| |
| |||||||
Log-Analyse und Auswertung: Windows 7: RSA-2048 Trojaner seit gesternWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
12.12.2015, 15:05
| #16 |
 |  Windows 7: RSA-2048 Trojaner seit gestern FRST2.txt Logfile Code:
ATTFilter 2015-11-26 16:11 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-26 16:11 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-26 16:11 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-26 16:11 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-26 16:11 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-26 16:11 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-26 16:11 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-26 16:11 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-26 16:11 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-26 16:08 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-11-26 16:08 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-26 16:08 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-11-26 15:52 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-11-26 15:52 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-11-26 15:52 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-11-26 15:52 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-11-26 15:51 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-26 15:51 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-26 15:50 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-11-26 15:50 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-11-26 15:50 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-11-26 15:50 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-11-26 15:50 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-11-26 15:50 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-11-26 15:50 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-12 14:54 - 2009-07-14 06:13 - 01731178 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-12 14:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-12 14:54 - 2006-10-11 08:02 - 00744672 _____ C:\Windows\system32\perfh007.dat
2015-12-12 14:54 - 2006-10-11 08:02 - 00167478 _____ C:\Windows\system32\perfc007.dat
2015-12-12 14:49 - 2015-05-16 08:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-12 14:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-12 14:48 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-12 14:48 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-12 10:07 - 2011-07-13 11:27 - 01750652 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-11 20:19 - 2011-01-25 13:54 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\TeamViewer
2015-12-11 19:46 - 2015-05-16 08:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-11 19:08 - 2010-04-29 13:43 - 00000000 ____D C:\Users\Multimedia
2015-12-11 15:55 - 2012-12-06 14:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-11 15:36 - 2009-10-17 03:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-11 15:34 - 2012-09-06 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-11 15:33 - 2012-09-06 14:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 15:33 - 2012-09-06 14:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-11 15:26 - 2015-07-17 10:45 - 00001474 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2015-12-11 15:26 - 2015-05-11 09:56 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-12-11 15:26 - 2013-12-15 19:51 - 00002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-12-11 15:26 - 2013-12-15 19:51 - 00001949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-12-11 15:26 - 2013-12-15 19:51 - 00001928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2015-12-11 15:26 - 2013-11-27 15:31 - 00001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Twin.lnk
2015-12-11 15:26 - 2013-07-23 07:52 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-12-11 15:26 - 2013-04-09 08:20 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
2015-12-11 15:26 - 2013-01-04 09:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-12-11 15:26 - 2011-07-20 09:10 - 00002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2015-12-11 15:26 - 2009-10-17 02:46 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-11 15:26 - 2009-10-17 02:46 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-11 15:26 - 2009-07-14 05:57 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-11 15:26 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-12-11 15:26 - 2009-07-14 05:57 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-12-11 15:26 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-12-11 15:26 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-12-11 15:25 - 2015-06-12 11:11 - 00001068 _____ C:\Users\Multimedia\Desktop\Vollmacht zur Vertretung v1.0 - Verknüpfung.lnk
2015-12-11 15:25 - 2014-07-21 09:20 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Naru
2015-12-11 15:25 - 2013-07-30 10:03 - 00001126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-12-11 15:25 - 2010-04-29 13:45 - 00001425 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-11 15:25 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-11 15:25 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-12-11 15:25 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-12-10 22:42 - 2015-04-11 11:26 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-10 22:42 - 2014-02-06 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-10 22:42 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast
2015-12-10 22:42 - 2011-07-13 13:40 - 00000000 ____D C:\Users\UpdatusUser
2015-12-10 22:42 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-10 16:48 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2015-12-10 15:52 - 2015-09-17 09:04 - 00000000 ____D C:\Windows\Minidump
2015-12-10 15:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-10 14:15 - 2012-12-27 10:56 - 00000000 ____D C:\Windows\pss
2015-12-09 14:10 - 2015-09-16 15:19 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\dvdcss
2015-12-09 14:10 - 2015-09-16 14:25 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\vlc
2015-12-09 14:10 - 2015-09-15 14:54 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Sun
2015-12-09 14:10 - 2015-09-10 09:58 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-12-09 14:10 - 2015-09-10 09:49 - 00000000 ____D C:\Users\Multimedia\Documents\UseNeXT
2015-12-09 14:10 - 2015-09-10 09:49 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\UseNeXT
2015-12-09 14:10 - 2015-07-24 10:34 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-09 14:10 - 2015-07-17 10:48 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\elsterformular
