| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: __prosschiff@gmail.com_.cryptWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.09.2015, 17:09
| #1 |
 |  __prosschiff@gmail.com_.crypt Alle Dateien auf meinem PC wurde mit der Endung __prosschiff@gmail.com_.crypt erweitert. Damit funktioniert natürlich auch nichts mehr. Wie bringe ich diesen Plagegeist wieder los ? Danke Torsten.E |
|
03.09.2015, 17:44
| #2 |
| /// the machine /// TB-Ausbilder    | __prosschiff@gmail.com_.crypt hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
03.09.2015, 17:52
| #3 |
| | FRSTCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:31-08-2015
durchgeführt von Administrator (Administrator) auf SH-PC2 (03-09-2015 18:48:10)
Gestartet von C:\Users\TEMP.SH-PC2.031\Desktop
Geladene Profile: Administrator (Verfügbare Profile: Schwedenhaus & Administrator)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(VMware, Inc.) C:\Program Files\VMware\VMware Tools\vmacthlp.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
() C:\Users\Schwedenhaus\AppData\Roaming\Mikogo 4\M4-Service.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(McAfee, Inc.) C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Users\Schwedenhaus\AppData\Roaming\Mikogo 4\M4-Capture.exe
() C:\Program Files\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo) C:\Program Files\Twonky\TwonkyServer\twonkystarter.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor Enterprise\saHookMain.exe
() C:\Program Files\Twonky\TwonkyServer\twonkywebdav.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone Agent\vmware-converter-a.exe
(Evgeny Lachinov) C:\Program Files\Wild Media Server\wmssvc.exe
() C:\Program Files\Twonky\TwonkyServer\twonkyserver.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint\LBTWiz.exe
(Axis Communications) C:\Program Files\Axis Communications\AXIS Camera Management 4\AcmService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfeann.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Cortado AG) C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Cortado AG) C:\Program Files\VMware\VMware Tools\TPAutoConnect.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\LifeExp.exe
() C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
(Logitech Inc.) C:\Program Files\Squeezebox\SqueezeTray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 12\Snagit32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 12\SnagPriv.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 12\TscHelp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9914984 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-08-20] ()
HKLM\...\Run: [TVEService] => C:\Program Files\CyberLink\TV Enhance\TVEService.exe [176128 2008-09-30] (CyberLink Corp.)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM\...\Run: [MVS Splash] => C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe [480872 2012-11-13] ()
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [VMware User Process] => C:\Program Files\VMware\VMware Tools\vmtoolsd.exe [64704 2015-05-22] (VMware, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20] (Logitech, Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
AppInit_DLLs: C:\Windows\system32\FileMonitor32.dll => C:\Windows\system32\FileMonitor32.dll [108544 2011-04-19] ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Keine Datei
Startup: C:\Users\Administrator.IFTA-GMBH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Asset UPnP uMediaLibrary.lnk [2010-08-02]
ShortcutTarget: Asset UPnP uMediaLibrary.lnk -> C:\Program Files\Illustrate\dBpoweramp\uMediaLibrary.exe (Keine Datei)
Startup: C:\Users\Administrator.IFTA-GMBH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Asset UPnP.lnk [2010-08-02]
ShortcutTarget: Asset UPnP.lnk -> C:\Program Files\Illustrate\dBpoweramp\Asset-uPNP.exe (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Media Server-Taskleisten-Tool.lnk [2012-10-06]
ShortcutTarget: Logitech Media Server-Taskleisten-Tool.lnk -> C:\Program Files\Squeezebox\SqueezeTray.exe (Logitech Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2010-07-14]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2014-09-12]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe (Samsung Electronics Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk [2014-10-08]
ShortcutTarget: Snagit 12.lnk -> C:\Program Files\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation)
Startup: C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk!___prosschiff@gmail.com_.crypt [2014-08-28]
Startup: C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jAnrufmonitor 5.0.lnk!___prosschiff@gmail.com_.crypt [2015-01-21]
Startup: C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lFIrshno.lnk [2015-08-30]
ShortcutTarget: lFIrshno.lnk -> C:\Users\TEMP.SH-PC2.031\AppData\Local\{F5552CE3-9802-4CE0-9826-10C7A8A00F93}\aogaRrTd.exe (Keine Datei)
Startup: C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lFIrshno.lnk!___prosschiff@gmail.com_.crypt [2015-08-30]
Startup: C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\login.bat.lnk!___prosschiff@gmail.com_.crypt [2013-11-19]
Startup: C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyManager.lnk!___prosschiff@gmail.com_.crypt [2012-11-18]
GroupPolicyScripts: Gruppenrichtline erkannt <======= ACHTUNG
GroupPolicyScripts\User: Gruppenrichtline erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\..\Interfaces\{D5A1D48A-C98D-422F-A34E-91FC24A9F1D5}: [NameServer] 192.168.21.20
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04] (Skype Technologies S.A.)
BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-21] (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20140403131932.dll [2013-12-17] (McAfee, Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll [2014-03-06] (McAfee, Inc.)
BHO: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files\AusweisApp\siqeCardClientIE32.ols [2014-04-11] (OpenLimit SignCubes AG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-21] (Oracle Corporation)
Toolbar: HKLM - Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~2.0\toolbars\ZENDIE~1.DLL Keine Datei
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll [2014-03-06] (McAfee, Inc.)
