Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: GVU Trojaner WIN 7

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 20.05.2013, 19:58   #1
sbstnkrll
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Hallo Leute,
Ich habe mir auf meinem Leptop den GVU Trojaner eingefangen. Der Leptop startet auch nicht im Abgesichertem Modus, auch nicht mit Eingabeaufforderung. Habe mir vom zweiten Rechner (Destop PC) eine Bot - CD mit OTLPENet erstellt. Damit startet der Leptop auch aber ich kann OTLPE nicht ausführen. auf dem Destop PC habe ich Windows XP und auf dem Leptop Win 7. Kann mir da bitte jemand weiterhelfen, ich hab da keine ahnung mehr. DANKE schon mal.
Bis bald
Sebastian

Alt 20.05.2013, 20:11   #2
ryder
/// TB-Ausbilder
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



!! Hinweis an Mitlesende !!
Dieses Thema und die Anweisungen sind nur für diesen speziellen Fall gedacht.
Sie könnten andere Computer schwer beschädigen. Öffnet bitte euer eigenes Thema.




Ich werde dir bei deinem Problem helfen. Die Bereinigung funktioniert nur, wenn du dich an die folgenden Regeln hälst:
Bitte lesen:
Regeln für die Bereinigung
  • Illegal genutzte Software
    Beim ersten Anzeichen wird der Support ohne Diskussion eingestellt. Also sorge bitte vorher dafür, dass hier nichts mehr auftaucht.
  • Keine Garantie
    Wir werden uns Mühe geben, aber einen 100% sicheren und sauberen Computer bekommst du nicht zurück. Der einzig sichere Weg ist die Formatierung mit Neuaufsetzen.
  • Keine Alleingänge
    Die Bereinigung funktioniert nur, wenn du genau das machst, was ich anweise. Installiere/deinstalliere keine Software, führe keine Scans durch, die ich dir nicht angewiesen habe. Poste dein Thema in keinem anderen Forum und folge nicht den Anweisungen anderer Helfer. Du raubst damit allen Beteiligten nur Zeit.
  • Aufmerksam lesen und nachfragen
    Lies jede Anleitung genau durch. Bei Unklarheiten bitte vorher nachfragen. Arbeite die Schritte in der Reihenfolge ab und antworte dann erst nach dem letzten Schritt oder wenn du eine Frage hast.
  • Richtig antworten
    • Nachdem du alle Schritte abgearbeitet hast gibst du mir bitte zu jedem Schritt eine Rückmeldung (Logfile oder Antwort) und das gesammelt in einer Antwort.
    • Mache deinen Namen nur dann unkenntlich, wenn es wirklich sein muss.
    • Logfiles bitte zwischen Code-Tags platzieren (im Antwortfenster das #-Symbol anklicken) sieht dann so aus:
      [CODE] (Logfile) [/CODE]
    • Hinweis in eigener Sache: Angehängte oder gezippte Logfiles erschweren mir die Arbeit massiv! Mache das also nur, wenn das Logfile zu groß ist, um es direkt zu posten.
  • Keine privaten Nachrichten
    Ich sehe es, wenn du geantwortet hast, du mußt mich nicht benachrichtigen. Schicke mir nur dann eine PM wenn ich drei Tage nicht geantwortet habe und nur dann.
  • Wie läuft die Bereinigung ab?
    Ganz grob: Analyse > Bereinigung > Kontrolle mit Updates > Fertig. Ob fertig oder nicht werde ich dir ganz deutlich mitteilen, du brauchst nicht nachzufragen.


Scan mit Farbar's Recovery Scan Tool

Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick:
Farbar Recovery Scan Tool 32-Bit-Version
Farbar Recovery Scan Tool 64-Bit-Version

Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:

Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.

Über den Boot Manager
  • Starte den Rechner neu auf.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Mit Windows CD/DVD
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu auf und starte von der CD
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !!
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".


Wähle in den Reparaturoptionen Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Yes und klicke Scan
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________

__________________

Alt 20.05.2013, 21:55   #3
sbstnkrll
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Danke schonmal für die Hilfe bis jetzt.
nach einer weile versuchen habe ich es über die Windows CD hinbekommen den Leptop zu starten und habe mit frst64.exe den Leptop gescannt. Über die Funktion Boot Manager konnte ich den Leptop nicht starten, dort hat er sich immer wieder selbst neugestartet.
Habe die Datei frst.txt nur als Zip anhängen können, weil sie zu groß ist.
Bis bald
Sebastian
__________________

Alt 21.05.2013, 08:17   #4
ryder
/// TB-Ausbilder
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Na dann los.


Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!)
Fix mit FRST

Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
ATTFilter
HKU\Sebastian Kroll\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] C:\Users\Sebastian Kroll\Documents\6d045e4e.exe [34304 2013-05-20] ()
HKU\Sebastian Kroll\...\Winlogon: [Shell] cmd.exe [345088 2010-11-20] (Microsoft Corporation) <==== ATTENTION 
2013-05-20 11:52 - 2013-05-20 11:52 - 00394563 ____A C:\Users\Sebastian Kroll\AppData\Local\2433f433
2013-05-20 11:52 - 2013-05-20 11:52 - 00394551 ____A C:\Users\Sebastian Kroll\AppData\Roaming\2433f433
2013-05-20 11:52 - 2013-05-20 11:52 - 00394505 ____A C:\ProgramData\2433f433
2013-05-20 11:52 - 2013-05-20 11:52 - 00034304 ____A C:\Users\Sebastian Kroll\Documents\6d045e4e.exe
C:\ProgramData\FullRemove.exe
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\hash.dat
C:\Users\Sebastian Kroll\Documents\6d045e4e.exe
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Schritt 2:
Normal starten


Schritt 3:
Deinstallation von Programmen
  • Windows XP: Start > Systemsteuerung > Software > [Programmname] > Deinstallieren
  • Windows Vista / 7: Start > Systemsteuerung > Programme und Funktionen > [Programmname] > Deinstallieren
  • ggf. Neustart zulassen
Deinstalliere - falls du es nicht absichtlich installiert hast - alles was den Zusatz "Toolbar" enthält, sowie Downloader-Anwendungen

Gehe bitte die folgende Liste durch und deinstalliere die genannten Programme, falls vorhanden:
CCleaner oder andere Registry-Cleaner, TuneUp Utilities (inkl. Language Pack), Glary Utilities, Spybot S & D (inklusive Teatimer), Zonealarm Firewall, McAfee Security Scan, Spyware Hunter, Spyware Terminator, Java 6 (alle), Pokersoftware, xp-Antispy, Hotspot Shield, iLivid, Amazon Icon, DriverEasy, Advanced Driver Updater, DriverCure, Uniblue DriverScanner, FireJump, SearchAnonymizer, SpeedMaxPC, Optimzer Pro




Schritt 4:
AdwCleaner: Werbeprogramme suchen und löschen
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 5:
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 21.05.2013, 18:15   #5
sbstnkrll
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Hallo,

Schritt 1 habe ich ausgeführt
Hier das Ergebnis:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-05-2013
Ran by SYSTEM at 2012-05-21 21:28:50 Run:2
Running from H:\
Boot Mode: Recovery
==============================================

HKEY_USERS\Sebastian Kroll\Software\Microsoft\Windows\CurrentVersion\Run\\qcgce2mrvjq91kk1e7pnbb19m52fx => Value not found.
HKEY_USERS\Sebastian Kroll\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
C:\Users\Sebastian Kroll\AppData\Local\2433f433 => File/Directory not found.
C:\Users\Sebastian Kroll\AppData\Roaming\2433f433 => File/Directory not found.
C:\ProgramData\2433f433 => File/Directory not found.
C:\Users\Sebastian Kroll\Documents\6d045e4e.exe => File/Directory not found.
C:\ProgramData\FullRemove.exe => File/Directory not found.
C:\ProgramData\dsgsdgdsgdsgw.pad => File/Directory not found.
C:\ProgramData\hash.dat => File/Directory not found.
C:\Users\Sebastian Kroll\Documents\6d045e4e.exe => File/Directory not found.

==== End of Fixlog ====
         
Dann habe ich Schritt 2 ausgeführt.
Der Leptop startet ganz normal wie früher. Unter den Programm Symbolen zeigt er aber keine Namen an. Wenn er hochgefahren ist kommt folgendes Bild, siehe Anhang.
Dann startet der Leptop neu. Ich habe ihn auch mal im Abgesicherten Modus gesartet, kann darin aber auch nicht arbeiten, weil er auch dort keine Symbol Texte anzeigt und die Symbole so wenzig sind, das man noch nicht einmal erraten kann, was es sein könnte.

Miniaturansicht angehängter Grafiken
GVU Trojaner WIN 7-img_8020.jpg  

Geändert von sbstnkrll (21.05.2013 um 18:44 Uhr)

Alt 21.05.2013, 18:19   #6
ryder
/// TB-Ausbilder
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Ich hoffe du hast auch gelesen?

Zitat:
Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!)
__________________
--> GVU Trojaner WIN 7

Alt 21.05.2013, 18:54   #7
sbstnkrll
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Entschuldige bitte, ich hatte versehendlich auf Antworten geklickt ohne mein Problem komplett beschreiben zu können.

