:\Users\Mirko\AppData\Local\{CE33B3F1-ED04-417E-AB0A-1B432DD945D5}
2012-01-28 15:21 - 2012-01-28 15:21 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0E6DEB0B-C50E-469C-989A-31DC415F6ABA}
2012-01-27 20:19 - 2012-01-27 20:19 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A2CB42F6-C06A-4F49-A65F-E958EE3E9447}
2012-01-27 20:19 - 2012-01-27 20:19 - 0000000 ____D C:\Users\Mirko\AppData\Local\{22A8D8B2-7D28-470C-B23A-2AE50E1B5993}
2012-01-26 23:02 - 2012-01-26 23:02 - 0000000 ____D C:\Users\Mirko\AppData\Local\{AEF8930B-BEFB-4510-BB82-939D3B433627}
2012-01-26 23:02 - 2012-01-26 23:01 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E8AD47A4-71FF-46B2-A26F-C79266EF4328}
2012-01-26 22:33 - 2012-01-26 22:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{1F957309-E8AB-496A-B869-44FF4156D022}
2012-01-26 22:33 - 2012-01-26 22:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{71971D7C-13FF-451B-B2D4-6A0A2E7C807F}
2012-01-25 20:06 - 2012-01-25 20:06 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6758638D-9579-42C6-B29C-94EE0590E432}
2012-01-25 20:04 - 2012-01-25 20:03 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B3E97ED0-75DF-4C80-9E7A-F8F00736AB2D}
2012-01-25 20:03 - 2012-01-25 20:03 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C8D06197-74F5-499D-A1CA-837FEE6018BC}
2012-01-25 06:32 - 2012-03-14 19:43 - 0129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-01-25 06:32 - 2012-03-14 19:43 - 0058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-01-25 06:27 - 2012-03-14 19:43 - 0008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-01-24 20:28 - 2012-01-24 20:28 - 0000000 ____D C:\Users\Mirko\AppData\Local\{ADD9C292-6486-4CF8-8309-10A386B3B632}
2012-01-24 20:28 - 2012-01-24 20:28 - 0000000 ____D C:\Users\Mirko\AppData\Local\{827DD93F-B0A7-4324-AF9E-366A4C842FA4}
2012-01-24 20:07 - 2012-01-24 20:07 - 0000000 ____D C:\Users\Mirko\AppData\Local\{10808522-1702-4479-A511-8AD2D192FB0E}
2012-01-24 20:07 - 2012-01-24 20:06 - 0000000 ____D C:\Users\Mirko\AppData\Local\{549F9B7A-F8B9-4365-8C8D-99DEB6F05D7D}
2012-01-24 20:02 - 2012-01-24 20:02 - 0000000 ____D C:\Users\Mirko\AppData\Local\{D60C8C79-AE2F-4E4D-84DD-B7DC65D83CDE}
2012-01-24 19:52 - 2012-01-24 19:52 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B62F2CCA-2E6B-4B13-9F06-2AE306CBFD7D}
2012-01-24 19:52 - 2012-01-24 19:51 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2EAC2DBA-B7F0-4D57-BA64-85F511DEB91C}
2012-01-21 23:22 - 2012-01-21 23:21 - 0000000 ____D C:\Users\Mirko\AppData\Local\{40BEABDB-A50B-4C01-8C1D-BFF560E2B69F}
2012-01-21 23:21 - 2012-01-21 23:21 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A43DF208-110B-48F4-AF53-5AB47CD75F13}
2012-01-21 21:25 - 2012-01-21 21:25 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2F672718-5A3F-4D3A-A9F7-B523D861455D}
2012-01-21 21:25 - 2012-01-21 21:25 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2D5FD7FF-B555-463D-AD9A-14C997ABB35D}
2012-01-20 16:34 - 2012-01-20 16:34 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F95D12D4-49D1-43C0-AE6D-965D522EA3DA}
2012-01-20 16:34 - 2012-01-20 16:34 - 0000000 ____D C:\Users\Mirko\AppData\Local\{73ADDC5C-7C7A-415D-B013-E1AC29D4C365}
2012-01-19 22:48 - 2012-01-19 22:48 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B422F259-5B3F-4811-A202-F6E645D2EE9C}