DPF: {89A32C64-6176-4D10-BCA3-10B0079818FA} hxxps://server2.ifta-gmbh.local:3443/webconsole/RIMWebComponents.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll [2014-03-06] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll [2014-03-06] (McAfee, Inc.)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-21] (Oracle Corporation)
FF Plugin: @mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor Enterprise\NPMcFFPlg.dll [2014-03-06] (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-12-23] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll [2014-02-11] (VMware, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-06-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-06-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-06-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-06-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-06-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npstrlnk.dll [2010-07-20] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011-10-26] (Nullsoft, Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA} [2015-03-14]
FF Extension: McAfee SiteAdvisor Enterprise - C:\Program Files\Mozilla Firefox\distribution\bundles\{B7082FAA-CB62-4872-9106-E42DD88EDE45} [2015-03-14]
FF HKLM\...\Firefox\Extensions: [{3c9761ad-a43d-4447-b924-f5d83cb48063}] - C:\Program Files\Zend\Zend Studio 10.5.0\toolbars\firefox
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-08-07]
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files\Common Files\McAfee\SystemCore [2013-08-22]
FF HKLM\...\Firefox\Extensions: [{4F3D26C8-9907-48ff-BC74-B8C572D317BF}] - C:\Program Files\AusweisApp\mozilla\eCardClientExt_FFxx_Win
FF Extension: Kein Name - C:\Program Files\AusweisApp\mozilla\eCardClientExt_FFxx_Win [2014-08-25]
FF HKLM\...\Firefox\Extensions: [{4F0963A3-1658-4fde-9585-23A25CC288BF}] - C:\Program Files\AusweisApp\mozilla\eCardClientPIn_FFxx_Win
FF Extension: Kein Name - C:\Program Files\AusweisApp\mozilla\eCardClientPIn_FFxx_Win [2014-08-25]
Chrome:
=======
CHR Profile: C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-03]
CHR Extension: (Google Docs) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-03]
CHR Extension: (Google Drive) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-03]
CHR Extension: (YouTube) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-03]
CHR Extension: (Google Search) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-03]
CHR Extension: (Google Sheets) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-03]
CHR Extension: (McAfee SiteAdvisor Enterprise) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\feobgjncdknhelkhjpiejdbpliekmfaj [2015-09-03]
CHR Extension: (Google Docs Offline) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-03]
CHR Extension: (Gmail) - C:\Users\TEMP.SH-PC2.031\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-03]
CHR HKLM\...\Chrome\Extension: [feobgjncdknhelkhjpiejdbpliekmfaj] - C:\Program Files\McAfee\SiteAdvisor Enterprise\McChPlg.crx [2014-03-06]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AXIS Camera Management; C:\Program Files\Axis Communications\AXIS Camera Management 4\AcmService.exe [17920 2013-09-05] (Axis Communications) [Datei ist nicht signiert]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [3128856 2012-02-28] (devolo AG)
S3 ELIService; C:\Program Files\EventLog Inspector 3\ELIService.exe [2276976 2013-07-30] ()
S3 FirebirdServerDefaultIns_GDI3; C:\Program Files\Firebird\FB25_GDI_23053\bin\fbserver.exe [3735552 2011-01-13] (Firebird Project) [Datei ist nicht signiert]
R2 M4-Service; C:\Users\Schwedenhaus\AppData\Roaming\Mikogo 4\M4-Service.exe [1008032 2012-07-18] ()
R2 McAfee SiteAdvisor Enterprise Service; C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe [161128 2014-03-06] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [204320 2013-12-17] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2013-12-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [174968 2013-12-17] (McAfee, Inc.)
R2 myAgtSvc; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [296400 2014-04-25] (McAfee, Inc.)
S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [241734 2008-09-30] () [Datei ist nicht signiert]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [378416 2013-02-05] (Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 SXDS10; C:\Program Files\Common Files\soft Xpansion\SXDS10.exe [160768 2009-07-13] (soft Xpansion) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
R3 TPAutoConnSvc; C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe [382288 2015-05-22] (Cortado AG)
S3 TPVCGateway; C:\Program Files\VMware\VMware Tools\TPVCGateway.exe [406864 2015-05-22] (Cortado AG)
R2 TVECapSvc; C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [348255 2008-09-30] () [Datei ist nicht signiert]
R2 TVESched; C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [118877 2008-09-30] () [Datei ist nicht signiert]
R2 TwonkyProxy; C:\Program Files\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-07-09] ()
R2 TwonkyServer; C:\Program Files\Twonky\TwonkyServer\twonkystarter.exe [549704 2012-07-09] (PacketVideo)
R2 TwonkyWebDav; C:\Program Files\Twonky\TwonkyServer\twonkywebdav.exe [271176 2012-07-09] ()
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [714832 2013-08-05] (VMware, Inc.)
R2 VMware Physical Disk Helper Service; C:\Program Files\VMware\VMware Tools\vmacthlp.exe [411328 2015-05-22] (VMware, Inc.)
R2 vmware-converter-agent; C:\Program Files\VMware\VMware vCenter Converter Standalone Agent\vmware-converter-a.exe [423576 2012-10-15] (VMware, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WmsService; C:\Program Files\Wild Media Server\wmssvc.exe [3082504 2010-12-30] (Evgeny Lachinov)
R2 RumorServer; "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" /RunDLL=RumorServer.dll;ServiceHost [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2010-08-22] (Protect Software GmbH) [Datei ist nicht signiert]
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [105728 2013-08-07] (AVM Berlin)
S3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2013-08-07] (AVM Berlin)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 bmdrvr; C:\Windows\System32\drivers\bmdrvr.sys [54384 2011-03-15] (VMware, Inc.)
R3 DLANS2C0; C:\Windows\System32\drivers\dvls2c6x.sys [99200 2009-05-08] (devolo AG)
R3 DLANS2T0; C:\Windows\System32\drivers\dvls2t6x.sys [42624 2009-05-08] (devolo AG)
S3 es1371; C:\Windows\System32\drivers\es1371mp.sys [40832 2002-06-03] (Creative Technology Ltd.)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH) [Datei ist nicht signiert]
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41936 2013-08-05] (VMware, Inc.)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [104024 2010-08-20] (JMicron Technology Corp.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [134472 2013-12-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236480 2013-12-17] (McAfee, Inc.)
R3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [66408 2013-12-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [365928 2013-12-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [573136 2013-12-17] (McAfee, Inc.)
S1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [64912 2012-02-22] (McAfee, Inc.)
R3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [93144 2013-12-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [213872 2013-12-17] (McAfee, Inc.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-17] () [Datei ist nicht signiert]
R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2012-01-31] (CACE Technologies) [Datei ist nicht signiert]
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [22184 2014-10-09] (Audials AG)
S3 SCL01132; C:\Windows\System32\DRIVERS\SCL01132.sys [61824 2010-05-07] (SCM Microsystems Inc.)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-04-10] (Samsung Electronics) [Datei ist nicht signiert]
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [23296 2014-10-13] (DEVGURU Co., LTD.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [Datei ist nicht signiert]
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2014-10-09] (RapidSolution Software AG)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2013-10-17] (TeamViewer GmbH)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [44544 2012-09-28] (Apple, Inc.) [Datei ist nicht signiert]
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [83392 2011-10-01] (Acronis)
R2 VMMEMCTL; C:\Program Files\Common Files\VMware\Drivers\memctl\vmmemctl.sys [18752 2015-05-22] (VMware, Inc.)
R3 vmusbmouse; C:\Windows\System32\DRIVERS\vmusbmouse.sys [11928 2012-10-31] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [64704 2014-11-17] (VMware, Inc.)
R2 vstor2-mntapi10-shared; C:\Windows\System32\drivers\vstor2-mntapi10-shared.sys [22768 2011-07-12] (VMware, Inc.)