Alt 21.05.2013, 19:07   #8
ryder
/// TB-Ausbilder
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Mache bitte nochmals ein neues FRST-Log. Damit ich das nochmal ansehen kann.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 21.05.2013, 20:06   #9
sbstnkrll
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Hier der aktuelle FRST.txt
Teil 1 von 2
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-05-2013
Ran by SYSTEM on 21-05-2012 22:18:44
Running from H:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [9644576 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup [16413288 2010-02-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" [222504 2008-01-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [91432 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [50472 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [210216 2009-07-21] (CyberLink Corp.)
HKLM-x32\...\Run: [APLangApp] "C:\Program Files (x86)\AnyPC Client\APLangApp.exe" [13312 2009-11-20] (DoctorSoft)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1534504 2013-01-14] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\Sebastian Kroll\...\Run: [EPSON Stylus DX7400 Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\windows\TEMP\E_S5037.tmp" /EF "HKCU" [x]
HKU\Sebastian Kroll\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843208 2012-11-02] (Samsung)
HKU\Sebastian Kroll\...\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [580096 2012-10-09] (Samsung Electronics)
HKU\Sebastian Kroll\...\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [966072 2012-10-11] (Samsung)
HKU\Sebastian Kroll\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843208 2012-11-02] (Samsung)
HKU\Sebastian Kroll\...\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [1088424 2012-10-13] (Nokia)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