2012-01-19 22:48 - 2012-01-19 22:48 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0D23FCB0-B926-4E58-8CA4-82AC0D998EB9}
2012-01-19 17:33 - 2012-01-19 17:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C90C45EE-66AE-4A9E-9FAB-DAC7F12B56CD}
2012-01-19 17:32 - 2012-01-19 17:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{55BC3870-E44D-4337-AC44-BF591E563D44}
2012-01-19 10:19 - 2011-10-12 20:24 - 0014977 ____A C:\Users\Mirko\Documents\plot.log
2012-01-19 10:15 - 2012-01-19 10:15 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A2894117-DC50-4350-B07F-B0BF2DE51491}
2012-01-19 10:15 - 2012-01-19 10:15 - 0000000 ____D C:\Users\Mirko\AppData\Local\{49A8924E-AE3B-42B3-94EF-E64A961AEFB0}
2012-01-18 21:46 - 2012-01-18 21:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FD987520-D696-4B60-9869-A1E97EDFA95F}
2012-01-18 21:46 - 2012-01-18 21:46 - 0000000 ____D C:\Users\Mirko\AppData\Local\{7B44B835-9538-479C-B289-E2CB6B4509C6}
2012-01-18 21:24 - 2012-01-18 21:24 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0A84149A-FD42-4C78-83AA-D7D119A08C1E}
2012-01-18 21:24 - 2012-01-18 21:23 - 0000000 ____D C:\Users\Mirko\AppData\Local\{7189FAD6-7B45-481D-B5C3-5C6F779C3B4F}
2012-01-18 21:13 - 2012-01-18 21:13 - 0000000 ____D C:\Users\Mirko\AppData\Local\{72D29145-9F1A-4126-85E9-CC303C6B449E}
2012-01-18 21:13 - 2012-01-18 21:12 - 0000000 ____D C:\Users\Mirko\AppData\Local\{DE683757-469E-4673-9783-E1CB04125A5E}
2012-01-18 19:30 - 2011-04-13 22:54 - 0000000 ____D C:\Users\Mirko\AppData\Local\VirtualStore
2012-01-18 16:05 - 2012-01-18 15:42 - 0225334 ____A C:\Users\Mirko\Documents\Hauptansicht ALLES ZICKE ZACKE.pdf
2012-01-18 15:15 - 2012-01-18 15:14 - 0000000 ____D C:\Users\Mirko\AppData\Local\{66B9C758-901B-4F04-AA6F-74AE2CEFF07B}
2012-01-18 15:14 - 2012-01-18 15:14 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E55A2336-2DF7-4A62-AECC-09D7DE9AA2FF}
2012-01-17 22:55 - 2012-01-17 22:55 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FB5F76AE-F017-4C7D-8D9D-D1E762207B75}
2012-01-17 22:55 - 2012-01-17 22:55 - 0000000 ____D C:\Users\Mirko\AppData\Local\{083E0F94-F402-4E7D-A9F1-1E17C08BDCF3}
2012-01-17 22:04 - 2012-01-17 22:04 - 0000000 ____D C:\Users\Mirko\AppData\Local\{83C26C30-CC78-4759-906B-ACA02CFE2CE6}
2012-01-17 22:04 - 2012-01-17 22:03 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9B631580-1CB1-4E73-A6B3-A3214AACC9B5}
2012-01-17 17:41 - 2012-01-17 17:41 - 0000000 ____D C:\Users\Mirko\AppData\Local\{AB2F86A4-045B-4A00-B5E9-51DA67C070FF}
2012-01-17 17:41 - 2012-01-17 17:40 - 0000000 ____D C:\Users\Mirko\AppData\Local\{ACC20186-CC10-42C4-AADE-91944C413627}
2012-01-17 17:33 - 2012-01-17 17:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{EB93ECFC-627A-40CD-8807-1F5AB6C686B6}
2012-01-17 17:32 - 2012-01-17 17:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FC242A83-EA31-4571-88DF-591587F88522}
2012-01-15 21:53 - 2012-01-15 21:53 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A6F3D785-39E7-4F70-BB3A-68BB183F265C}
2012-01-15 21:53 - 2012-01-15 21:53 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6277578E-9F1B-43F4-86DF-A7F05B144E7F}
2012-01-15 21:39 - 2012-01-15 21:39 - 0000000 ____D C:\Users\Mirko\AppData\Local\{1B8A624E-D9E8-4B66-82C9-8DBB753B12DA}
2012-01-15 21:39 - 2012-01-15 21:39 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0EBF51E1-6D18-4580-A557-B4BF894840B5}