U3 mfeavfk01; kein ImagePath
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-03 18:48 - 2015-09-03 18:48 - 00028965 _____ C:\Users\TEMP.SH-PC2.031\Desktop\FRST.txt
2015-09-03 18:47 - 2015-09-03 18:48 - 00000000 ____D C:\FRST
2015-09-03 18:47 - 2015-09-03 18:47 - 01690624 _____ (Farbar) C:\Users\TEMP.SH-PC2.031\Desktop\FRST.exe
2015-09-03 18:47 - 2015-09-03 18:47 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Roaming\Avanquest
2015-09-03 17:24 - 2015-09-03 17:24 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\Documents\Snagit
2015-09-03 17:24 - 2015-09-03 17:24 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Local\TechSmith
2015-09-03 17:23 - 2015-09-03 18:46 - 00002153 _____ C:\Users\TEMP.SH-PC2.031\Desktop\Google Chrome.lnk
2015-09-03 17:23 - 2015-09-03 17:23 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Roaming\Samsung
2015-09-03 17:23 - 2015-09-03 17:23 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Roaming\McAfee
2015-09-03 17:23 - 2015-09-03 17:23 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Roaming\Logitech
2015-09-03 17:23 - 2015-09-03 17:23 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Local\TVEnhance
2015-09-03 17:23 - 2015-09-03 17:23 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Local\RapidSolution
2015-09-03 17:22 - 2015-09-03 17:23 - 00159288 _____ C:\Users\TEMP.SH-PC2.031\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-03 17:22 - 2015-09-03 17:23 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Local\Google
2015-09-03 17:22 - 2015-09-03 17:23 - 00000000 ____D C:\Users\TEMP.SH-PC2.031
2015-09-03 17:22 - 2015-09-03 17:22 - 00001381 _____ C:\Users\TEMP.SH-PC2.031\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-03 17:22 - 2015-09-03 17:22 - 00000020 ___SH C:\Users\TEMP.SH-PC2.031\ntuser.ini
2015-09-03 17:22 - 2015-09-03 17:22 - 00000000 _SHDL C:\Users\TEMP.SH-PC2.031\Startmenü
2015-09-03 17:22 - 2015-09-03 17:22 - 00000000 _SHDL C:\Users\TEMP.SH-PC2.031\Netzwerkumgebung
2015-09-03 17:22 - 2015-09-03 17:22 - 00000000 _SHDL C:\Users\TEMP.SH-PC2.031\Druckumgebung
2015-09-03 17:22 - 2015-09-03 17:22 - 00000000 _SHDL C:\Users\TEMP.SH-PC2.031\Documents\Eigene Musik
2015-09-03 17:22 - 2015-09-03 17:22 - 00000000 _SHDL C:\Users\TEMP.SH-PC2.031\Documents\Eigene Bilder
2015-09-03 17:22 - 2015-09-03 17:22 - 00000000 _SHDL C:\Users\TEMP.SH-PC2.031\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-03 17:22 - 2015-09-03 17:22 - 00000000 _SHDL C:\Users\TEMP.SH-PC2.031\AppData\Local\Verlauf
2015-09-03 17:22 - 2015-09-03 17:22 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Roaming\Adobe
2015-09-03 17:22 - 2012-05-07 23:29 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\LocalGoogle
2015-09-03 17:22 - 2011-12-23 11:31 - 00000000 ___RD C:\Users\TEMP.SH-PC2.031\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-03 17:22 - 2011-12-23 11:31 - 00000000 ___RD C:\Users\TEMP.SH-PC2.031\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-03 17:22 - 2011-12-23 11:31 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Roaming\Macromedia
2015-09-03 17:22 - 2011-12-23 11:31 - 00000000 ____D C:\Users\TEMP.SH-PC2.031\AppData\Local\Microsoft Help
2015-08-31 13:06 - 2015-08-31 13:27 - 00003403 _____ C:\Users\Schwedenhaus\Desktop\Google Chrome.lnk!___prosschiff@gmail.com_.crypt
2015-08-31 13:06 - 2015-08-31 13:06 - 00000000 ____D C:\Users\Schwedenhaus\Documents\CyberLink
2015-08-31 13:06 - 2015-08-31 13:06 - 00000000 ____D C:\updates
2015-08-28 09:08 - 2015-08-28 09:12 - 24327792 _____ C:\Users\Schwedenhaus\Desktop\bu_alphabet_GRUPPEN_FIRMEN_2015-08-27_18-04-02.xml!___prosschiff@gmail.com_.crypt
2015-08-25 22:09 - 2015-08-25 22:09 - 08838771 _____ C:\Users\Schwedenhaus\Downloads\Profildaten-spin-20150825.zip!___prosschiff@gmail.com_.crypt
2015-08-25 22:09 - 2015-08-25 22:09 - 08838771 _____ C:\Users\Schwedenhaus\Downloads\Profildaten-spin-20150825 (1).zip!___prosschiff@gmail.com_.crypt
2015-08-25 16:33 - 2015-08-25 16:33 - 00143350 _____ C:\Users\Schwedenhaus\Desktop\skype-konto.jpg!___prosschiff@gmail.com_.crypt
2015-08-25 16:25 - 2015-08-25 16:26 - 00128305 _____ C:\Users\Schwedenhaus\Desktop\carmen-skype.jpg!___prosschiff@gmail.com_.crypt
2015-08-25 16:23 - 2015-08-25 16:23 - 06550754 _____ C:\Users\Schwedenhaus\Desktop\SkypeWebPlugin.msi!___prosschiff@gmail.com_.crypt
2015-08-25 16:23 - 2015-08-25 16:23 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\SkypePlugin
2015-08-22 11:29 - 2015-08-22 11:29 - 00010459 _____ C:\Users\Schwedenhaus\Desktop\honda-de_garten_hrd_2015_L.pdf!___prosschiff@gmail.com_.crypt
2015-08-22 09:16 - 2015-08-22 09:16 - 01595180 _____ C:\Users\Schwedenhaus\Desktop\Toro-3388-580.pdf!___prosschiff@gmail.com_.crypt
2015-08-20 11:34 - 2015-08-20 11:34 - 00000000 ____D C:\Users\TEMP.SH-PC2.030\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-20 11:34 - 2015-08-20 11:34 - 00000000 ____D C:\Users\TEMP.SH-PC2.030
2015-08-20 09:33 - 2015-08-20 09:33 - 00000000 ____D C:\Users\TEMP.SH-PC2.029
2015-08-20 03:31 - 2015-08-20 03:31 - 00000000 ____D C:\Users\TEMP.SH-PC2.028
2015-08-20 03:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-20 03:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-18 18:01 - 2015-08-18 18:01 - 00062215 _____ C:\Users\Schwedenhaus\Downloads\pkeyuibx_v1.5.0.zip!___prosschiff@gmail.com_.crypt
2015-08-14 09:12 - 2015-08-14 09:12 - 00073103 _____ C:\Users\Schwedenhaus\Desktop\bu_alphabet_ALPH_Agraria_2015-08-14_09-11-21.pdf!___prosschiff@gmail.com_.crypt
2015-08-14 08:57 - 2015-08-14 08:57 - 00072877 _____ C:\Users\Schwedenhaus\Desktop\bu_alphabet_ALPH_Agraria_2015-08-14_08-53-02.pdf!___prosschiff@gmail.com_.crypt
2015-08-14 08:19 - 2015-08-30 01:35 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\xsl_Barsoi_20150813
2015-08-14 08:18 - 2015-08-14 08:18 - 00012935 _____ C:\Users\Schwedenhaus\Desktop\xsl_Barsoi_20150813.zip!___prosschiff@gmail.com_.crypt
2015-08-12 07:20 - 2015-08-30 01:59 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 03:01 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 20:44 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 20:44 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 20:44 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 20:44 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-11 20:44 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 20:44 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-11 20:44 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-11 20:44 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 20:44 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 20:44 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 20:44 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 20:44 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 20:44 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 20:44 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 20:44 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-11 20:44 