==================== Services (Whitelisted) =================

S2 GtDetectSc; C:\Program Files (x86)\T-Mobile\web'n'walk Manager\GtDetectSc.exe [204915 2007-11-05] (Option)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
S2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] ()
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2010-06-29] (Windows (R) 2003 DDK 3790 provider)
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [136192 2011-12-08] (MCCI Corporation)
S3 ssm_mdfl; C:\Windows\System32\DRIVERS\ssm_mdfl.sys [18944 2011-12-08] (MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\DRIVERS\ssm_mdm.sys [172032 2011-12-08] (MCCI Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-02-09] (TuneUp Software)
S2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [12728 2009-09-29] ()
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 mfeavfk01; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-19 07:45 - 2013-05-20 10:53 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner (5)
2013-05-16 20:45 - 2013-05-16 20:45 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\Segeln 2013
2013-05-16 02:43 - 2013-04-05 07:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-16 02:43 - 2013-04-05 07:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-16 02:43 - 2013-04-05 07:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-16 02:43 - 2013-04-05 07:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-16 02:43 - 2013-04-05 07:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-16 02:43 - 2013-04-05 07:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-16 02:43 - 2013-04-05 07:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-16 02:43 - 2013-04-05 07:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-16 02:43 - 2013-04-05 07:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-16 02:43 - 2013-04-05 07:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-16 02:43 - 2013-04-05 07:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-16 02:43 - 2013-04-05 07:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-16 02:43 - 2013-04-05 06:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-16 02:43 - 2013-04-05 06:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-16 02:43 - 2013-04-05 06:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-16 02:43 - 2013-04-05 05:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-16 02:43 - 2013-04-05 05:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-16 02:43 - 2013-04-05 04:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-16 02:43 - 2013-04-05 04:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-16 02:42 - 2013-04-05 07:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-16 02:42 - 2013-04-05 07:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-16 02:42 - 2013-04-05 06:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-15 17:45 - 2013-04-10 07:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 17:45 - 2013-04-10 07:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 17:45 - 2013-02-27 06:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 17:45 - 2011-02-03 12:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 17:44 - 2013-04-10 04:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 17:44 - 2013-03-19 06:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 17:44 - 2013-03-19 06:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-15 17:44 - 2013-02-27 07:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 17:44 - 2013-02-27 06:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 17:44 - 2013-02-27 06:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 17:44 - 2013-02-27 06:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 17:44 - 2013-02-27 05:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 17:44 - 2013-02-27 05:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 17:44 - 2013-02-27 05:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-13 19:36 - 2013-05-13 19:37 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner (3)
2013-05-08 05:16 - 2013-05-08 05:17 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner (2)
2013-05-07 02:03 - 2013-05-07 02:03 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-07 02:03 - 2013-05-07 02:03 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-07 02:03 - 2013-05-07 02:03 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-07 02:03 - 2013-05-07 02:03 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-07 02:03 - 2013-05-07 02:03 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-07 02:03 - 2013-05-07 02:03 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-07 02:03 - 2013-05-07 02:03 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-07 02:03 - 2013-05-07 02:03 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-07 02:03 - 2013-05-07 02:03 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-07 02:01 - 2013-05-07 02:07 - 00010557 ____A C:\Windows\IE10_main.log
2013-05-06 04:35 - 2013-05-06 04:56 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Malte Hennes
2013-05-05 21:08 - 2013-05-05 21:09 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\Neuer Ordner (2)
2013-05-05 05:40 - 2013-05-05 05:40 - 00000000 ____D C:\ProgramData\StarApp
2013-05-05 05:28 - 2013-05-05 05:28 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-05-05 05:28 - 2013-05-05 05:28 - 00000000 ____D C:\ProgramData\continnuetosavve
2013-05-05 05:28 - 2013-05-05 05:28 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-05-05 05:28 - 2013-05-05 05:28 - 00000000 ____D C:\Program Files (x86)\ContinueToSave
2013-05-05 05:27 - 2013-05-05 05:40 - 00000000 ____D C:\ProgramData\InstallMate
2013-05-01 08:51 - 2013-05-05 04:06 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner (4)
2013-04-29 20:30 - 2013-05-17 05:00 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\runter
2013-04-28 15:01 - 2013-05-08 05:16 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner
2013-04-24 16:57 - 2013-04-12 15:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-20 22:08 - 2013-04-27 23:03 - 00002052 ____A C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-04-20 22:08 - 2013-04-27 23:03 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-04-20 22:08 - 2013-04-20 22:08 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-04-19 21:59 - 2013-04-20 09:17 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\Neuer Ordner
2013-04-18 17:00 - 2013-04-18 17:00 - 00010080 ____A C:\Users\Sebastian Kroll\Desktop\Mappe1.xlsx
2013-04-10 16:46 - 2013-03-19 07:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-04-10 16:46 - 2013-03-19 06:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-04-10 16:46 - 2013-03-19 06:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-04-10 16:46 - 2013-03-19 06:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-04-10 16:46 - 2013-03-19 05:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-04-10 16:46 - 2013-03-19 04:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-04-10 16:46 - 2013-02-15 07:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-04-10 16:46 - 2013-02-15 07:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-04-10 16:46 - 2013-02-15 07:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-04-10 16:46 - 2013-02-15 05:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-04-10 16:46 - 2013-02-15 05:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-04-10 16:46 - 2013-02-15 04:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-04-10 16:46 - 2013-01-24 07:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-03-21 22:50 - 2013-02-12 05:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-03-14 03:55 - 2013-03-14 03:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-14 03:55 - 2013-03-14 03:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-03-10 06:48 - 2013-03-10 06:49 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-03-10 06:48 - 2013-03-10 06:48 - 00000000 ____D C:\ProgramData\Apple Computer
2013-02-28 03:09 - 2013-01-13 22:17 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 22:17 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 22:16 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 22:12 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 03:09 - 2013-01-13 22:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 03:09 - 2013-01-13 22:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 22:11 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 22:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 22:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:35 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:35 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:35 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:31 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-02-28 03:09 - 2013-01-13 21:31 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:31 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:31 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:31 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:31 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 03:09 - 2013-01-13 21:22 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-02-28 03:09 - 2013-01-13 21:20 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-02-28 03:09 - 2013-01-13 21:09 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-02-28 03:09 - 2013-01-13 21:08 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-02-28 03:09 - 2013-01-13 21:08 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-02-28 03:09 - 2013-01-13 20:59 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-02-28 03:09 - 2013-01-13 20:58 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-02-28 03:09 - 2013-01-13 20:54 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-02-28 03:09 - 2013-01-13 20:53 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-02-28 03:09 - 2013-01-13 20:53 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-02-28 03:09 - 2013-01-13 20:51 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-02-28 03:09 - 2013-01-13 20:49 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-02-28 03:09 - 2013-01-13 20:48 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-02-28 03:09 - 2013-01-13 20:46 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-02-28 03:09 - 2013-01-13 20:43 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-02-28 03:09 - 2013-01-13 20:38 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-02-28 03:09 - 2013-01-13 20:38 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-02-28 03:09 - 2013-01-13 20:38 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-02-28 03:09 - 2013-01-13 20:37 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-02-28 03:09 - 2013-01-13 20:25 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-02-28 03:09 - 2013-01-13 20:24 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-02-28 03:09 - 2013-01-13 20:24 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-02-28 03:09 - 2013-01-13 20:20 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-02-28 03:09 - 2013-01-13 20:20 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-02-28 03:09 - 2013-01-13 20:15 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-02-28 03:09 - 2013-01-13 20:10 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-02-28 03:09 - 2013-01-13 20:02 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-02-28 03:09 - 2013-01-13 19:34 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-02-28 03:09 - 2013-01-13 19:32 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-02-28 03:09 - 2013-01-13 19:09 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-02-28 03:09 - 2013-01-13 18:26 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-02-28 03:09 - 2013-01-13 18:05 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-02-28 03:09 - 2013-01-04 07:11 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-02-28 03:09 - 2013-01-04 07:11 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-02-13 21:09 - 2013-01-04 06:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-02-13 21:09 - 2013-01-04 05:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-02-13 21:09 - 2013-01-04 03:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-02-13 21:09 - 2013-01-04 03:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-02-13 21:09 - 2013-01-04 03:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-02-13 21:09 - 2013-01-04 03:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-02-13 21:09 - 2013-01-03 07:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-02-13 21:09 - 2013-01-03 07:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-02-02 10:02 - 2013-02-02 16:31 - 00000000 ____D C:\Freizeiten 2013
2013-01-22 17:17 - 2013-01-22 17:17 - 00000801 ____A C:\Windows\DirectX.log
2013-01-22 17:13 - 2013-01-22 17:13 - 00000908 ____A C:\Users\Public\Desktop\Emergency 4 spielen.lnk
2013-01-22 16:59 - 2013-01-22 16:59 - 00000000 ____D C:\Program Files (x86)\sixteen tons entertainment
2013-01-09 06:23 - 2013-01-09 06:23 - 00000000 ____D C:\341fa9d6576f117fae4b72a843
2013-01-09 06:17 - 2012-11-30 06:45 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-01-09 06:17 - 2012-11-30 06:45 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-01-09 06:17 - 2012-11-30 06:45 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-01-09 06:17 - 2012-11-30 06:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-01-09 06:17 - 2012-11-30 06:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-01-09 06:17 - 2012-11-30 06:41 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:53 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-01-09 06:17 - 2012-11-30 05:53 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 04:23 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-01-09 06:17 - 2012-11-30 03:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 03:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 03:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 03:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 06:17 - 2012-11-30 00:17 - 00420064 ____A C:\Windows\SysWOW64\locale.nls
2013-01-09 06:17 - 2012-11-30 00:15 - 00420064 ____A C:\Windows\System32\locale.nls
2013-01-09 06:16 - 2012-11-23 04:13 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-01-09 06:16 - 2012-11-22 06:44 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-01-09 06:16 - 2012-11-22 05:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-01-09 06:16 - 2012-11-20 06:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-01-09 06:16 - 2012-11-20 05:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-01-09 06:16 - 2012-11-09 06:45 - 00750592 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-01-09 06:16 - 2012-11-09 05:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-01-09 06:16 - 2012-11-01 06:43 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-01-09 06:16 - 2012-11-01 06:43 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-01-09 06:16 - 2012-11-01 05:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-01-09 06:16 - 2012-11-01 05:47 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-01-09 06:15 - 2012-12-07 14:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-01-09 06:15 - 2012-12-07 14:15 - 02746368 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-01-09 06:15 - 2012-12-07 13:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-01-09 06:15 - 2012-12-07 13:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-01-09 06:15 - 2012-12-07 12:20 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-01-09 06:15 - 2012-12-07 12:20 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-01-09 06:15 - 2012-12-07 12:20 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2013-01-09 06:15 - 2012-12-07 12:20 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2013-01-09 06:15 - 2012-12-07 12:20 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2013-01-09 06:15 - 2012-12-07 12:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-01-09 06:15 - 2012-12-07 12:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-01-09 06:15 - 2012-12-07 12:19 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2013-01-09 06:15 - 2012-12-07 12:19 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2013-01-09 06:15 - 2012-12-07 12:19 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2013-01-09 06:15 - 2012-12-07 12:19 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2013-01-09 06:15 - 2012-12-07 12:19 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2013-01-09 06:15 - 2012-12-07 12:19 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2013-01-09 06:15 - 2012-12-07 12:19 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-01-09 06:15 - 2012-12-07 11:46 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
2012-12-22 15:45 - 2012-12-22 15:46 - 00000000 ____D C:\klingel
2012-12-21 06:06 - 2012-12-16 18:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-21 06:06 - 2012-12-16 15:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-21 06:06 - 2012-12-16 15:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-21 06:06 - 2012-12-16 15:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-18 22:33 - 2012-12-18 22:33 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Nokia Suite
2012-12-18 22:32 - 2012-12-18 22:32 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2012-12-18 22:29 - 2012-12-18 22:29 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\NokiaAccount
2012-12-18 22:20 - 2012-12-18 22:28 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Nokia
2012-12-18 22:19 - 2012-12-18 22:20 - 00000000 ____D C:\ProgramData\Nokia
2012-12-18 22:19 - 2012-12-18 22:19 - 00002095 ____A C:\Users\Public\Desktop\Nokia Suite.lnk
2012-12-18 22:18 - 2013-02-02 19:42 - 00000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2012-12-18 22:18 - 2012-12-18 22:19 - 00000000 ____D C:\Program Files (x86)\Nokia