2012-01-15 17:44 - 2012-01-15 17:44 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FF0AE5A6-A84C-4CF1-97F6-B9AA60487EAB}
2012-01-15 17:44 - 2012-01-15 17:44 - 0000000 ____D C:\Users\Mirko\AppData\Local\{06CDA789-805E-4F44-BDA2-BE932C761287}
2012-01-14 20:34 - 2012-01-14 20:34 - 0000000 ____D C:\Users\Mirko\AppData\Local\{393FAD55-364E-411F-9B85-EBFFFACF85C9}
2012-01-14 20:34 - 2012-01-14 20:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5D69A229-B824-437C-AD6F-8B9E56E6A93A}
2012-01-13 20:33 - 2012-01-13 20:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F4EA8F50-0769-4D77-9BE6-973134E23AB6}
2012-01-13 20:33 - 2012-01-13 20:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6E5AB6E7-B3D6-4C23-B3E8-7A58F0F2AD4D}
2012-01-13 18:47 - 2012-01-12 20:21 - 3604454 ____A C:\Users\Mirko\Desktop\KP3 Hauptansicht 3.0 beschriftet final.dwg
2012-01-13 18:31 - 2012-01-13 18:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{18B5E386-0F11-40E0-91EF-2EBD3611DD9A}
2012-01-13 18:25 - 2012-01-13 18:25 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C2002901-AC08-4876-8A37-A45CB932D9A5}
2012-01-13 17:29 - 2012-01-13 17:28 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3A281466-702F-41C3-A767-F7796BD5D326}
2012-01-13 17:28 - 2012-01-13 17:28 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A0A73958-F887-488A-83BF-B0997B81BCFA}
2012-01-13 17:09 - 2012-01-13 17:09 - 0000000 ____D C:\Users\Mirko\AppData\Local\{2F3F527D-546D-4E3A-8E40-3817F567E72D}
2012-01-13 17:09 - 2012-01-13 17:08 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A4CF08B1-9B64-4A2B-A3E9-278E5B65B050}
2012-01-12 21:33 - 2012-01-12 21:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{90506DFD-77F2-4FD8-AEE1-A826CA8A5758}
2012-01-12 21:33 - 2012-01-12 21:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5DD3A4E6-FF9A-486A-AFBB-35D675A36871}
2012-01-12 21:31 - 2012-01-12 21:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B8DD4FEA-321A-4C5D-A0C5-182A269D169D}
2012-01-12 21:31 - 2012-01-12 21:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{ABB1E034-B2E1-44D7-9254-DAA2D054F652}
2012-01-12 20:06 - 2012-01-12 20:06 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9580BBE7-589C-4889-8FD2-8E9EDC475992}
2012-01-12 20:06 - 2012-01-12 20:06 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3F062D39-616B-4F84-BF48-AE0C0B51A394}
2012-01-12 18:38 - 2012-01-12 18:37 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9377C15F-5CFD-4DEC-8852-D7F197A1AA6B}
2012-01-12 18:37 - 2012-01-12 18:37 - 0000000 ____D C:\Users\Mirko\AppData\Local\{DB632091-A552-4B83-AB73-80F9CE04E456}
2012-01-11 22:08 - 2012-01-11 22:08 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FDE99EF9-A11E-4751-8C4C-2B5A17479E6A}
2012-01-11 22:08 - 2012-01-11 22:08 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A9B17BE1-30C0-4B52-AFB8-98127384F1DA}
2012-01-11 21:44 - 2012-01-11 21:44 - 0000000 ____D C:\Users\Mirko\AppData\Local\{A7156A79-DB67-435C-82FD-D07D06E7D927}
2012-01-11 21:44 - 2012-01-11 21:44 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0FAFD9A3-EEB7-43B3-843A-3D9F2B55D0A5}
2012-01-10 19:50 - 2012-01-10 19:50 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5F2F18CF-5ACD-4017-8EC0-ADBD36D87AA9}
2012-01-10 19:50 - 2012-01-10 19:50 - 0000000 ____D C:\Users\Mirko\AppData\Local\{26FE46E8-FD06-4586-8472-9B6BB634027E}