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 20:44 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 20:44 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-11 20:44 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 20:44 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 20:44 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 20:44 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 20:44 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 20:44 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 20:44 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-11 20:44 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 20:44 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 20:44 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 20:44 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 20:44 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-11 20:44 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 20:44 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-11 20:44 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 20:44 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-11 20:44 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-11 20:44 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 20:44 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 20:44 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-11 20:44 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 20:44 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 20:44 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 20:44 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-11 20:44 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-11 20:44 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 20:44 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 20:44 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 20:44 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-11 20:44 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 20:44 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 20:44 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 20:44 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 20:44 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-11 20:44 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-11 20:44 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 20:44 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 20:44 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 20:44 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-11 20:44 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-11 20:44 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 20:44 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 20:44 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 20:44 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-11 20:44 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-11 20:44 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 20:44 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 20:44 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 20:44 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 20:44 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 20:44 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 20:44 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-11 20:44 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 20:44 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 20:44 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 20:44 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 20:44 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-11 20:44 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-11 20:44 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 20:44 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 20:44 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 20:44 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 20:44 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-11 20:44 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 20:44 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-11 20:44 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-11 20:44 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 20:44 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-11 20:44 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 20:44 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 20:44 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 20:44 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-11 20:44 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-11 20:44 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 20:44 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 20:44 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-11 20:44 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 20:44 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 20:44 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 20:44 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 20:44 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 20:44 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 20:44 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 20:43 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 20:43 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 20:43 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 20:43 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 20:43 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 20:43 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 20:43 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 15:45 - 2015-08-11 15:45 - 00231843 _____ C:\Users\Schwedenhaus\Desktop\john_deere_js63vc_.pdf!___prosschiff@gmail.com_.crypt
2015-08-11 14:06 - 2015-08-11 14:06 - 00003208 _____ C:\Users\Schwedenhaus\Downloads\plg_admin8_j16_0.9.2.zip!___prosschiff@gmail.com_.crypt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-03 18:40 - 2013-08-06 10:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-03 18:25 - 2010-02-07 19:28 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-03 17:49 - 2012-05-19 19:44 - 00001172 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789433706-2975812997-1506108583-500UA.job
2015-09-03 17:31 - 2011-12-23 12:13 - 01630814 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-03 17:31 - 2009-07-14 06:34 - 00025328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-03 17:31 - 2009-07-14 06:34 - 00025328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-03 17:23 - 2011-12-23 10:49 - 00000000 ____D C:\Users\Administrator
2015-09-03 17:23 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-03 17:23 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-09-03 17:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-09-03 17:22 - 2012-11-19 19:42 - 00000000 ____D C:\ProgramData\TwonkyServer
2015-09-03 17:22 - 2012-08-11 23:05 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Mikogo 4