2012-12-18 22:14 - 2012-12-18 22:18 - 00021390 ____A C:\Windows\DPINST.LOG
2012-12-18 21:27 - 2012-12-18 21:27 - 00000000 __SHD C:\Users\Sebastian Kroll\Phone Browser
2012-12-18 21:17 - 2012-12-18 21:17 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2012-12-15 23:13 - 2012-12-15 23:13 - 00262144 ____A C:\Windows\System32\config\ELAM
2012-12-13 04:32 - 2012-11-09 06:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-13 04:32 - 2012-11-09 05:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-12-13 04:31 - 2012-11-02 06:59 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-13 04:31 - 2012-11-02 06:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2012-12-09 18:42 - 2007-04-04 18:53 - 00081768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2012-12-06 22:45 - 2012-12-06 22:45 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2012-11-18 01:05 - 2012-07-26 05:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-11-18 01:05 - 2012-07-26 05:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-11-18 01:05 - 2012-07-26 03:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-11-18 01:05 - 2012-06-02 15:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-11-18 00:28 - 2012-07-26 04:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-11-18 00:28 - 2012-07-26 04:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-11-18 00:28 - 2012-07-26 04:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-11-18 00:28 - 2012-07-26 04:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-11-18 00:28 - 2012-07-26 04:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-11-18 00:28 - 2012-07-26 03:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-11-18 00:28 - 2012-07-26 03:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-11-18 00:28 - 2012-06-02 15:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-11-17 20:12 - 2012-11-17 20:19 - 00000000 ____D C:\von stick
2012-11-17 16:17 - 2012-10-09 19:17 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2012-11-17 16:17 - 2012-10-09 19:17 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2012-11-17 16:17 - 2012-10-09 18:40 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2012-11-17 16:17 - 2012-10-09 18:40 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2012-11-17 16:16 - 2012-10-03 18:44 - 00303104 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2012-11-17 16:16 - 2012-10-03 18:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2012-11-17 16:16 - 2012-10-03 18:44 - 00216576 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2012-11-17 16:16 - 2012-10-03 18:44 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2012-11-17 16:16 - 2012-10-03 18:44 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\netevent.dll
2012-11-17 16:16 - 2012-10-03 18:42 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2012-11-17 16:16 - 2012-10-03 17:42 - 00175104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2012-11-17 16:16 - 2012-10-03 17:42 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2012-11-17 16:16 - 2012-10-03 17:42 - 00018944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2012-11-17 16:16 - 2012-10-03 17:07 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-11-17 16:16 - 2012-01-13 08:12 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2012-11-17 16:15 - 2012-09-25 23:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-11-17 16:15 - 2012-09-25 23:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-11-16 21:45 - 2012-11-16 21:45 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\Song Beamer
2012-11-11 17:36 - 2012-11-11 17:36 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\WinRAR
2012-11-11 17:35 - 2013-02-02 19:40 - 00000000 ____D C:\Program Files (x86)\WinRAR
2012-11-11 13:39 - 2013-05-19 13:04 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\ls 2013 mod
2012-11-02 17:40 - 2012-11-02 17:40 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2012-10-25 20:05 - 2013-02-16 19:26 - 00000000 ____D C:\Program Files (x86)\Landwirtschafts Simulator 2013
2012-10-25 03:12 - 2012-10-25 03:12 - 00094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2012-10-25 03:12 - 2012-10-25 03:12 - 00069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2012-10-10 15:59 - 2012-08-24 19:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-10 15:59 - 2012-08-24 17:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-10 15:58 - 2012-08-11 01:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-10 15:58 - 2012-08-11 00:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-10 15:58 - 2012-06-02 06:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-10 15:58 - 2012-06-02 06:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-10 15:58 - 2012-06-02 06:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-10 15:58 - 2012-06-02 05:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-10 15:58 - 2012-06-02 05:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-10 15:58 - 2012-06-02 05:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-09-30 15:15 - 2012-09-30 15:15 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-09-29 11:52 - 2013-05-05 17:48 - 00011594 ____A C:\Windows\PFRO.log
2012-09-29 02:04 - 2012-04-20 15:40 - 00196440 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
2012-09-26 16:32 - 2012-08-21 22:01 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-09-24 19:24 - 2012-09-24 19:24 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Sigel
2012-09-24 19:24 - 2012-09-24 19:24 - 00000000 ____D C:\Program Files (x86)\Sigel
2012-09-24 19:24 - 2003-06-25 10:17 - 00374272 ____A (Herd Software Entwicklung/ Ketteler Str. 35/ D-68642 Bürstadt/ hxxp://www.herdsoft.com/ Telefon:+49-6206-707775/ Telefax:+49-6206-707776) C:\Windows\SysWOW64\Dav3_32.dll
2012-09-24 19:24 - 2003-06-24 12:35 - 00143360 ____A (Herd Software Entwicklung/ Ketteler Str.35/ D-68642 Bürstadt/ hxxp://www.herdsoft.com/ eMail:info@herdsoft.com/ Telefon:+49-6206-707775/ Telefax:+49-6206-707776) C:\Windows\SysWOW64\leon3_32.dll
2012-09-20 21:08 - 2012-09-20 21:08 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\{BB5EFB7F-A4E1-403A-9F17-D04148931190}
2012-09-19 16:48 - 2012-05-21 20:30 - 00029911 ____A C:\Windows\setupact.log
2012-09-18 19:16 - 2012-05-29 15:29 - 00035680 ____A (TuneUp Software) C:\Windows\System32\uxtuneup.dll
2012-09-18 19:16 - 2012-05-29 15:29 - 00029024 ____A (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2012-09-18 19:14 - 2012-09-18 19:14 - 00002215 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2012-09-18 19:14 - 2012-09-18 19:14 - 00002195 ____A C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
2012-09-18 19:14 - 2012-05-29 15:29 - 00034656 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2012-09-18 19:14 - 2012-05-29 15:29 - 00025952 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2012-09-18 19:14 - 2012-05-29 15:29 - 00021344 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2012-09-18 19:11 - 2013-02-02 19:40 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2012
2012-09-15 22:06 - 2012-09-14 15:32 - 1615426980 ____A C:\Musicalvideo.avi
2012-09-15 21:04 - 2012-09-18 19:00 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Nero
2012-09-15 21:04 - 2012-09-15 21:04 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Nero_AG
2012-09-15 21:03 - 2012-09-16 20:21 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Nero
2012-09-15 21:02 - 2012-09-15 21:02 - 00002115 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk
2012-09-15 21:01 - 2012-09-18 18:54 - 00000000 ____D C:\Program Files (x86)\Nero
2012-09-15 21:01 - 2012-09-15 21:04 - 00000000 ____D C:\ProgramData\Nero
2012-09-15 20:57 - 2010-05-26 10:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-09-15 20:57 - 2010-05-26 10:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2012-09-15 20:57 - 2010-05-26 10:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2012-09-15 20:57 - 2010-05-26 10:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2012-09-12 16:45 - 2012-08-22 19:12 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-09-12 16:45 - 2012-08-22 19:12 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-09-12 16:45 - 2012-07-04 21:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2012-09-09 20:46 - 2012-10-04 06:03 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-09-05 18:10 - 2012-09-05 18:12 - 00000000 ____D C:\ProgramData\7531CC770B4059A6004D3488F875F002
2012-08-28 22:56 - 2012-08-28 22:56 - 00001112 ____A C:\Users\Public\Desktop\Picasa 3.lnk
2012-08-24 17:02 - 2012-05-04 12:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-08-24 17:02 - 2012-05-04 10:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-08-16 12:12 - 2012-07-06 21:07 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2012-08-16 06:53 - 2012-07-04 23:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-16 06:53 - 2012-07-04 23:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-16 06:53 - 2012-07-04 23:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-16 06:53 - 2012-07-04 22:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-08-16 06:53 - 2012-07-04 22:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-08-16 06:53 - 2012-05-14 06:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-16 06:53 - 2012-05-05 09:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-16 06:53 - 2012-05-05 08:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-08-16 06:53 - 2012-02-11 07:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-08-16 06:53 - 2012-02-11 07:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-08-15 23:48 - 2012-08-15 23:48 - 00015999 ____A C:\Users\Sebastian Kroll\Documents\Rückfahrt Österreich 2012.xlsx
2012-08-14 21:16 - 2012-08-14 21:16 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\{E34B80DA-F6AE-4A74-85F3-89B36AE81476}
2012-08-10 21:16 - 2012-09-21 05:23 - 00000000 ____D C:\Bilder Österreich 2012
2012-08-07 09:34 - 2013-02-02 19:40 - 00000000 ____D C:\Program Files (x86)\Tinypic
2012-08-07 09:34 - 2012-08-07 09:34 - 00000997 ____A C:\Users\Sebastian Kroll\Desktop\TinyPic.lnk
2012-08-06 17:30 - 2013-02-02 19:39 - 00000000 ____D C:\Program Files (x86)\Audacity
2012-08-06 17:30 - 2012-10-04 06:03 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Audacity
2012-08-06 17:26 - 2012-08-06 17:27 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\{9B6802D8-31EA-41BD-BC9C-2ACD23E8866B}
2012-08-03 19:31 - 2012-08-03 19:32 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\becker
2012-08-03 19:31 - 2012-08-03 19:31 - 00000000 ____D C:\Program Files (x86)\Becker
2012-07-31 18:00 - 2012-07-31 18:00 - 00011148 ____A C:\Users\Sebastian Kroll\Documents\Ruhrtalradweg 2012.xlsx
2012-07-14 22:34 - 2012-09-30 15:15 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-07-14 22:34 - 2012-09-30 15:15 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-07-14 22:34 - 2012-09-30 15:15 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-07-14 22:34 - 2012-09-30 15:15 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-07-14 22:34 - 2012-07-14 22:34 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-07-11 22:20 - 2012-06-02 06:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-11 22:20 - 2012-06-02 06:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-11 22:20 - 2012-06-02 06:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-11 22:20 - 2012-06-02 06:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-11 22:20 - 2012-06-02 05:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-07-11 22:20 - 2012-06-02 05:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-07-11 22:20 - 2012-06-02 05:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-07-11 22:20 - 2010-06-26 04:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-11 22:20 - 2010-06-26 04:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-07-11 22:19 - 2012-06-06 07:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-11 22:19 - 2012-06-06 06:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-07-07 13:32 - 2012-07-07 14:09 - 00000000 ____D C:\Dropbox
2012-06-27 15:18 - 2012-06-27 15:18 - 02152176 ____A (Microsoft Corporation) C:\Windows\System32\WUDFUpdate_01009.dll
2012-06-27 03:14 - 2012-06-27 03:14 - 04472832 ____A (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2012-06-19 16:42 - 2012-06-02 23:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-19 16:42 - 2012-06-02 23:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-19 16:42 - 2012-06-02 23:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-19 16:42 - 2012-06-02 23:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-19 16:42 - 2012-06-02 23:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-19 16:42 - 2012-06-02 23:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-19 16:42 - 2012-06-02 23:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-19 16:41 - 2012-06-02 14:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-19 16:41 - 2012-06-02 14:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-16 20:28 - 2013-03-02 15:30 - 00000000 ____D C:\Program Files (x86)\GMX SMS-MMS-Manager
2012-06-16 20:28 - 2012-06-16 20:28 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\com.unitedinternet.ums.sms-mms-manager
2012-06-16 20:28 - 2012-06-16 20:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-06-16 20:28 - 2012-06-16 20:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-06-15 18:15 - 2012-06-15 18:15 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Macromedia
2012-06-14 03:15 - 2012-05-01 06:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-14 03:15 - 2012-04-28 04:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-14 03:15 - 2012-04-26 06:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-14 03:15 - 2012-04-26 06:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-14 03:15 - 2012-04-26 06:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-14 03:15 - 2012-04-07 13:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-14 03:15 - 2012-04-07 12:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-11 14:17 - 2012-06-11 14:17 - 00640000 ____A (Nokia) C:\Windows\System32\nmwcdcoclsx64.dll
2012-06-11 14:17 - 2012-06-11 14:17 - 00166912 ____A (Nokia) C:\Windows\System32\ccdcmbwux64.dll
2012-06-11 14:17 - 2012-06-11 14:17 - 00027136 ____A (Nokia) C:\Windows\System32\Drivers\ccdcmbox64.sys
2012-06-11 14:17 - 2012-06-11 14:17 - 00019968 ____A (Nokia) C:\Windows\System32\Drivers\ccdcmbx64.sys
2012-06-11 14:17 - 2012-06-11 14:17 - 00009216 ____A (Nokia) C:\Windows\System32\Drivers\usbser_lowerfltx64.sys
2012-06-11 14:17 - 2012-06-11 14:17 - 00009216 ____A (Nokia) C:\Windows\System32\Drivers\usbser_lowerfltjx64.sys
2012-06-06 07:49 - 2012-06-06 07:49 - 01070152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2012-05-21 20:30 - 2012-05-21 20:31 - 00292056 ____A C:\Windows\Minidump\052112-31527-01.dmp
2012-05-21 19:53 - 2012-05-21 19:54 - 00292056 ____A C:\Windows\Minidump\052112-34211-01.dmp
2012-05-21 19:49 - 2012-05-21 19:50 - 00292056 ____A C:\Windows\Minidump\052112-35459-01.dmp
2012-05-21 19:39 - 2012-05-21 19:40 - 00292056 ____A C:\Windows\Minidump\052112-41137-01.dmp
2012-05-21 19:38 - 2012-05-21 20:30 - 546090329 ____A C:\Windows\MEMORY.DMP
2012-05-21 08:50 - 2009-07-14 02:41 - 01026048 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2012-05-21 08:50 - 2009-07-14 02:41 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-05-21 08:50 - 2009-07-14 02:41 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-05-21 08:50 - 2009-07-14 02:40 - 00090112 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-05-21 08:50 - 2009-07-14 02:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\corpol.dll
2012-05-21 08:50 - 2009-07-14 02:27 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-05-21 08:50 - 2009-07-14 02:15 - 00606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2012-05-21 08:50 - 2009-07-14 02:15 - 00229376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-05-21 08:50 - 2009-07-14 02:15 - 00126976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-05-21 08:50 - 2009-07-14 02:15 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2012-05-21 08:50 - 2009-07-14 02:14 - 00176128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-05-21 08:50 - 2009-07-14 02:14 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-05-21 08:50 - 2009-07-14 02:05 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-05-21 08:50 - 2009-06-18 02:15 - 00049480 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfesmfk.sys
2012-05-21 08:50 - 2009-06-18 02:08 - 00040904 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdk.sys
2012-05-21 08:50 - 2009-06-10 21:45 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2012-05-21 08:50 - 2009-04-09 06:23 - 00176144 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\Mpfp.sys
2012-05-21 08:50 - 2006-10-26 13:45 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE
2012-05-21 08:50 - 2006-07-24 10:50 - 00125744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2012-05-21 08:50 - 2006-07-24 10:50 - 00039728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SCP32.DLL
2012-05-21 03:53 - 2013-05-20 23:37 - 00602112 ____A (OldTimer Tools) C:\OTL.exe
2012-05-21 00:23 - 2012-05-21 00:23 - 00000000 ____D C:\FRST
2012-05-12 15:01 - 2012-03-17 08:58 - 00075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-04-26 17:04 - 2013-04-13 17:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-26 17:04 - 2012-04-26 17:04 - 00000000 ____D C:\ProgramData\Mozilla
2012-04-24 16:50 - 2012-10-04 06:03 - 00000000 ____D C:\Users\Sebastian Kroll\Documents\THW Simulator
2012-04-24 16:50 - 2012-04-24 16:50 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\THW Simulator
2012-04-24 16:50 - 2012-04-24 16:50 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\CrashRpt
2012-04-24 16:48 - 2013-02-16 18:56 - 00000000 ____D C:\Program Files (x86)\Rondomedia