2012-01-09 19:58 - 2012-01-09 19:57 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9E7A628C-BEF5-4209-B254-C9D819B67C1C}
2012-01-09 19:57 - 2012-01-09 19:57 - 0000000 ____D C:\Users\Mirko\AppData\Local\{8B5726E9-5CD5-44F4-917A-4CAE5FA18803}
2012-01-09 18:30 - 2012-01-09 18:30 - 0000000 ____D C:\Users\Mirko\AppData\Local\{517C0C54-44B7-4429-AE11-442FDA567692}
2012-01-09 18:30 - 2012-01-09 18:29 - 0000000 ____D C:\Users\Mirko\AppData\Local\{D8CF11F8-B674-4BF8-9B45-0F1F2EAFCD38}
2012-01-08 19:50 - 2012-01-08 19:49 - 0000000 ____D C:\Users\Mirko\AppData\Local\{023D3B27-3597-46E6-84E7-ED84D8EED1AD}
2012-01-08 19:49 - 2012-01-08 19:49 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C9DB2034-F97D-47A1-BFAB-B42FBD3F16D5}
2012-01-08 19:29 - 2012-01-08 19:29 - 0000000 ____D C:\Users\Mirko\AppData\Local\{58B156B4-14C9-4724-B4AA-C45430898C66}
2012-01-08 19:29 - 2012-01-08 19:29 - 0000000 ____D C:\Users\Mirko\AppData\Local\{542DE498-EA06-474F-A12A-F003DCB3FFA4}
2012-01-08 17:43 - 2012-01-08 17:43 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E1B533C9-FC13-417F-85CB-4911F201A64E}
2012-01-08 17:43 - 2012-01-08 17:43 - 0000000 ____D C:\Users\Mirko\AppData\Local\{97454D99-6266-4E83-925E-F3BC1860D221}
2012-01-06 21:07 - 2012-01-06 21:06 - 0000000 ____D C:\Users\Mirko\AppData\Local\{BE4751C6-66DE-4B5B-AB1B-D8F38DF74C18}
2012-01-06 21:06 - 2012-01-06 21:06 - 0000000 ____D C:\Users\Mirko\AppData\Local\{E0AE547C-559F-49DC-AEC8-6B1152DC4F97}
2012-01-06 13:22 - 2012-01-06 13:22 - 0000000 ____D C:\Users\Mirko\AppData\Local\{FD8CD1F1-AC34-4E81-9460-2E2A50121FBD}
2012-01-06 13:22 - 2012-01-06 13:22 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6AB81258-5814-4B01-861A-78B4178DD47B}
2012-01-05 20:59 - 2012-01-05 20:59 - 0000000 ____D C:\Users\Mirko\AppData\Local\{DDE45469-F234-4962-A307-070A195FDC16}
2012-01-05 20:59 - 2012-01-05 20:59 - 0000000 ____D C:\Users\Mirko\AppData\Local\{65E7346C-F1FB-4C0F-9893-E9FB81F90B85}
2012-01-05 18:11 - 2012-01-05 18:11 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F79A4206-DCD2-4756-8DA9-A1FAD101F62D}
2012-01-05 18:11 - 2012-01-05 18:11 - 0000000 ____D C:\Users\Mirko\AppData\Local\{D7BEC406-BFC2-4D9F-99C9-6ACFB4BFD97F}
2012-01-05 17:55 - 2012-01-05 17:54 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6466477B-7C02-4A07-95EA-54C48519E894}
2012-01-05 17:54 - 2012-01-05 17:54 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5B3A5000-1EDF-426F-BF9E-3133297353B8}
2012-01-04 09:59 - 2012-02-17 18:37 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-01-04 09:58 - 2012-02-17 18:37 - 0442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-01-03 23:03 - 2012-01-03 23:03 - 0000000 ____D C:\Users\Mirko\AppData\Local\{DA4FEF58-EA58-4FEF-917E-6A03C25CA1E7}
2012-01-03 23:03 - 2012-01-03 23:03 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9B11EFFC-7680-4EA1-AB3E-62CE55DFA94D}
2012-01-02 23:12 - 2011-09-29 22:38 - 0215104 ____A C:\Windows\System32\PnkBstrB.xtr
2012-01-02 23:12 - 2011-09-29 22:36 - 0138576 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
2012-01-02 23:12 - 2011-09-29 22:35 - 0215104 ____A C:\Windows\System32\PnkBstrB.exe
2012-01-02 23:12 - 2011-09-29 22:35 - 0215104 ____A C:\Windows\System32\PnkBstrB.ex0
2012-01-02 18:26 - 2012-01-02 18:26 - 0000000 ____D C:\Users\Mirko\AppData\Local\{B20C7B42-7E5B-4792-B6A8-98FEF53C7B03}