2015-09-03 17:22 - 2011-12-24 09:56 - 00053940 _____ C:\Windows\error.log
2015-09-03 17:22 - 2011-12-24 09:55 - 71915329 _____ C:\Windows\setupact.log
2015-09-03 17:22 - 2011-12-24 09:54 - 00011961 _____ C:\Windows\errord.log
2015-09-03 17:22 - 2011-02-21 09:53 - 00000000 ____D C:\ProgramData\firebird
2015-09-03 17:22 - 2010-10-27 18:49 - 00000000 ____D C:\ProgramData\CyberLink
2015-09-03 17:22 - 2010-08-03 12:19 - 00000000 ____D C:\ProgramData\Wild Media Server
2015-09-03 17:22 - 2010-02-07 19:28 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-03 17:22 - 2009-11-21 17:33 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-03 17:22 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-03 17:21 - 2011-12-23 12:01 - 01436966 _____ C:\Windows\WindowsUpdate.log
2015-09-03 11:27 - 2010-07-26 21:50 - 00000000 ____D C:\Program Files\TeamViewer
2015-09-02 19:49 - 2012-05-19 19:44 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789433706-2975812997-1506108583-500Core.job
2015-09-02 17:05 - 2015-07-31 12:16 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\GWX
2015-09-02 16:37 - 2013-08-05 09:56 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\CrashDumps
2015-09-02 15:58 - 2010-10-27 19:10 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\TVEnhance
2015-09-02 07:04 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-09-01 05:00 - 2014-04-24 12:11 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2015-08-31 14:51 - 2011-12-23 10:49 - 00000000 ____D C:\Users\Schwedenhaus
2015-08-31 13:28 - 2011-12-23 21:00 - 00160538 _____ C:\Users\Schwedenhaus\AppData\Local\GDIPFONTCACHEV1.DAT!___prosschiff@gmail.com_.crypt
2015-08-31 13:16 - 2009-07-14 06:41 - 00001528 ___SH C:\Users\Public\Documents\desktop.ini!___prosschiff@gmail.com_.crypt
2015-08-31 13:16 - 2009-07-14 06:41 - 00001424 ___SH C:\Users\Public\desktop.ini!___prosschiff@gmail.com_.crypt
2015-08-31 13:15 - 2011-12-24 00:08 - 00777516 ____H C:\Users\Schwedenhaus\AppData\Local\IconCache.db!___prosschiff@gmail.com_.crypt
2015-08-31 13:06 - 2011-12-23 20:58 - 00001270 ___SH C:\Users\Schwedenhaus\ntuser.ini!___prosschiff@gmail.com_.crypt
2015-08-31 02:00 - 2012-05-19 10:29 - 00000350 _____ C:\Windows\Tasks\Quark Updater.job
2015-08-31 01:06 - 2011-10-05 07:58 - 00000000 ____D C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2015-08-30 04:31 - 2013-01-05 15:20 - 00000000 ____D C:\ProgramData\leawo
2015-08-30 03:11 - 2014-10-23 08:55 - 00000000 ____D C:\Utilities
2015-08-30 03:00 - 2015-06-20 10:50 - 00002502 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3086022667-2732812533-850181598-1000UA.job!___prosschiff@gmail.com_.crypt
2015-08-30 02:47 - 2012-10-22 20:42 - 00002206 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3086022667-2732812533-850181598-1000UA.job!___prosschiff@gmail.com_.crypt
2015-08-30 02:26 - 2013-06-13 18:59 - 00000000 ____D C:\Users\Schwedenhaus\wp
2015-08-30 02:26 - 2010-08-19 11:13 - 00000000 ____D C:\Users\Schwedenhaus\ssh
2015-08-30 02:26 - 2010-01-17 11:22 - 00000000 ____D C:\Users\Schwedenhaus\Tracing
2015-08-30 02:24 - 2012-01-20 16:55 - 00000000 ____D C:\Users\Schwedenhaus\ncftp
2015-08-30 02:22 - 2013-02-07 11:16 - 00000000 ____D C:\Users\Schwedenhaus\Joomla-ZIP
2015-08-30 02:17 - 2010-11-25 17:02 - 00000000 ____D C:\Users\Administrator\ssh
2015-08-30 02:17 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-30 02:16 - 2014-09-22 20:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Web-Sniffer
2015-08-30 02:16 - 2014-01-09 12:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\WatchTVProEx
2015-08-30 02:16 - 2013-11-06 11:53 - 00000000 ____D C:\Users\Administrator\Desktop\mbar
2015-08-30 02:16 - 2012-11-19 19:42 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TwonkyServer
2015-08-30 02:16 - 2011-06-21 15:30 - 00000000 ____D C:\Users\Administrator\Desktop\FW_RT_N56U_1014
2015-08-30 02:16 - 2011-04-15 15:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\VMware
2015-08-30 02:16 - 2011-03-26 16:45 - 00000000 ____D C:\Users\Administrator\Documents\Add-in Express
2015-08-30 02:16 - 2010-12-04 19:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2015-08-30 02:16 - 2010-11-18 11:09 - 00000000 ____D C:\Users\Administrator\Documents\PhoenixRC
2015-08-30 02:16 - 2010-09-09 11:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\skypePM
2015-08-30 02:16 - 2010-09-09 11:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2015-08-30 02:16 - 2010-08-22 16:19 - 00000000 ____D C:\Users\Administrator\Documents\Snagit
2015-08-30 02:16 - 2010-08-17 10:51 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\WinRAR
2015-08-30 02:16 - 2010-08-17 09:47 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Subversion
2015-08-30 02:16 - 2010-08-05 18:51 - 00000000 ____D C:\Users\Administrator\Desktop\tsmuxer
2015-08-30 02:16 - 2010-08-04 12:53 - 00000000 ____D C:\Users\Administrator\Desktop\vobmerge-2.51
2015-08-30 02:16 - 2010-08-03 12:18 - 00000000 ____D C:\Users\Administrator\Documents\WMS.1_04_7
2015-08-30 02:16 - 2010-07-31 22:06 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Winamp
2015-08-30 02:16 - 2010-07-28 21:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TeamViewer
2015-08-30 02:16 - 2010-07-11 16:09 - 00000000 ____D C:\Users\Administrator\ModuleStudio
2015-08-30 02:16 - 2010-05-08 13:12 - 00000000 ____D C:\Users\Administrator\Desktop\JavaRa115
2015-08-30 02:16 - 2009-12-30 15:17 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ZoomBrowser EX
2015-08-30 02:15 - 2014-03-13 15:17 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\hbide
2015-08-30 02:15 - 2014-01-31 10:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Notepad++
2015-08-30 02:15 - 2014-01-09 15:24 - 00000000 ____D C:\Users\Administrator\AppData\Local\WinZip
2015-08-30 02:15 - 2014-01-09 13:06 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IPTVClient
2015-08-30 02:15 - 2013-12-28 13:03 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\mRemoteNG
2015-08-30 02:15 - 2013-12-28 13:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\mRemoteNG
2015-08-30 02:15 - 2013-01-05 15:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\com.leawo.imediago
2015-08-30 02:15 - 2012-05-28 12:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\it4vet
2015-08-30 02:15 - 2011-12-23 10:49 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-30 02:15 - 2011-12-23 10:49 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 02:15 - 2011-12-21 18:17 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco ASDM
2015-08-30 02:15 - 2011-12-17 13:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\NPE
2015-08-30 02:15 - 2011-04-15 15:55 - 00000000 ____D C:\Users\Administrator\AppData\Local\VMware
2015-08-30 02:15 - 2011-02-23 16:00 - 00000000 ____D C:\Users\Administrator\AppData\Local\Windows Live
2015-08-30 02:15 - 2011-01-11 17:34 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModuleStudio
2015-08-30 02:15 - 2010-12-04 16:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softerra LDAP Browser 2.6
2015-08-30 02:15 - 2010-11-25 16:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\dvdcss
2015-08-30 02:15 - 2010-10-27 19:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\TVEnhance
2015-08-30 02:15 - 2010-08-17 10:51 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-30 02:15 - 2010-08-03 00:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\foobar2000
2015-08-30 02:15 - 2010-08-01 16:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\albumart
2015-08-30 02:15 - 2010-08-01 11:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AccurateRip
2015-08-30 02:15 - 2010-07-31 22:08 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2015-08-30 02:14 - 2010-08-03 11:22 - 00000000 ____D C:\Users\Administrator\AppData\Local\MediaMonkey
2015-08-30 02:13 - 2015-06-05 07:17 - 00000000 ____D C:\Users\Administrator\.ebookreader
2015-08-30 02:13 - 2014-12-16 22:40 - 00000000 __SHD C:\Users\Administrator\AppData\Local\EmieBrowserModeList
2015-08-30 02:13 - 2014-09-06 18:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Akamai
2015-08-30 02:13 - 2014-09-06 17:36 - 00000000 __SHD C:\Users\Administrator\AppData\Local\EmieUserList
2015-08-30 02:13 - 2014-09-06 17:36 - 00000000 __SHD C:\Users\Administrator\AppData\Local\EmieSiteList
2015-08-30 02:13 - 2014-07-18 14:15 - 00000000 ____D C:\Users\Administrator\.ZendStudio
2015-08-30 02:13 - 2014-07-07 14:21 - 00000000 ____D C:\Users\Administrator\.nbi
2015-08-30 02:13 - 2013-11-21 09:53 - 00000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2015-08-30 02:13 - 2012-05-28 12:15 - 00000000 ____D C:\Users\Administrator\.it4vet
2015-08-30 02:13 - 2011-05-31 08:51 - 00000000 ____D C:\Temp
2015-08-30 02:09 - 2013-11-01 12:41 - 00000000 ____D C:\ProgramData\WinZip
2015-08-30 02:09 - 2013-09-17 14:24 - 00000000 ____D C:\ProgramData\WebEx
2015-08-30 02:09 - 2012-04-23 10:01 - 00000000 ____D C:\schrott
2015-08-30 02:09 - 2009-12-21 10:15 - 00000000 ____D C:\ProgramData\Vodafone
2015-08-30 02:08 - 2014-03-25 11:29 - 00000000 ____D C:\ProgramData\TEMP
2015-08-30 02:08 - 2014-03-08 12:23 - 00000000 ____D C:\ProgramData\VetStar-Bestellprogramm
2015-08-30 02:08 - 2012-08-13 12:11 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-30 02:08 - 2012-05-19 10:26 - 00000000 ____D C:\ProgramData\Quark
2015-08-30 02:08 - 2011-12-09 12:34 - 00000000 ____D C:\ProgramData\SPEXBOX
2015-08-30 02:07 - 2014-03-25 11:29 - 00000000 ____D C:\ProgramData\Licenses
2015-08-30 02:07 - 2010-11-12 21:54 - 00000000 ____D C:\ProgramData\Lexware
2015-08-30 02:07 - 2010-01-19 19:00 - 00000000 ____D C:\ProgramData\FLEXnet
2015-08-30 02:04 - 2014-08-11 19:22 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\UNZIP-FIRST-SOCIALIZE (2)
2015-08-30 02:04 - 2013-10-06 10:26 - 00000000 ___RD C:\Users\Schwedenhaus\Dropbox
2015-08-30 02:04 - 2013-03-13 10:51 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\WebShadow
2015-08-30 02:04 - 2012-05-02 15:59 - 00000000 ___RD C:\Users\Schwedenhaus\Google Drive
2015-08-30 02:04 - 2011-10-13 16:26 - 00000000 ____D C:\Users\Schwedenhaus\git
2015-08-30 02:03 - 2015-06-08 08:56 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\kindle-advanced-template
2015-08-30 02:03 - 2014-11-24 10:46 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\mod_vina_ticker_rss_UNZIP_FIRST
2015-08-30 02:03 - 2014-07-17 07:22 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\UNZIP-FIRST-JomSocial Professional (1)
2015-08-30 02:03 - 2014-07-09 18:38 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\pri_simple_quickstart_v2.1_j3
2015-08-30 02:03 - 2014-07-09 16:25 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\pri_simple_template_only_v2.2_j3_unzip
2015-08-30 02:03 - 2014-06-29 13:03 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\memtest86-iso
2015-08-30 02:03 - 2014-05-23 13:43 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\plg_simpledisqus_UNZIPFIRST
2015-08-30 02:02 - 2015-06-08 09:23 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\how_to_make_kindle_comics___children_s_books
2015-08-30 02:02 - 2015-04-22 12:31 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\Anhänge_2015422
2015-08-30 02:02 - 2015-02-04 15:52 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\chhange_files
2015-08-30 02:02 - 2014-11-22 16:45 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\iperf-2.0.5-2-win32
2015-08-30 02:02 - 2014-11-13 20:48 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\1810G-Software-P0212
2015-08-30 02:02 - 2014-09-12 16:40 - 00000000 ____D C:\Users\Schwedenhaus\Documents\Scan
2015-08-30 02:02 - 2014-08-26 08:09 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\com_rsblog_2.5-3.x (3)
2015-08-30 02:02 - 2014-07-31 13:21 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\fix
2015-08-30 02:02 - 2014-07-09 12:52 - 00000000 ____D C:\Users\Schwedenhaus\Downloads\com_virtuemart.2.9.8_extract_first
2015-08-30 02:02 - 2013-11-05 14:11 - 00000000 ____D C:\Users\Schwedenhaus\Documents\test
2015-08-30 02:02 - 2013-11-05 14:11 - 00000000 ____D C:\Users\Schwedenhaus\Documents\src
2015-08-30 02:02 - 2012-07-13 08:25 - 00000000 ____D C:\Users\Schwedenhaus\Documents\SoftMaker
2015-08-30 02:02 - 2011-04-27 15:28 - 00000000 ____D C:\Users\Schwedenhaus\Documents\OneNote-Notizbücher
2015-08-30 02:02 - 2010-08-21 16:19 - 00000000 ____D C:\Users\Schwedenhaus\Documents\Snagit
2015-08-30 02:01 - 2015-06-02 20:41 - 00000000 ____D C:\Users\Schwedenhaus\Documents\Calibre-Bibliothek
2015-08-30 02:01 - 2015-01-21 10:25 - 00000000 ____D C:\Users\Schwedenhaus\Documents\jAnrufmonitor
2015-08-30 02:01 - 2014-10-01 12:34 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Web-Sniffer
2015-08-30 02:01 - 2014-01-09 12:46 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\WatchTVProEx
2015-08-30 02:01 - 2013-11-19 10:27 - 00000000 ____D C:\Users\Schwedenhaus\Batch
2015-08-30 02:01 - 2013-11-05 14:11 - 00000000 ____D C:\Users\Schwedenhaus\Documents\lib
2015-08-30 02:01 - 2013-11-05 14:11 - 00000000 ____D C:\Users\Schwedenhaus\Documents\doc
2015-08-30 02:01 - 2013-11-05 14:11 - 00000000 ____D C:\Users\Schwedenhaus\Documents\demo
2015-08-30 02:01 - 2013-11-05 14:11 - 00000000 ____D C:\Users\Schwedenhaus\Documents\bin
2015-08-30 02:01 - 2013-11-01 12:41 - 00000000 ____D C:\Users\Schwedenhaus\Documents\Add-in Express
2015-08-30 02:01 - 2013-10-24 16:21 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Thunderbird
2015-08-30 02:01 - 2013-10-10 16:13 - 00000000 ____D C:\Users\Schwedenhaus\Documents\Inno Setup Examples Output
2015-08-30 02:01 - 2013-09-17 14:25 - 00000000 __SHD C:\Users\Schwedenhaus\Documents\cache
2015-08-30 02:01 - 2011-11-01 22:40 - 00000000 ____D C:\Users\Schwedenhaus\Documents\Decrypt Output
2015-08-30 02:01 - 2011-11-01 22:01 - 00000000 ____D C:\Users\Schwedenhaus\Documents\My Digital Editions
2015-08-30 02:01 - 2011-09-04 14:21 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\XnView