==================== One Month Modified Files and Folders =======
         

Alt 21.05.2013, 20:11   #10
sbstnkrll
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Teil 2 von 2

Code:
ATTFilter
==================== One Month Modified Files and Folders =======

2013-05-20 23:37 - 2012-05-21 03:53 - 00602112 ____A (OldTimer Tools) C:\OTL.exe
2013-05-20 11:56 - 2011-03-13 17:37 - 00000000 ____D C:\Users\Sebastian Kroll\Documents\Outlook-Dateien
2013-05-20 11:48 - 2012-04-05 19:03 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-20 11:12 - 2011-03-13 20:02 - 00001128 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-20 10:53 - 2013-05-19 07:45 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner (5)
2013-05-19 13:04 - 2012-11-11 13:39 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\ls 2013 mod
2013-05-18 00:54 - 2010-05-26 01:01 - 00657910 ____A C:\Windows\System32\perfh007.dat
2013-05-18 00:54 - 2010-05-26 01:01 - 00131250 ____A C:\Windows\System32\perfc007.dat
2013-05-18 00:54 - 2009-07-14 06:13 - 01507342 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-17 05:00 - 2013-04-29 20:30 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\runter
2013-05-16 23:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-05-16 20:45 - 2013-05-16 20:45 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\Segeln 2013
2013-05-16 05:14 - 2011-03-09 18:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 03:47 - 2009-07-14 05:45 - 00431136 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-16 03:16 - 2011-03-17 22:42 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-15 17:48 - 2011-03-13 19:57 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\MediaMonkey
2013-05-15 02:48 - 2012-04-05 19:03 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-15 02:48 - 2011-05-25 13:41 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-13 19:37 - 2013-05-13 19:36 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner (3)
2013-05-08 05:17 - 2013-05-08 05:16 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner (2)
2013-05-08 05:16 - 2013-04-28 15:01 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner
2013-05-07 02:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-07 02:07 - 2013-05-07 02:01 - 00010557 ____A C:\Windows\IE10_main.log
2013-05-07 02:03 - 2013-05-07 02:03 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-07 02:03 - 2013-05-07 02:03 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-07 02:03 - 2013-05-07 02:03 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-07 02:03 - 2013-05-07 02:03 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-07 02:03 - 2013-05-07 02:03 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-07 02:03 - 2013-05-07 02:03 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-07 02:03 - 2013-05-07 02:03 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-07 02:03 - 2013-05-07 02:03 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-07 02:03 - 2013-05-07 02:03 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-07 02:03 - 2013-05-07 02:03 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-07 02:03 - 2013-05-07 02:03 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-06 04:56 - 2013-05-06 04:35 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Malte Hennes
2013-05-05 21:09 - 2013-05-05 21:08 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\Neuer Ordner (2)
2013-05-05 17:48 - 2012-09-29 11:52 - 00011594 ____A C:\Windows\PFRO.log
2013-05-05 05:40 - 2013-05-05 05:40 - 00000000 ____D C:\ProgramData\StarApp
2013-05-05 05:40 - 2013-05-05 05:27 - 00000000 ____D C:\ProgramData\InstallMate
2013-05-05 05:28 - 2013-05-05 05:28 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-05-05 05:28 - 2013-05-05 05:28 - 00000000 ____D C:\ProgramData\continnuetosavve
2013-05-05 05:28 - 2013-05-05 05:28 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-05-05 05:28 - 2013-05-05 05:28 - 00000000 ____D C:\Program Files (x86)\ContinueToSave
2013-05-05 04:06 - 2013-05-01 08:51 - 00000000 ____D C:\Users\Sebastian Kroll\Downloads\Neuer Ordner (4)
2013-05-03 21:02 - 2011-08-25 15:58 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\SongBeamer
2013-05-03 18:40 - 2011-04-01 18:42 - 00000000 ____D C:\Musik
2013-05-02 01:06 - 2011-03-14 21:47 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-04-27 23:03 - 2013-04-20 22:08 - 00002052 ____A C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-04-27 23:03 - 2013-04-20 22:08 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-04-20 22:41 - 2011-03-09 18:17 - 00000000 ____D C:\ProgramData\Adobe
2013-04-20 22:08 - 2013-04-20 22:08 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-04-20 09:17 - 2013-04-19 21:59 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\Neuer Ordner
2013-04-18 17:00 - 2013-04-18 17:00 - 00010080 ____A C:\Users\Sebastian Kroll\Desktop\Mappe1.xlsx
2013-04-13 17:20 - 2012-04-26 17:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-13 12:09 - 2011-03-13 17:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-04-12 15:45 - 2013-04-24 16:57 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-10 07:01 - 2013-05-15 17:45 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-04-10 07:01 - 2013-05-15 17:45 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-04-10 04:30 - 2013-05-15 17:44 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-04-06 18:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\NDF
2013-04-05 07:52 - 2013-05-16 02:43 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-04-05 07:52 - 2013-05-16 02:43 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-04-05 07:52 - 2013-05-16 02:43 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-04-05 07:50 - 2013-05-16 02:43 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-04-05 07:50 - 2013-05-16 02:43 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-04-05 07:50 - 2013-05-16 02:43 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-04-05 07:50 - 2013-05-16 02:43 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-04-05 07:50 - 2013-05-16 02:43 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-04-05 07:50 - 2013-05-16 02:43 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-04-05 07:50 - 2013-05-16 02:43 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-04-05 07:50 - 2013-05-16 02:43 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-04-05 07:50 - 2013-05-16 02:43 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-04-05 07:50 - 2013-05-16 02:42 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-04-05 07:50 - 2013-05-16 02:42 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-04-05 06:28 - 2013-05-16 02:43 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-04-05 06:28 - 2013-05-16 02:43 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-04-05 06:26 - 2013-05-16 02:43 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-04-05 06:26 - 2013-05-16 02:42 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-04-05 05:43 - 2013-05-16 02:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-04-05 05:29 - 2013-05-16 02:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-04-05 04:51 - 2013-05-16 02:43 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 04:38 - 2013-05-16 02:43 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-04-01 11:55 - 2011-10-08 20:15 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Skype
2013-03-29 15:10 - 2011-03-13 19:24 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\ICQ
2013-03-25 18:44 - 2009-07-14 06:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-03-19 07:04 - 2013-04-10 16:46 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-03-19 06:53 - 2013-05-15 17:44 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-03-19 06:53 - 2013-05-15 17:44 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-03-19 06:46 - 2013-04-10 16:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-03-19 06:04 - 2013-04-10 16:46 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-03-19 06:04 - 2013-04-10 16:46 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-03-19 05:47 - 2013-04-10 16:46 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-03-19 04:06 - 2013-04-10 16:46 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-03-14 03:55 - 2013-03-14 03:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-14 03:55 - 2013-03-14 03:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-03-10 17:06 - 2011-05-31 14:23 - 00000000 ____D C:\Users\Sebastian Kroll\Documents\ICQ
2013-03-10 06:49 - 2013-03-10 06:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-03-10 06:48 - 2013-03-10 06:48 - 00000000 ____D C:\ProgramData\Apple Computer
2013-03-09 16:42 - 2011-05-21 19:48 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-03-02 15:30 - 2012-06-16 20:28 - 00000000 ____D C:\Program Files (x86)\GMX SMS-MMS-Manager
2013-03-02 15:30 - 2011-03-09 18:17 - 00000000 ____D C:\Program Files (x86)\Game Pack
2013-03-02 09:43 - 2011-08-25 15:58 - 00000000 ____D C:\Users\Sebastian Kroll\Documents\SongBeamer
2013-02-28 03:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-02-28 03:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-02-28 03:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-02-28 03:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-02-27 19:12 - 2011-12-27 17:59 - 00000000 ____D C:\Users\Sebastian Kroll\Documents\my games
2013-02-27 07:02 - 2013-05-15 17:44 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-02-27 06:52 - 2013-05-15 17:45 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-02-27 06:52 - 2013-05-15 17:44 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-02-27 06:48 - 2013-05-15 17:44 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-02-27 06:47 - 2013-05-15 17:44 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-02-27 05:55 - 2013-05-15 17:44 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-02-27 05:55 - 2013-05-15 17:44 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-02-27 05:49 - 2013-05-15 17:44 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-02-19 13:59 - 2011-05-21 19:48 - 00070112 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\cfwids.sys
2013-02-19 13:56 - 2011-05-21 19:48 - 00340216 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys
2013-02-19 13:56 - 2011-05-21 19:42 - 00182752 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
2013-02-19 13:55 - 2011-05-21 19:49 - 00010728 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2013-02-19 13:55 - 2011-05-21 19:48 - 00106552 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2013-02-19 13:54 - 2011-03-13 10:20 - 00771536 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys
2013-02-19 13:53 - 2011-05-21 19:48 - 00515968 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfefirek.sys
2013-02-19 13:53 - 2011-05-21 19:48 - 00309840 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2013-02-19 13:52 - 2011-03-13 10:20 - 00179280 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys
2013-02-16 19:26 - 2012-10-25 20:05 - 00000000 ____D C:\Program Files (x86)\Landwirtschafts Simulator 2013
2013-02-16 18:56 - 2012-04-24 16:48 - 00000000 ____D C:\Program Files (x86)\Rondomedia
2013-02-15 07:08 - 2013-04-10 16:46 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-02-15 07:06 - 2013-04-10 16:46 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-02-15 07:02 - 2013-04-10 16:46 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-02-15 05:37 - 2013-04-10 16:46 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-02-15 05:34 - 2013-04-10 16:46 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-02-15 04:25 - 2013-04-10 16:46 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-02-12 05:12 - 2013-03-21 22:50 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-02-02 19:43 - 2011-03-09 18:16 - 00000000 ____D C:\users\Sebastian Kroll
2013-02-02 19:42 - 2012-12-18 22:18 - 00000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2013-02-02 19:40 - 2012-11-11 17:35 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-02-02 19:40 - 2012-09-18 19:11 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2012
2013-02-02 19:40 - 2012-08-07 09:34 - 00000000 ____D C:\Program Files (x86)\Tinypic
2013-02-02 19:40 - 2011-12-19 22:51 - 00000000 ___SD C:\Users\Sebastian Kroll\Documents\Meine Datenquellen
2013-02-02 19:40 - 2011-10-15 13:16 - 00000000 ____D C:\SongBeamer
2013-02-02 19:40 - 2011-07-30 21:09 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\Destop Programme
2013-02-02 19:40 - 2011-07-05 20:59 - 00000000 ____D C:\Program Files (x86)\PDF24
2013-02-02 19:40 - 2011-03-10 20:33 - 00000000 ____D C:\Program Files\ZionWorx
2013-02-02 19:40 - 2011-03-09 18:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-02-02 19:40 - 2010-05-26 00:35 - 00000000 ____D C:\Program Files\Windows Journal
2013-02-02 19:40 - 2010-04-26 09:26 - 00000000 ____D C:\ProgramData\WinClon
2013-02-02 19:40 - 2009-08-02 03:27 - 00000000 ____D C:\Windows\Sec
2013-02-02 19:40 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\System32\restore
2013-02-02 19:40 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-02-02 19:40 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-02-02 19:40 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-02-02 19:40 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-02-02 19:40 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2013-02-02 19:40 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-02-02 19:40 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-02-02 19:40 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2013-02-02 19:40 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-02-02 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-02-02 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\migwiz
2013-02-02 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2013-02-02 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\IME
2013-02-02 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors
2013-02-02 19:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-02-02 19:39 - 2012-08-06 17:30 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-02-02 19:39 - 2011-11-15 16:51 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-02-02 19:39 - 2011-09-17 12:26 - 00000000 ____D C:\Program Files (x86)\Luxor 2
2013-02-02 19:39 - 2011-09-17 12:23 - 00000000 ____D C:\Program Files (x86)\bfgclient
2013-02-02 19:39 - 2011-03-13 19:57 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-02-02 19:39 - 2011-03-13 19:24 - 00000000 ____D C:\Program Files (x86)\ICQ7.4
2013-02-02 19:39 - 2011-03-09 18:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2013-02-02 19:39 - 2010-04-26 09:42 - 00000000 ____D C:\Program Files (x86)\AnyPC Client
2013-02-02 19:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-02-02 16:31 - 2013-02-02 10:02 - 00000000 ____D C:\Freizeiten 2013
2013-01-24 07:01 - 2013-04-10 16:46 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-01-22 17:17 - 2013-01-22 17:17 - 00000801 ____A C:\Windows\DirectX.log
2013-01-22 17:13 - 2013-01-22 17:13 - 00000908 ____A C:\Users\Public\Desktop\Emergency 4 spielen.lnk
2013-01-22 16:59 - 2013-01-22 16:59 - 00000000 ____D C:\Program Files (x86)\sixteen tons entertainment