2012-01-02 18:26 - 2012-01-02 18:26 - 0000000 ____D C:\Users\Mirko\AppData\Local\{15DA01A5-57BE-495C-9C40-78DBBD5DEE79}
2012-01-02 18:00 - 2012-01-02 18:00 - 0000000 ____D C:\Users\Mirko\AppData\Local\{54C0DB39-56ED-4EF6-8B71-3D1091094A8B}
2012-01-02 18:00 - 2012-01-02 18:00 - 0000000 ____D C:\Users\Mirko\AppData\Local\{39BA6554-8F6C-441C-AE53-D14F7F0AA9DC}
2012-01-01 21:08 - 2012-01-01 21:08 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0558B176-67DE-4CC8-81C8-9920D66C22C6}
2012-01-01 19:34 - 2012-01-01 19:34 - 0000000 ____D C:\Users\Mirko\AppData\Local\{265CBF83-2626-40B6-89F2-7AEE330F8C03}
2012-01-01 19:34 - 2012-01-01 19:33 - 0000000 ____D C:\Users\Mirko\AppData\Local\{ED06FB6B-D27B-45F9-AEDA-41C3361CF57F}
2012-01-01 19:11 - 2012-01-01 19:10 - 0000000 ____D C:\Users\Mirko\AppData\Local\{0AB96484-0C64-46AC-B4AC-41B68C4C8409}
2012-01-01 19:10 - 2012-01-01 19:10 - 0000000 ____D C:\Users\Mirko\AppData\Local\{9EC7F9D5-06BA-4D53-B2A3-0183A5E0C0F0}
2011-12-30 06:27 - 2012-02-17 18:37 - 0478720 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2011-12-29 17:41 - 2011-12-29 17:41 - 0000000 ____D C:\Users\Mirko\AppData\Local\{7BE3AA81-5964-4881-87A7-761B22B0E88B}
2011-12-29 17:40 - 2011-12-29 17:40 - 0000000 ____D C:\Users\Mirko\AppData\Local\{4A87D633-085E-449D-8B7F-AFE041FDBFCF}
2011-12-28 16:32 - 2011-12-28 16:32 - 0000000 ____D C:\Users\Mirko\AppData\Local\{8CEB7CA5-9C80-452D-B473-BA2779BDE3DC}
2011-12-28 16:32 - 2011-12-28 16:31 - 0000000 ____D C:\Users\Mirko\AppData\Local\{149B29B1-5EDE-42AD-AC2B-ED341AC7D429}
2011-12-26 23:06 - 2011-12-26 23:05 - 0000000 ____D C:\Users\Mirko\AppData\Local\{AD092132-7479-4471-BEEF-44E4840E5CEE}
2011-12-26 23:05 - 2011-12-26 23:05 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C13D13B8-7056-4561-AD35-4B0085C65D6C}
2011-12-26 23:04 - 2011-12-26 23:04 - 0160896 ____A C:\Windows\Minidump\122611-17066-01.dmp
2011-12-26 23:04 - 2011-04-29 11:10 - 0000000 ____D C:\Windows\Minidump
2011-12-26 22:26 - 2011-12-26 22:25 - 0000000 ____D C:\Users\Mirko\AppData\Local\{1973059E-E4FF-463A-B049-E615094267DA}
2011-12-26 22:25 - 2011-12-26 22:25 - 0000000 ____D C:\Users\Mirko\AppData\Local\{5D3AC197-376C-4F72-96D8-F288D2534CAF}
2011-12-23 15:58 - 2011-12-23 15:57 - 0000000 ____D C:\Users\Mirko\AppData\Local\{78185444-6EC8-4F48-A680-C7DC140E5DD8}
2011-12-23 15:57 - 2011-12-23 15:57 - 0000000 ____D C:\Users\Mirko\AppData\Local\{6ECD3517-1B6F-4FA6-924A-78AE7095C779}
2011-12-22 16:44 - 2011-12-22 16:44 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3BB94B50-17D9-4B27-876F-BA8C31C0B53C}
2011-12-22 16:44 - 2011-12-22 16:43 - 0000000 ____D C:\Users\Mirko\AppData\Local\{742D80DA-F9A7-44D4-B41B-E73C85DAD0FB}
2011-12-21 20:02 - 2011-12-21 20:02 - 0000000 ____D C:\Users\Mirko\AppData\Local\{C76B0CB6-6C4C-4689-AFF0-7667DFB8F4AC}
2011-12-21 20:02 - 2011-12-21 20:02 - 0000000 ____D C:\Users\Mirko\AppData\Local\{3227CF3A-814E-4D9F-8278-832B4E89E44A}
2011-12-20 20:55 - 2011-12-20 20:55 - 0000000 ____D C:\Users\Mirko\AppData\Local\{F9BE31C3-BB40-4CC8-96A4-0B1A9CEEF2F4}
2011-12-20 20:55 - 2011-12-20 20:55 - 0000000 ____D C:\Users\Mirko\AppData\Local\{4AFE71DD-3F61-44B9-B19F-C7CAC68A1821}
2011-12-20 17:41 - 2011-12-20 17:41 - 0000000 ____D C:\Users\Mirko\AppData\Local\{EF648636-8A74-4732-9895-4FADDB886B64}
2011-12-20 17:41 - 2011-12-20 17:41 - 0000000 ____D C:\Users\Mirko\AppData\Local\{111D46F9-133C-4E75-A29F-D82CA3999263}