2015-08-30 02:01 - 2011-07-11 17:17 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\vlc
2015-08-30 02:01 - 2011-06-22 18:48 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Software Informer
2015-08-30 02:01 - 2011-04-15 17:53 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\VMware
2015-08-30 02:01 - 2010-09-12 09:34 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Stereoscopic Player CHIP Edition
2015-08-30 02:01 - 2010-08-24 15:59 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\WinRAR
2015-08-30 02:01 - 2010-08-02 23:20 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\PMS
2015-08-30 02:01 - 2010-07-31 23:28 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Winamp
2015-08-30 02:01 - 2010-07-27 09:14 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\TeamViewer
2015-08-30 02:01 - 2010-05-30 19:00 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Subversion
2015-08-30 02:01 - 2009-12-30 20:29 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\ZoomBrowser EX
2015-08-30 02:01 - 2009-12-02 11:23 - 00000000 ___SD C:\Users\Schwedenhaus\Documents\Meine Shapes
2015-08-30 02:01 - 2009-11-25 10:28 - 00000000 ____D C:\Users\Schwedenhaus\Documents\Fiddler2
2015-08-30 02:01 - 2009-11-22 21:11 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\skypePM
2015-08-30 02:01 - 2009-11-22 21:05 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Skype
2015-08-30 02:00 - 2014-02-06 09:05 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Notepad++
2015-08-30 01:59 - 2015-01-21 10:25 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jAnrufmonitor 5.0
2015-08-30 01:59 - 2014-07-07 14:29 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\NetBeans
2015-08-30 01:59 - 2014-03-13 15:01 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\hbide
2015-08-30 01:59 - 2014-03-13 14:24 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harbour Project 3.0
2015-08-30 01:59 - 2014-01-10 09:11 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\mRemoteNG
2015-08-30 01:59 - 2014-01-09 13:13 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\IPTVClient
2015-08-30 01:59 - 2013-10-08 09:21 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2015-08-30 01:59 - 2013-10-08 09:21 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\GitHub
2015-08-30 01:59 - 2013-10-06 10:24 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Dropbox
2015-08-30 01:59 - 2013-09-30 08:20 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-30 01:59 - 2013-07-31 15:37 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Free Monitor for Google
2015-08-30 01:59 - 2013-05-13 18:24 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\mresreg
2015-08-30 01:59 - 2013-04-21 11:58 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Barsoi System
2015-08-30 01:59 - 2013-03-09 03:47 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2015-08-30 01:59 - 2013-02-13 20:23 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kplus Warenwirtschaft
2015-08-30 01:59 - 2012-12-10 15:16 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HHD Hex Editor Neo
2015-08-30 01:59 - 2012-07-06 22:18 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\iSpy
2015-08-30 01:59 - 2012-03-27 19:11 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\gtk-2.0
2015-08-30 01:59 - 2012-01-20 16:41 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\FileZilla
2015-08-30 01:59 - 2011-12-23 10:49 - 00000000 ___RD C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-30 01:59 - 2011-12-23 10:49 - 00000000 ___RD C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 01:59 - 2011-11-13 18:08 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2015-08-30 01:59 - 2011-07-29 15:46 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco ASDM
2015-08-30 01:59 - 2011-07-26 13:34 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco ASDM-IDM Launcher
2015-08-30 01:59 - 2011-03-17 17:12 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\MySQL
2015-08-30 01:59 - 2010-08-18 08:38 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\dvdcss
2015-08-30 01:59 - 2010-08-02 16:02 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\foobar2000
2015-08-30 01:59 - 2010-05-27 12:54 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softerra LDAP Browser 2.6
2015-08-30 01:58 - 2015-06-02 20:41 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\calibre
2015-08-30 01:58 - 2013-01-05 15:25 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\com.leawo.imediago
2015-08-30 01:58 - 2011-08-25 11:32 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\com.oxygenxml
2015-08-30 01:51 - 2015-03-03 14:50 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\WinZip
2015-08-30 01:51 - 2012-01-11 03:10 - 00000000 __SHD C:\Users\Schwedenhaus\AppData\Local\{260ac5b2-4a2b-bcc4-06d5-f6e96ab7e2d5}
2015-08-30 01:51 - 2011-12-09 12:33 - 00000000 ____D C:\Program Files\SPEXClient
2015-08-30 01:51 - 2011-04-15 17:53 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\VMware
2015-08-30 01:51 - 2011-02-24 11:17 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\Windows Live
2015-08-30 01:51 - 2010-12-05 14:35 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\albumart
2015-08-30 01:51 - 2010-07-31 20:54 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Roaming\AccurateRip
2015-08-30 01:51 - 2009-11-21 14:35 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\VirtualStore
2015-08-30 01:50 - 2010-08-01 11:19 - 00000000 ____D C:\Program Files\REACT2
2015-08-30 01:49 - 2014-03-23 14:35 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\True BoxShot
2015-08-30 01:49 - 2010-06-08 16:42 - 00000000 ____D C:\Program Files\PixiePack Codec Pack
2015-08-30 01:49 - 2010-06-08 11:27 - 00000000 ____D C:\Program Files\Opera
2015-08-30 01:45 - 2012-03-20 00:19 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\Tango
2015-08-30 01:43 - 2015-06-05 07:16 - 00000000 ____D C:\Program Files\Icecream Ebook Reader
2015-08-30 01:42 - 2014-01-10 09:11 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\mRemoteNG
2015-08-30 01:42 - 2009-12-01 19:11 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\Microsoft Help
2015-08-30 01:41 - 2011-08-23 17:13 - 00000000 ____D C:\Program Files\Easy XML Editor
2015-08-30 01:40 - 2015-01-17 14:53 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\LogMeInIgnition
2015-08-30 01:40 - 2015-01-17 14:53 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\LogMeIn Client
2015-08-30 01:40 - 2011-12-15 16:02 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\gtk-2.0
2015-08-30 01:38 - 2013-10-08 09:21 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\GitHub
2015-08-30 01:37 - 2015-06-02 20:42 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\calibre-cache
2015-08-30 01:37 - 2015-01-21 10:25 - 00000000 ____D C:\jAnrufmonitor
2015-08-30 01:37 - 2014-03-13 14:23 - 00000000 ____D C:\hb30
2015-08-30 01:37 - 2012-01-04 12:47 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\DOSBox