2013-01-22 16:59 - 2010-04-26 09:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-01-13 22:17 - 2013-02-28 03:09 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 22:17 - 2013-02-28 03:09 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 22:16 - 2013-02-28 03:09 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 22:12 - 2013-02-28 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 22:11 - 2013-02-28 03:09 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 22:11 - 2013-02-28 03:09 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 22:11 - 2013-02-28 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 22:11 - 2013-02-28 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 22:11 - 2013-02-28 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 21:35 - 2013-02-28 03:09 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:35 - 2013-02-28 03:09 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:35 - 2013-02-28 03:09 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:32 - 2013-02-28 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:31 - 2013-02-28 03:09 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-01-13 21:31 - 2013-02-28 03:09 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:31 - 2013-02-28 03:09 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:31 - 2013-02-28 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:31 - 2013-02-28 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:31 - 2013-02-28 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 21:22 - 2013-02-28 03:09 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-01-13 21:20 - 2013-02-28 03:09 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-01-13 21:09 - 2013-02-28 03:09 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-01-13 21:08 - 2013-02-28 03:09 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-01-13 21:08 - 2013-02-28 03:09 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-01-13 20:59 - 2013-02-28 03:09 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-01-13 20:58 - 2013-02-28 03:09 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-01-13 20:54 - 2013-02-28 03:09 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-01-13 20:53 - 2013-02-28 03:09 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-01-13 20:53 - 2013-02-28 03:09 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-01-13 20:51 - 2013-02-28 03:09 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-01-13 20:49 - 2013-02-28 03:09 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-01-13 20:48 - 2013-02-28 03:09 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-01-13 20:46 - 2013-02-28 03:09 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-01-13 20:43 - 2013-02-28 03:09 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-01-13 20:38 - 2013-02-28 03:09 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-01-13 20:38 - 2013-02-28 03:09 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-01-13 20:38 - 2013-02-28 03:09 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-01-13 20:37 - 2013-02-28 03:09 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-01-13 20:25 - 2013-02-28 03:09 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 20:24 - 2013-02-28 03:09 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-01-13 20:24 - 2013-02-28 03:09 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-01-13 20:20 - 2013-02-28 03:09 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-01-13 20:20 - 2013-02-28 03:09 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-01-13 20:15 - 2013-02-28 03:09 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-01-13 20:10 - 2013-02-28 03:09 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-01-13 20:02 - 2013-02-28 03:09 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-01-13 19:34 - 2013-02-28 03:09 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-01-13 19:32 - 2013-02-28 03:09 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-01-13 19:09 - 2013-02-28 03:09 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 18:26 - 2013-02-28 03:09 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-01-13 18:05 - 2013-02-28 03:09 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-01-09 06:23 - 2013-01-09 06:23 - 00000000 ____D C:\341fa9d6576f117fae4b72a843
2013-01-04 07:11 - 2013-02-28 03:09 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 07:11 - 2013-02-28 03:09 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-01-04 06:46 - 2013-02-13 21:09 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-01-04 05:51 - 2013-02-13 21:09 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-01-04 03:47 - 2013-02-13 21:09 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-01-04 03:47 - 2013-02-13 21:09 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-01-04 03:47 - 2013-02-13 21:09 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-01-04 03:47 - 2013-02-13 21:09 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-01-03 07:00 - 2013-02-13 21:09 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-01-03 07:00 - 2013-02-13 21:09 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-12-22 15:46 - 2012-12-22 15:45 - 00000000 ____D C:\klingel
2012-12-18 22:33 - 2012-12-18 22:33 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Nokia Suite
2012-12-18 22:33 - 2011-03-14 19:57 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Nokia
2012-12-18 22:32 - 2012-12-18 22:32 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2012-12-18 22:32 - 2011-03-14 19:59 - 00000000 ____D C:\ProgramData\PC Suite
2012-12-18 22:29 - 2012-12-18 22:29 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\NokiaAccount
2012-12-18 22:28 - 2012-12-18 22:20 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Nokia
2012-12-18 22:20 - 2012-12-18 22:19 - 00000000 ____D C:\ProgramData\Nokia
2012-12-18 22:19 - 2012-12-18 22:19 - 00002095 ____A C:\Users\Public\Desktop\Nokia Suite.lnk
2012-12-18 22:19 - 2012-12-18 22:18 - 00000000 ____D C:\Program Files (x86)\Nokia
2012-12-18 22:18 - 2012-12-18 22:14 - 00021390 ____A C:\Windows\DPINST.LOG
2012-12-18 22:18 - 2011-03-14 19:56 - 00000000 ____D C:\Program Files\DIFX
2012-12-18 21:27 - 2012-12-18 21:27 - 00000000 __SHD C:\Users\Sebastian Kroll\Phone Browser
2012-12-18 21:17 - 2012-12-18 21:17 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2012-12-18 21:10 - 2011-03-14 19:59 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\PC Suite
2012-12-16 18:11 - 2012-12-21 06:06 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 15:45 - 2012-12-21 06:06 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-16 15:13 - 2012-12-21 06:06 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-16 15:13 - 2012-12-21 06:06 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-15 23:13 - 2012-12-15 23:13 - 00262144 ____A C:\Windows\System32\config\ELAM
2012-12-15 10:28 - 2012-01-26 19:34 - 00000000 ____D C:\Song Beamer Setup
2012-12-12 02:14 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2012-12-12 02:13 - 2011-12-17 14:21 - 00000000 ____D C:\Program Files (x86)\Zylom Games
2012-12-07 14:20 - 2013-01-09 06:15 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2012-12-07 14:15 - 2013-01-09 06:15 - 02746368 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2012-12-07 13:26 - 2013-01-09 06:15 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2012-12-07 13:20 - 2013-01-09 06:15 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2012-12-07 12:20 - 2013-01-09 06:15 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2012-12-07 12:20 - 2013-01-09 06:15 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2012-12-07 12:20 - 2013-01-09 06:15 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2012-12-07 12:20 - 2013-01-09 06:15 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2012-12-07 12:20 - 2013-01-09 06:15 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2012-12-07 12:20 - 2013-01-09 06:15 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2012-12-07 12:20 - 2013-01-09 06:15 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2012-12-07 12:19 - 2013-01-09 06:15 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2012-12-07 12:19 - 2013-01-09 06:15 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2012-12-07 12:19 - 2013-01-09 06:15 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2012-12-07 12:19 - 2013-01-09 06:15 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2012-12-07 12:19 - 2013-01-09 06:15 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2012-12-07 12:19 - 2013-01-09 06:15 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2012-12-07 12:19 - 2013-01-09 06:15 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
2012-12-07 11:46 - 2013-01-09 06:15 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
2012-12-06 22:45 - 2012-12-06 22:45 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2012-12-06 22:45 - 2012-03-21 19:14 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Samsung
2012-11-30 06:45 - 2013-01-09 06:17 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-11-30 06:45 - 2013-01-09 06:17 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-11-30 06:45 - 2013-01-09 06:17 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-11-30 06:43 - 2013-01-09 06:17 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-11-30 06:41 - 2013-01-09 06:17 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-11-30 06:41 - 2013-01-09 06:17 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 06:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 05:53 - 2013-01-09 06:17 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-11-30 05:53 - 2013-01-09 06:17 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:45 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:23 - 2013-01-09 06:17 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-11-30 03:38 - 2013-01-09 06:17 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 03:38 - 2013-01-09 06:17 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 03:38 - 2013-01-09 06:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 03:38 - 2013-01-09 06:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-11-30 00:17 - 2013-01-09 06:17 - 00420064 ____A C:\Windows\SysWOW64\locale.nls
2012-11-30 00:15 - 2013-01-09 06:17 - 00420064 ____A C:\Windows\System32\locale.nls
2012-11-23 04:13 - 2013-01-09 06:16 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2012-11-22 06:44 - 2013-01-09 06:16 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2012-11-22 05:45 - 2013-01-09 06:16 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2012-11-20 06:48 - 2013-01-09 06:16 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-11-20 05:51 - 2013-01-09 06:16 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-11-18 10:48 - 2011-03-09 23:55 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Microsoft Games
2012-11-18 08:19 - 2011-03-09 18:30 - 00116768 ____A C:\Users\Sebastian Kroll\AppData\Local\GDIPFONTCACHEV1.DAT
2012-11-18 00:25 - 2009-07-14 03:34 - 00000510 ____A C:\Windows\win.ini
2012-11-17 20:19 - 2012-11-17 20:12 - 00000000 ____D C:\von stick
2012-11-16 21:45 - 2012-11-16 21:45 - 00000000 ____D C:\Users\Sebastian Kroll\Desktop\Song Beamer
2012-11-11 17:36 - 2012-11-11 17:36 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\WinRAR
2012-11-09 06:45 - 2013-01-09 06:16 - 00750592 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-11-09 06:45 - 2012-12-13 04:32 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-11-09 05:43 - 2013-01-09 06:16 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-11-09 05:42 - 2012-12-13 04:32 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-11-02 17:40 - 2012-11-02 17:40 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2012-11-02 17:40 - 2012-03-21 19:15 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Samsung
2012-11-02 06:59 - 2012-12-13 04:31 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-11-02 06:11 - 2012-12-13 04:31 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2012-11-01 06:43 - 2013-01-09 06:16 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-11-01 06:43 - 2013-01-09 06:16 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-11-01 05:47 - 2013-01-09 06:16 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-11-01 05:47 - 2013-01-09 06:16 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-10-25 03:12 - 2012-10-25 03:12 - 00094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2012-10-25 03:12 - 2012-10-25 03:12 - 00069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2012-10-09 19:17 - 2012-11-17 16:17 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2012-10-09 19:17 - 2012-11-17 16:17 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:40 - 2012-11-17 16:17 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2012-10-09 18:40 - 2012-11-17 16:17 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2012-10-07 22:02 - 2010-04-26 09:17 - 00000000 ____D C:\ProgramData\CyberLink
2012-10-07 22:02 - 2010-04-26 09:17 - 00000000 ____D C:\Program Files (x86)\CyberLink
2012-10-04 06:04 - 2010-05-26 01:00 - 00000000 ____D C:\Windows\SysWOW64\de
2012-10-04 06:04 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2012-10-04 06:04 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins
2012-10-04 06:04 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\sppui
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\ras
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\icsxml
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\uk-UA
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\th-TH
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\sysprep
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\sr-Latn-CS
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\sppui
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\sl-SI
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\sk-SK
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\Setup
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\ro-RO
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\ras
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\manifeststore
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\lv-LV
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\lt-LT
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\icsxml
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\ias
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\hr-HR
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\he-IL
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\et-EE
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\Dism
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\bg-BG
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\ar-SA
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2012-10-04 06:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Services
2012-10-04 06:03 - 2012-09-09 20:46 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-10-04 06:03 - 2012-08-06 17:30 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Audacity
2012-10-04 06:03 - 2012-04-24 16:50 - 00000000 ____D C:\Users\Sebastian Kroll\Documents\THW Simulator