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ====================== 

Percentage of memory in use: 12%
Total physical RAM: 4095.11 MB
Available physical RAM: 3585.2 MB
Total Pagefile: 4093.39 MB
Available Pagefile: 3596.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.3 MB

======================= Partitions =========================

2 Drive c: () (Fixed) (Total:58.5 GB) (Free:16.4 GB) NTFS
3 Drive e: () (Fixed) (Total:407.17 GB) (Free:78.67 GB) NTFS
5 Drive g: (GRMCHPFREO_DE_DVD) (CDROM) (Total:2.29 GB) (Free:0 GB) UDF
6 Drive h: () (Removable) (Total:3.7 GB) (Free:3.7 GB) FAT32
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
8 Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

  Datentr„ger ###  Status         Gr”áe    Frei     Dyn  GPT
  ---------------  -------------  -------  -------  ---  ---
  Datentr„ger 0    Online          465 GB      0 B         
  Datentr„ger 1    Online         3801 MB      0 B         

Partitions of Disk 0:
===============

  Partition ###  Typ               GrӇe    Offset
  -------------  ----------------  -------  -------
  Partition 1    Prim„r             100 MB  1024 KB
  Partition 2    Prim„r              58 GB   101 MB
  Partition 3    Prim„r             407 GB    58 GB

======================================================================================================

Disk: 0
Partition 1
Typ      : 07
Versteckt: Nein
Aktiv    : Ja

  Volume ###  Bst  Bezeichnung  DS     Typ         GrӇe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     Y   System-rese  NTFS   Partition    100 MB  Fehlerfre          

======================================================================================================

Disk: 0
Partition 2
Typ      : 07
Versteckt: Nein
Aktiv    : Nein

  Volume ###  Bst  Bezeichnung  DS     Typ         GrӇe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     C                NTFS   Partition     58 GB  Fehlerfre          

======================================================================================================

Disk: 0
Partition 3
Typ      : 07
Versteckt: Nein
Aktiv    : Nein

  Volume ###  Bst  Bezeichnung  DS     Typ         GrӇe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 4     E                NTFS   Partition    407 GB  Fehlerfre          

======================================================================================================

Partitions of Disk 1:
===============

  Partition ###  Typ               GrӇe    Offset
  -------------  ----------------  -------  -------
  Partition 1    Prim„r            3800 MB    31 KB

======================================================================================================

Disk: 1
Partition 1
Typ      : 0B
Versteckt: Nein
Aktiv    : Ja

  Volume ###  Bst  Bezeichnung  DS     Typ         GrӇe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 5     H                FAT32  Wechselmed  3800 MB  Fehlerfre          

======================================================================================================

==========================================================

Last Boot: 2012-03-10 14:05

======================= End Of Log ==========================

Alt 18.03.2012, 22:58   #8
Swisstreasure
/// Malwareteam
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Kannst Du Malwarebytes nun ausführen?

Alt 18.03.2012, 23:01   #9
jürgen69
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Soll ich einfach den PC neustarten und versuchen, ob ich wieder ins Windows komme?
Oder muss ich erst mit dem Farbar tool den fix durchführen?Habe das bisher ja nur zum scannen genommen...

Alt 18.03.2012, 23:06   #10
Swisstreasure
/// Malwareteam
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Versuche einmal zu Starten und schau obs geht.