2015-08-30 01:36 - 2010-12-07 18:57 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\Apple Computer
2015-08-30 01:35 - 2015-06-07 08:13 - 00000000 ____D C:\Users\Schwedenhaus\.kindle
2015-08-30 01:35 - 2015-02-07 13:48 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\XSLT-Test
2015-08-30 01:35 - 2014-08-30 16:20 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\torsten.egeler_add_gmail.com
2015-08-30 01:35 - 2013-11-26 19:40 - 00000000 ____D C:\Users\Schwedenhaus\.gimp-2.8
2015-08-30 01:35 - 2013-10-08 09:24 - 00000000 ____D C:\Users\Schwedenhaus\.ssh
2015-08-30 01:35 - 2013-08-07 16:48 - 00000000 ____D C:\Users\Schwedenhaus\5BCC634A58AD42F9B3C62EA52F81CF85.TMP
2015-08-30 01:35 - 2013-03-29 15:50 - 00000000 ____D C:\Users\Schwedenhaus\.ZendStudio
2015-08-30 01:35 - 2013-03-29 12:47 - 00000000 ____D C:\Users\Schwedenhaus\.zend
2015-08-30 01:35 - 2011-12-15 15:49 - 00000000 ____D C:\Users\Schwedenhaus\.zenmap
2015-08-30 01:35 - 2011-08-23 17:41 - 00000000 ____D C:\Users\Schwedenhaus\.xmldog
2015-08-30 01:34 - 2013-10-09 07:42 - 00000000 ____D C:\easyVETDemoversion
2015-08-30 01:34 - 2012-03-27 19:09 - 00000000 ____D C:\Users\Schwedenhaus\.gimp-2.6
2015-08-30 01:33 - 2015-04-15 17:10 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\PHPExcel-develop
2015-08-30 01:33 - 2014-01-31 10:15 - 00000000 ____D C:\bldat
2015-08-30 01:33 - 2013-04-23 16:23 - 00000000 ____D C:\bldat_sic
2015-08-30 01:33 - 2013-04-23 15:37 - 00000000 ____D C:\Datensicherung
2015-08-30 01:33 - 2012-08-03 09:01 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\mod_rsblog_tags
2015-08-30 01:33 - 2010-12-09 10:21 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\iWebKit5.04
2015-08-30 01:32 - 2015-01-07 09:41 - 00000000 ____D C:\barsoiliste
2015-08-30 01:32 - 2014-12-15 18:35 - 00000000 ____D C:\AdwCleaner
2015-08-30 01:32 - 2013-10-08 19:12 - 00000000 ____D C:\ARJ
2015-08-30 01:32 - 2012-06-25 09:39 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\haus
2015-08-30 01:25 - 2015-06-05 07:17 - 00000000 ____D C:\Users\Schwedenhaus\.ebookreader
2015-08-30 01:25 - 2014-07-28 15:51 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\greenville-2014
2015-08-30 01:25 - 2011-08-23 17:13 - 00000000 ____D C:\Users\Schwedenhaus\.easyxmleditor
2015-08-30 01:24 - 2015-02-04 15:51 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\chhange_files
2015-08-30 01:24 - 2014-11-25 19:05 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\Bilder für Präsentation
2015-08-30 01:24 - 2014-08-25 13:17 - 00000000 ____D C:\Users\Schwedenhaus\.ausweisapp
2015-08-30 01:24 - 2014-05-25 12:59 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\ccomment
2015-08-30 01:24 - 2013-10-10 16:25 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\barsoi-install
2015-08-30 01:24 - 2011-03-04 00:31 - 00000000 ____D C:\Users\Schwedenhaus\AppData\Local\{F5552CE3-9802-4CE0-9826-10C7A8A00F93}
2015-08-30 01:24 - 2010-08-24 15:59 - 00000000 ____D C:\Users\Schwedenhaus\Desktop\cssviewer-1.0.3-fx
2015-08-30 01:00 - 2015-06-20 10:50 - 00002450 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3086022667-2732812533-850181598-1000Core.job!___prosschiff@gmail.com_.crypt
2015-08-29 20:47 - 2012-10-22 20:42 - 00002184 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3086022667-2732812533-850181598-1000Core.job!___prosschiff@gmail.com_.crypt
2015-08-28 09:36 - 2009-11-21 14:54 - 00003600 ____H C:\Users\Schwedenhaus\Documents\Default.rdp!___prosschiff@gmail.com_.crypt
2015-08-27 16:47 - 2012-01-05 13:07 - 00001850 _____ C:\Users\Schwedenhaus\AppData\Local\PUTTY.RND!___prosschiff@gmail.com_.crypt
2015-08-20 03:18 - 2012-01-03 08:48 - 00962670 _____ C:\Windows\PFRO.log
2015-08-18 14:21 - 2012-05-02 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-17 13:24 - 2014-12-08 09:56 - 00012274 _____ C:\Windows\system32\TeamViewer10_Hooks.log
2015-08-17 13:24 - 2014-11-12 08:47 - 00000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-08-12 16:40 - 2012-05-02 12:51 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-12 16:40 - 2011-06-21 16:16 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-12 07:19 - 2011-12-23 21:00 - 00001588 ___SH C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini!___prosschiff@gmail.com_.crypt
2015-08-12 07:19 - 2009-11-21 14:36 - 00001652 ___SH C:\Users\Schwedenhaus\Documents\desktop.ini!___prosschiff@gmail.com_.crypt
2015-08-12 07:19 - 2009-11-21 14:36 - 00001532 ___SH C:\Users\Schwedenhaus\Downloads\desktop.ini!___prosschiff@gmail.com_.crypt
2015-08-12 07:19 - 2009-11-21 14:36 - 00001532 ___SH C:\Users\Schwedenhaus\Desktop\desktop.ini!___prosschiff@gmail.com_.crypt
2015-08-12 07:19 - 2009-11-21 14:36 - 00001424 ___SH C:\Users\Schwedenhaus\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini!___prosschiff@gmail.com_.crypt
2015-08-12 04:11 - 2013-12-12 05:10 - 00000000 ____D C:\Windows\rescache
2015-08-12 03:40 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-12 03:34 - 2009-07-14 06:33 - 03919080 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 03:33 - 2014-12-11 04:24 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 03:33 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 03:33 - 2009-11-22 13:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 03:33 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2015-08-12 03:33 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-08-12 03:17 - 2009-12-02 11:17 - 00000039 _____ C:\Windows\vbaddin.ini
2015-08-12 03:17 - 2009-11-24 13:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 03:16 - 2010-06-04 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 03:13 - 2013-07-13 03:01 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 03:04 - 2011-12-23 13:59 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-11-19 19:41 - 2012-11-19 19:41 - 0000011 _____ () C:\ProgramData\.tv7
2012-11-19 19:41 - 2012-11-19 19:41 - 0001261 _____ () C:\ProgramData\.tv7!___prosschiff@gmail.com_.crypt
Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\AQOle32.dll
C:\Users\Administrator\AppData\Local\Temp\AQShell32.dll
C:\Users\Administrator\AppData\Local\Temp\sqlite3.dll
C:\Users\Schwedenhaus\AppData\Local\Temp\AQOle32.dll
C:\Users\Schwedenhaus\AppData\Local\Temp\AQShell32.dll
C:\Users\Schwedenhaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaha7eg.dll
C:\Users\Schwedenhaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpftkflc.dll
C:\Users\Schwedenhaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpg5zo3o.dll
C:\Users\Schwedenhaus\AppData\Local\Temp\sqlite3.dll
C:\Users\Schwedenhaus\AppData\Local\Temp\swt-gdip-win32-3452.dll
C:\Users\Schwedenhaus\AppData\Local\Temp\swt-win32-3452.dll
C:\Users\TEMP.SH-PC2.031\AppData\Local\Temp\AQOle32.dll
C:\Users\TEMP.SH-PC2.031\AppData\Local\Temp\AQShell32.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-22 00:25
==================== Ende vom FRST.txt ============================
|
Revo Uninstaller (alternativ 
dann auf 
und dann auf 
. 
Linear-Darstellung