2012-10-04 06:03 - 2011-06-29 21:19 - 00000000 ____D C:\Program Files (x86)\ZionWorx
2012-10-04 06:03 - 2011-03-13 20:02 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\vlc
2012-10-04 06:03 - 2010-04-26 09:28 - 00000000 ____D C:\ProgramData\McAfee
2012-10-04 06:03 - 2010-04-26 09:25 - 00000000 ____D C:\ProgramData\SAMSUNG
2012-10-04 06:03 - 2010-04-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2012-10-04 06:02 - 2011-12-27 17:39 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2012-10-04 06:02 - 2011-10-08 20:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-10-04 06:02 - 2011-05-01 12:36 - 00000000 ____D C:\Program Files (x86)\Oberon Media
2012-10-04 06:02 - 2011-03-13 19:24 - 00000000 ____D C:\Program Files (x86)\ICQ6Toolbar
2012-10-04 06:02 - 2010-04-26 09:15 - 00000000 ____D C:\Program Files (x86)\REALTEK Wireless LAN Software
2012-10-04 06:02 - 2010-04-26 09:14 - 00000000 ____D C:\Program Files (x86)\Atheros Client Installation Program
2012-10-03 18:44 - 2012-11-17 16:16 - 00303104 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2012-10-03 18:44 - 2012-11-17 16:16 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2012-10-03 18:44 - 2012-11-17 16:16 - 00216576 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2012-10-03 18:44 - 2012-11-17 16:16 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2012-10-03 18:44 - 2012-11-17 16:16 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\netevent.dll
2012-10-03 18:42 - 2012-11-17 16:16 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2012-10-03 17:42 - 2012-11-17 16:16 - 00175104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2012-10-03 17:42 - 2012-11-17 16:16 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2012-10-03 17:42 - 2012-11-17 16:16 - 00018944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2012-10-03 17:07 - 2012-11-17 16:16 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-09-30 15:15 - 2012-09-30 15:15 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-09-30 15:15 - 2012-07-14 22:34 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-09-30 15:15 - 2012-07-14 22:34 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-09-30 15:15 - 2012-07-14 22:34 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-09-30 15:15 - 2012-07-14 22:34 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-09-30 15:15 - 2011-03-20 15:00 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-09-30 15:15 - 2011-03-20 14:59 - 00000000 ____D C:\Program Files (x86)\Java
2012-09-29 02:04 - 2011-05-21 19:48 - 00000000 ____D C:\Program Files\McAfee
2012-09-29 02:04 - 2010-04-26 09:28 - 00000000 ____D C:\Program Files (x86)\McAfee
2012-09-26 12:57 - 2012-01-31 01:15 - 00330240 ____A ((?)????) C:\Windows\MASetupCaller.dll
2012-09-26 12:57 - 2012-01-31 01:15 - 00045320 ____A (MARKANY) C:\Windows\SysWOW64\MAMACExtract.dll
2012-09-25 23:47 - 2012-11-17 16:15 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-09-25 23:46 - 2012-11-17 16:15 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-09-24 19:24 - 2012-09-24 19:24 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Sigel
2012-09-24 19:24 - 2012-09-24 19:24 - 00000000 ____D C:\Program Files (x86)\Sigel
2012-09-21 05:23 - 2012-08-10 21:16 - 00000000 ____D C:\Bilder Österreich 2012
2012-09-20 21:08 - 2012-09-20 21:08 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\{BB5EFB7F-A4E1-403A-9F17-D04148931190}
2012-09-18 19:26 - 2011-03-15 21:51 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\TuneUp Software
2012-09-18 19:14 - 2012-09-18 19:14 - 00002215 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2012-09-18 19:14 - 2012-09-18 19:14 - 00002195 ____A C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
2012-09-18 19:00 - 2012-09-15 21:04 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Nero
2012-09-18 18:54 - 2012-09-15 21:01 - 00000000 ____D C:\Program Files (x86)\Nero
2012-09-16 20:21 - 2012-09-15 21:03 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Nero
2012-09-15 22:08 - 2011-05-31 14:08 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\CyberLink
2012-09-15 21:04 - 2012-09-15 21:04 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Nero_AG
2012-09-15 21:04 - 2012-09-15 21:01 - 00000000 ____D C:\ProgramData\Nero
2012-09-15 21:02 - 2012-09-15 21:02 - 00002115 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk
2012-09-14 15:32 - 2012-09-15 22:06 - 1615426980 ____A C:\Musicalvideo.avi
2012-09-09 21:25 - 2010-04-26 09:43 - 00000000 ____D C:\Program Files (x86)\Google
2012-09-09 20:49 - 2011-03-15 21:50 - 00000000 ____D C:\ProgramData\TuneUp Software
2012-09-08 09:37 - 2011-03-09 18:26 - 00000000 __RHD C:\MSOCache
2012-09-05 18:12 - 2012-09-05 18:10 - 00000000 ____D C:\ProgramData\7531CC770B4059A6004D3488F875F002
2012-08-28 22:56 - 2012-08-28 22:56 - 00001112 ____A C:\Users\Public\Desktop\Picasa 3.lnk
2012-08-28 22:56 - 2011-03-13 17:14 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Google
2012-08-24 19:05 - 2012-10-10 15:59 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 17:57 - 2012-10-10 15:59 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 17:03 - 2011-10-08 20:15 - 00000000 ____D C:\ProgramData\Skype
2012-08-22 19:12 - 2012-09-12 16:45 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 19:12 - 2012-09-12 16:45 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-21 22:01 - 2012-09-26 16:32 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-15 23:48 - 2012-08-15 23:48 - 00015999 ____A C:\Users\Sebastian Kroll\Documents\Rückfahrt Österreich 2012.xlsx
2012-08-14 21:16 - 2012-08-14 21:16 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\{E34B80DA-F6AE-4A74-85F3-89B36AE81476}
2012-08-14 21:16 - 2011-06-05 09:08 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Windows Live
2012-08-11 01:56 - 2012-10-10 15:58 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-11 00:56 - 2012-10-10 15:58 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-08-07 09:34 - 2012-08-07 09:34 - 00000997 ____A C:\Users\Sebastian Kroll\Desktop\TinyPic.lnk
2012-08-06 17:27 - 2012-08-06 17:26 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\{9B6802D8-31EA-41BD-BC9C-2ACD23E8866B}
2012-08-05 21:20 - 2011-11-15 16:44 - 00000000 ____D C:\Windows\System32\Macromed
2012-08-03 19:32 - 2012-08-03 19:31 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\becker
2012-08-03 19:31 - 2012-08-03 19:31 - 00000000 ____D C:\Program Files (x86)\Becker
2012-07-31 18:00 - 2012-07-31 18:00 - 00011148 ____A C:\Users\Sebastian Kroll\Documents\Ruhrtalradweg 2012.xlsx
2012-07-26 05:55 - 2012-11-18 01:05 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-07-26 05:55 - 2012-11-18 01:05 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-07-26 04:08 - 2012-11-18 00:28 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-07-26 04:08 - 2012-11-18 00:28 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-07-26 04:08 - 2012-11-18 00:28 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-07-26 04:08 - 2012-11-18 00:28 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-07-26 04:08 - 2012-11-18 00:28 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-07-26 03:36 - 2012-11-18 01:05 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-07-26 03:26 - 2012-11-18 00:28 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-07-26 03:26 - 2012-11-18 00:28 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-07-14 22:34 - 2012-07-14 22:34 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-07-07 18:06 - 2011-08-01 21:00 - 00006418 ____A C:\Windows\CDPlayer.ini
2012-07-07 15:18 - 2011-05-07 13:57 - 00043520 ____A C:\Windows\SysWOW64\CmdLineExt03.dll
2012-07-07 14:09 - 2012-07-07 13:32 - 00000000 ____D C:\Dropbox
2012-07-06 21:07 - 2012-08-16 12:12 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2012-07-04 23:16 - 2012-08-16 06:53 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 23:13 - 2012-08-16 06:53 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 23:13 - 2012-08-16 06:53 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-04 22:16 - 2012-08-16 06:53 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-07-04 22:14 - 2012-08-16 06:53 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-07-04 21:26 - 2012-09-12 16:45 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2012-06-27 15:18 - 2012-06-27 15:18 - 02152176 ____A (Microsoft Corporation) C:\Windows\System32\WUDFUpdate_01009.dll
2012-06-27 15:18 - 2011-03-14 19:56 - 00026112 ____A (Nokia) C:\Windows\System32\Drivers\pccsmcfdx64.sys
2012-06-27 03:14 - 2012-06-27 03:14 - 04472832 ____A (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2012-06-16 20:28 - 2012-06-16 20:28 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\com.unitedinternet.ums.sms-mms-manager
2012-06-16 20:28 - 2012-06-16 20:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-06-16 20:28 - 2012-06-16 20:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-06-16 20:28 - 2011-03-09 18:17 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-06-16 20:27 - 2011-03-13 17:15 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Roaming\Adobe
2012-06-16 20:27 - 2011-03-09 18:17 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Adobe
2012-06-15 18:15 - 2012-06-15 18:15 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\Macromedia
2012-06-11 14:17 - 2012-06-11 14:17 - 00640000 ____A (Nokia) C:\Windows\System32\nmwcdcoclsx64.dll
2012-06-11 14:17 - 2012-06-11 14:17 - 00166912 ____A (Nokia) C:\Windows\System32\ccdcmbwux64.dll
2012-06-11 14:17 - 2012-06-11 14:17 - 00027136 ____A (Nokia) C:\Windows\System32\Drivers\ccdcmbox64.sys
2012-06-11 14:17 - 2012-06-11 14:17 - 00019968 ____A (Nokia) C:\Windows\System32\Drivers\ccdcmbx64.sys
2012-06-11 14:17 - 2012-06-11 14:17 - 00009216 ____A (Nokia) C:\Windows\System32\Drivers\usbser_lowerfltx64.sys
2012-06-11 14:17 - 2012-06-11 14:17 - 00009216 ____A (Nokia) C:\Windows\System32\Drivers\usbser_lowerfltjx64.sys
2012-06-11 14:17 - 2010-12-02 11:14 - 00057856 ____A (Nokia) C:\Windows\System32\nmwcdclsx64.dll
2012-06-06 07:49 - 2012-06-06 07:49 - 01070152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2012-06-06 07:02 - 2012-07-11 22:19 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-06 06:03 - 2012-07-11 22:19 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-03 09:27 - 2011-07-01 22:13 - 00000000 ____D C:\Anbetungsbilder
2012-06-02 23:19 - 2012-06-19 16:42 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 23:19 - 2012-06-19 16:42 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 23:19 - 2012-06-19 16:42 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 23:19 - 2012-06-19 16:42 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 23:19 - 2012-06-19 16:42 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 23:15 - 2012-06-19 16:42 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 23:15 - 2012-06-19 16:42 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 15:57 - 2012-11-18 00:28 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-06-02 15:35 - 2012-11-18 01:05 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-06-02 14:19 - 2012-06-19 16:41 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 14:15 - 2012-06-19 16:41 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 06:50 - 2012-07-11 22:20 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-02 06:48 - 2012-07-11 22:20 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-02 06:48 - 2012-07-11 22:20 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-02 06:45 - 2012-07-11 22:20 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-02 06:41 - 2012-10-10 15:58 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-02 06:41 - 2012-10-10 15:58 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-02 06:41 - 2012-10-10 15:58 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-02 05:40 - 2012-07-11 22:20 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-02 05:40 - 2012-07-11 22:20 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-02 05:36 - 2012-10-10 15:58 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-02 05:36 - 2012-10-10 15:58 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-02 05:36 - 2012-10-10 15:58 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-02 05:34 - 2012-07-11 22:20 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-05-29 15:29 - 2012-09-18 19:16 - 00035680 ____A (TuneUp Software) C:\Windows\System32\uxtuneup.dll
2012-05-29 15:29 - 2012-09-18 19:16 - 00029024 ____A (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2012-05-29 15:29 - 2012-09-18 19:14 - 00034656 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2012-05-29 15:29 - 2012-09-18 19:14 - 00025952 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2012-05-29 15:29 - 2012-09-18 19:14 - 00021344 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2012-05-21 20:31 - 2012-05-21 20:30 - 00292056 ____A C:\Windows\Minidump\052112-31527-01.dmp
2012-05-21 20:31 - 2011-03-13 20:02 - 00001124 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-05-21 20:30 - 2012-09-19 16:48 - 00029911 ____A C:\Windows\setupact.log
2012-05-21 20:30 - 2012-05-21 19:38 - 546090329 ____A C:\Windows\MEMORY.DMP
2012-05-21 20:30 - 2011-03-27 20:28 - 00000000 ____D C:\Windows\Minidump
2012-05-21 20:30 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-05-21 19:54 - 2012-05-21 19:53 - 00292056 ____A C:\Windows\Minidump\052112-34211-01.dmp
2012-05-21 19:50 - 2012-05-21 19:49 - 00292056 ____A C:\Windows\Minidump\052112-35459-01.dmp
2012-05-21 19:40 - 2012-05-21 19:39 - 00292056 ____A C:\Windows\Minidump\052112-41137-01.dmp
2012-05-21 08:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\com
2012-05-21 08:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\oobe
2012-05-21 08:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\com
2012-05-21 00:23 - 2012-05-21 00:23 - 00000000 ____D C:\FRST
2012-05-20 22:59 - 2010-04-26 09:14 - 01230300 ____A C:\Windows\WindowsUpdate.log
2012-05-20 12:23 - 2009-07-14 05:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-05-20 12:23 - 2009-07-14 05:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-05-14 06:26 - 2012-08-16 06:53 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-05-05 09:36 - 2012-08-16 06:53 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-05-05 08:46 - 2012-08-16 06:53 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-05-04 12:00 - 2012-08-24 17:02 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-05-04 10:59 - 2012-08-24 17:02 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-05-01 06:40 - 2012-06-14 03:15 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-28 04:55 - 2012-06-14 03:15 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-26 17:04 - 2012-04-26 17:04 - 00000000 ____D C:\ProgramData\Mozilla
2012-04-26 06:41 - 2012-06-14 03:15 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-26 06:41 - 2012-06-14 03:15 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-26 06:34 - 2012-06-14 03:15 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-24 16:50 - 2012-04-24 16:50 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\THW Simulator
2012-04-24 16:50 - 2012-04-24 16:50 - 00000000 ____D C:\Users\Sebastian Kroll\AppData\Local\CrashRpt