Alt 18.03.2012, 23:14   #11
jürgen69
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Hat sich leider nichts verändert... Allerdings kam diesmal der Virusbildschirm erst nach ca 5 Sekunden und in dieser Zeit konnte ich auf den Arbeitsplatz klicken... Darauf kann ich jetzt (trotz Virusbildschirm) zugreifen. Ich versuche jetzt mal Malwarebytes von einem anderen PC per usb stick rüberzuziehen.... Vielleicht funktioniert das ja

Alt 18.03.2012, 23:15   #12
Swisstreasure
/// Malwareteam
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Genau Wobei ob ich denke dass es blockiert wird

Alt 18.03.2012, 23:19   #13
jürgen69
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


quick scan läuft gerade

Alt 18.03.2012, 23:24   #14
Swisstreasure
/// Malwareteam
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


So sollte es sein Besser wäre gewesen ein Fullscan

Alt 18.03.2012, 23:27   #15
jürgen69
 
Bundespolizei Virus (Auswertung OTL.txt) - Standard

Bundespolizei Virus (Auswertung OTL.txt)


Drei Objekte gefunden und erfolgreich eliminiert
Windows läuft wieder normal!
Meine Vorgehensweise war jetzt zwar nicht ganz logisch, aber ich bin wohl einfach zu schnell für den Virus gewesen

Bin ich jetzt wieder auf der sicheren Seite, wenn ich nochmal nen fullscan mache und Antivir mal durchlaufen lasse?

Antwort
Seite 1 von 2 1 2

Themen zu Bundespolizei Virus (Auswertung OTL.txt)
abgesicherte, abgesicherten, abgesicherten modus, andere, anderen, auswerten, auswertung, auswertung otl.txt, bräuchte, bundespolizei, bundespolizei virus, bundespolizei virus otl, dankbar, dateien, erstell, erstellt, modus, nicht mehr, otl.txt, personen, starte, thread, virus, vorgehen


« Internet spinnt manchmal.. (Trojaner, Dialer) | Windows Security Center / 50 EUR Virus »


Ähnliche Themen: Bundespolizei Virus (Auswertung OTL.txt)


  1. 100 Euro "Bundespolizei" Virus (Zugriff ohne Bildschirmübernahme durch Virus möglich)
    Plagegeister aller Art und deren Bekämpfung - 04.06.2013 (34)
  2. Bundespolizei-Virus
    Log-Analyse und Auswertung - 08.05.2013 (9)
  3. GVU - Bundespolizei Virus
    Plagegeister aller Art und deren Bekämpfung - 20.11.2012 (50)
  4. Bundespolizei Virus
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (13)
  5. GVU Bundespolizei Virus
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (24)
  6. Bundespolizei Virus
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (1)
  7. Bundespolizei Trojaner, Systemwiederherstellung danach Combofix, bitte um Auswertung
    Log-Analyse und Auswertung - 10.08.2012 (4)
  8. Gema virus - bundespolizei Virus - popup
    Plagegeister aller Art und deren Bekämpfung - 13.04.2012 (21)
  9. Bundespolizei Virus
    Log-Analyse und Auswertung - 16.03.2012 (9)
  10. Bundespolizei Log Auswertung
    Log-Analyse und Auswertung - 16.03.2012 (1)
  11. Bundespolizei/BKA -Virus
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (5)
  12. Bundespolizei Virus
    Diskussionsforum - 28.10.2011 (1)
  13. Bundespolizei logfile-Auswertung malwarebytes
    Log-Analyse und Auswertung - 03.09.2011 (2)
  14. Bundespolizei Trojaner bitte um Log Auswertung
    Log-Analyse und Auswertung - 31.08.2011 (8)
  15. Bundespolizei Trojaner - Bitte um LOG-Auswertung
    Log-Analyse und Auswertung - 19.08.2011 (11)
  16. Bundespolizei Virus
    Log-Analyse und Auswertung - 12.08.2011 (1)
  17. bundespolizei virus
    Plagegeister aller Art und deren Bekämpfung - 27.06.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bundespolizei Virus (Auswertung OTL.txt) - Hallo Ich bin, wie viele andere Personen auch, vom Bundespolizeivirus betroffen und kann den abgesicherten Modus nicht mehr starten. Wie in einem anderen Thread beschrieben, habe ich die OTL Dateien - Bundespolizei Virus (Auswertung OTL.txt)...
Archiv
Du betrachtest: Bundespolizei Virus (Auswertung OTL.txt) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55