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-05-12 18:01:06
Restore point made on: 2013-05-14 16:52:02
Restore point made on: 2013-05-16 02:27:58
Restore point made on: 2013-05-16 02:42:21
Restore point made on: 2013-05-16 05:13:54
Restore point made on: 2013-05-19 18:01:18

==================== Memory info =========================== 

Percentage of memory in use: 17%
Total physical RAM: 3949.63 MB
Available physical RAM: 3256.4 MB
Total Pagefile: 3947.77 MB
Available Pagefile: 3249.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:203.37 GB) (Free:50.67 GB) NTFS (Disk=0 Partition=3)
Drive e: (Eigene Dateien) (Fixed) (Total:377.7 GB) (Free:8.49 GB) NTFS (Disk=0 Partition=4)
Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:0.74 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
Drive g: (GRMCPRXFREO_DE_DVD) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF
Drive h: (KUHSB-STICK) (Removable) (Total:3.73 GB) (Free:3.71 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: C760B073)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=203 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=378 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)


Last Boot: 2013-05-14 22:45

==================== End Of Log ============================
         

Alt 21.05.2013, 20:13   #11
ryder
/// TB-Ausbilder
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Fix mit FRST

Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
ATTFilter
DisableService: mfeavfk01
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
Schaue mal bitte ob du damit booten kannst.

Wenn nicht - probiere bitte den abgesicherten Modus mit Eingabeaufforderung.

So funktioniert es - Windows XP, Vista und 7:
Abgesicherter Modus zur Bereinigung
Dieser besondere Startmodus wird von einem User normalerweise nicht benötigt oder benutzt. Für uns ist er jedoch ein großartiges Hilfsmittel, da beim Start des Computers nur sehr wenige Komponenten geladen und so störende Bestandteile (und meistens auch die Malware) eben nicht mitgestartet werden. Um in diesen Modus zu gelangen mußt du während des Neustarts deines Computers im richtigen Moment (oder einfach so oft bis es soweit ist) die F8-Taste drücken und es wird ein Auswahlmenü erscheinen, von dem folgende drei Punkte wichtig sind:
Abgesicherter Modus
Abgesicherter Modus mit Netzwerktreibern
Abgesicherter Modus mit Eingabeaufforderung
Wähle mit den Pfeiltasten Abgesicherter Modus mit Netzwerktreibern aus und drücke Enter.

So funktioniert es - Windows 8: Alternative Anleitung
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 21.05.2013, 21:08   #12
sbstnkrll
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Das Ergebnis von Schritt 1:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-05-2013
Ran by SYSTEM at 2012-05-21 23:36:45 Run:3
Running from H:\
Boot Mode: Recovery
==============================================

mfeavfk01 service was disabled

==== End of Fixlog ====
         
Dann habe ich den Leptop im Normalen Modus neu gestartet und es ist unverändert. Das gleiche im Abgesicherten Modus und Abgesicherten mit Netzwerktreibern.

Im Abgesicherten mit Eingabeaufforderung startet der Leptop in das Eingabefeld.
nach zwei Minuten Wartezeit kommt wieder der blaue Bildschirm und der Leptop startet neu.
Bis Morgen
Sebastian

Alt 22.05.2013, 08:42   #13
ryder
/// TB-Ausbilder
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Also das ist wirklich sehr mysteriös. Der Stop-Fehler ist auch ziemlich unspezifisch.

Link: Bug Check 0x19: BAD_POOL_HEADER (Windows Debuggers)

Probiere folgendes: Gehe mit F8 wieder in die erweiterten Startoptionen und wähle "die letzte als funktionierend bekannte Konfiguration" und versuche damit zu starten.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 22.05.2013, 18:04   #14
sbstnkrll
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



auch wenn ich den Leptop über die Funktion "die letzte als funktionierend bekannte Konfiguration" starte, taucht der gleiche Fehler, also blauer Bildschirm wieder auf.

Mal anders gefragt, gibt es eine mögichkeit die persönlichen Daten auf der Festplatte zu Kopieren? Dann sie neu zu formatieren und alles neu aufspielen?
Und wenn dieses geschehen ist, wären die im Moment auftretenden Probleme behoben?

Alt 22.05.2013, 18:49   #15
ryder
/// TB-Ausbilder
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Das auf jeden Fall.

Ich gebe dir mal eine Anleitung dafür:

Herstellen eines USB-Sticks mit der Kaspersky-Rescue-Disk

Du braucht dazu einen USB-Stick (am besten leer) mit mindestens 1 GB Platz.
  • Bitte downloade dir YUMI von dieser Webseite auf deinen Desktop.
  • Schliesse deinen USB-Stick an, starte YUMI und akzeptiere die Lizenzvereinbarung.
  • Step 1: Wähle den Laufwerksbuchstaben deines Sticks aus.
  • Step 2: Wähle aus der Liste "Kaspersky Rescue Disk (Antivirus Scanner)" aus (relativ weit unten)
  • Hake an "Download the img (Optional)", YUMI fragt dich ob du jetzt herunterladen willst. Klicke Ja.
  • Speichere die *.iso auf deinem Desktop.
  • Step 3: Falls das *.iso nicht schon ausgewählt wurde (grüne Farbe) klicke Browse, suche das Image und wähle es aus.
  • Klicke jetzt auf Create und beantworte die Sicherheitsabfrage mit Ja. Dein USB-Stick wird jetzt vollautomatisch vorbereitet. Warte bis der Vorgangabgeschlossen ist.


Starten des Kaspersky Rescue Sticks zur Datensicherung
  • Schliesse den USB-Stick an das infizierte System an. Starte den Rechner (neu).
  • Während des Starts drücke die Taste mit der du das Bootmenü aufrufen kannst (oft ist das F8) und wähle den USB-Stick zum booten aus.
  • Es erscheint das YUMI-Menü. Wähle hier Antivirus Tools >Kaspersky Rescue CD > Run ... from this USB
  • Das Rettungssystem startet jetzt. Wenn du mehrere Betriebssysteme installiert hast erscheint ein Menü in dem du auswählen kannst auf welches du zugreifen willst.
  • Deine Windowslaufwerke C: bis Z: (wenn vorhanden) werden als Ordner auf dem Desktop erzeugt.
  • Kopiere also alle wichtigen Dateien von deinen Windowslaufwerken auf deinen USB-Stick zur Sicherung.
  • Zum Herunterfahren klicke auf das K-Symbol unten links und wähle shutdown.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Antwort

Themen zu GVU Trojaner WIN 7
ahnung, bot, destop, erstell, gvu trojaner, keine ahnung, leptop, leute, modus, otlpe, otlpenet, rechner, starte, startet, troja, trojaner, weiterhelfen, win, win 7, windows, windows xp



Zum Thema GVU Trojaner WIN 7 - Hallo Leute, Ich habe mir auf meinem Leptop den GVU Trojaner eingefangen. Der Leptop startet auch nicht im Abgesichertem Modus, auch nicht mit Eingabeaufforderung. Habe mir vom zweiten Rechner (Destop - GVU Trojaner WIN 7...
Archiv
Du betrachtest: GVU Trojaner WIN 7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.