2015-12-09 14:10 - 2015-01-23 10:16 - 00000000 ____D C:\Users\Multimedia\Documents\JC_Anträge
2015-12-09 14:10 - 2015-01-09 19:42 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Opera Software
2015-12-09 14:10 - 2015-01-09 19:37 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\TuneUp Software
2015-12-09 14:10 - 2014-12-09 14:51 - 00000000 ____D C:\Users\Multimedia\Downloads\Smartphone
2015-12-09 14:10 - 2014-10-20 09:09 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-12-09 14:10 - 2014-09-15 12:25 - 00000000 __RSD C:\Users\Multimedia\Documents\My Stationery
2015-12-09 14:10 - 2014-07-21 09:20 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Ekeras
2015-12-09 14:10 - 2014-05-17 11:11 - 00000000 ____D C:\Users\Multimedia\Downloads\FileZilla_3.8.0_win32
2015-12-09 14:10 - 2014-05-17 11:11 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\FileZilla
2015-12-09 14:10 - 2014-01-24 16:00 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\DAEMON Tools Lite
2015-12-09 14:10 - 2013-12-16 18:20 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\EPSON
2015-12-09 14:10 - 2013-11-27 20:42 - 00000000 ____D C:\Users\Multimedia\Documents\LG OSP
2015-12-09 14:10 - 2013-07-30 10:03 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\WinRAR
2015-12-09 14:10 - 2013-07-30 10:03 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 14:10 - 2013-07-20 15:37 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Skype
2015-12-09 14:10 - 2013-06-26 10:21 - 00000000 ____D C:\Users\Multimedia\Formular-Management-System der Bundesfinanzverwaltung (010190 - KG 1 - Anlage Kind)_files
2015-12-09 14:10 - 2013-04-09 11:59 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\PDAppFlex
2015-12-09 14:10 - 2013-04-09 08:35 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\SolidDocuments
2015-12-09 14:10 - 2012-12-03 11:21 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\QuickScan
2015-12-09 14:10 - 2012-11-16 14:48 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\HpUpdate
2015-12-09 14:10 - 2012-10-20 13:25 - 00000000 ____D C:\Users\Multimedia\Documents\My Games
2015-12-09 14:10 - 2012-09-27 14:15 - 00000000 ____D C:\Users\Multimedia\Downloads\CNL_BB_topless_v1
2015-12-09 14:10 - 2012-09-22 13:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Amazon_Appstore
2015-12-09 14:10 - 2012-08-03 15:33 - 00000000 ____D C:\Users\Multimedia\Documents\lieferschein-drucken-Dateien
2015-12-09 14:10 - 2012-07-21 15:25 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\NVIDIA
2015-12-09 14:10 - 2012-07-21 12:04 - 00000000 ___SD C:\Users\Multimedia\Documents\Eigene Datenquellen
2015-12-09 14:10 - 2012-07-19 18:39 - 00000000 ____D C:\Users\Multimedia\temp
2015-12-09 14:10 - 2011-12-28 17:05 - 00000000 ___RD C:\Users\Multimedia\Documents\Scanned Documents
2015-12-09 14:10 - 2011-12-28 17:05 - 00000000 ____D C:\Users\Multimedia\Documents\Fax
2015-12-09 14:10 - 2011-12-07 14:03 - 00000000 ____D C:\Users\Multimedia\Downloads\EG-V1_2_17_34_EFI
2015-12-09 14:10 - 2011-12-07 14:01 - 00000000 ____D C:\Users\Multimedia\Downloads\Express_Gate_Cloud_Source_Code
2015-12-09 14:10 - 2011-11-25 22:21 - 00000000 ____D C:\Users\Multimedia\Downloads\avira_registry_cleaner_de
2015-12-09 14:10 - 2011-11-24 20:58 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\yWorks
2015-12-09 14:10 - 2011-11-03 14:10 - 00000000 ____D C:\Users\Multimedia\Documents\DVDVideoSoft
2015-12-09 14:10 - 2011-11-03 14:10 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\DVDVideoSoft
2015-12-09 14:10 - 2011-10-24 12:22 - 00000000 ____D C:\Users\Multimedia\Downloads\Auhip_5098_port
2015-12-09 14:10 - 2011-09-12 11:41 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\InstallShield
2015-12-09 14:10 - 2011-07-22 11:31 - 00000000 ____D C:\Users\Multimedia\Documents\LG PC Suite IV
2015-12-09 14:10 - 2011-07-13 14:27 - 00000000 ____D C:\Users\Multimedia\Downloads\SuperOneClick
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\SuperOneClickv1.9-ShortFuse.Drivers
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Root
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Exploits
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Dependencies
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\ADB
2015-12-09 14:10 - 2011-07-13 13:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs
2015-12-09 14:10 - 2011-07-13 13:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2015-12-09 14:10 - 2011-07-13 12:33 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2015-12-09 14:10 - 2011-07-08 11:05 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Template
2015-12-09 14:10 - 2011-06-27 14:59 - 00000000 ____D C:\Users\Multimedia\Documents\OneNote-Notizbücher
2015-12-09 14:10 - 2011-06-17 16:56 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\ScanSoft
2015-12-09 14:10 - 2011-06-14 11:46 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Logitech
2015-12-09 14:10 - 2011-06-14 11:46 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Leadertech
2015-12-09 14:10 - 2011-06-14 10:33 - 00000000 ____D C:\Users\Multimedia\Documents\Eigene PaperPort-Dokumente
2015-12-09 14:10 - 2011-06-14 10:33 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Zeon
2015-12-09 14:10 - 2010-10-03 16:07 - 00000000 ____D C:\Users\Multimedia\Downloads\[www.busters.to]...Asterix.bei.den.Olympischen.Spielen.German.AC3.DVDRip.XviD-CRUCiAL
2015-12-09 14:10 - 2010-09-13 14:16 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\uTorrent
2015-12-09 14:10 - 2010-08-20 13:38 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Nero
2015-12-09 14:10 - 2010-06-11 11:47 - 00000000 ____D C:\Users\Multimedia\Documents\iMacros
2015-12-09 14:10 - 2010-05-13 21:23 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\GameConsole
2015-12-09 14:10 - 2010-05-08 05:51 - 00000000 ____D C:\Users\Multimedia\dwhelper
2015-12-09 14:10 - 2010-05-07 12:28 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Win7codecs
2015-12-09 14:10 - 2010-05-07 12:17 - 00000000 ____D C:\Users\Multimedia\Tracing
2015-12-09 14:10 - 2010-05-01 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\DivX
2015-12-09 14:10 - 2010-04-29 15:57 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Mozilla
2015-12-09 14:10 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Google
2015-12-09 14:10 - 2010-04-29 13:46 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Macromedia
2015-12-09 14:10 - 2010-04-29 13:43 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Media Center Programs
2015-12-09 14:10 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-09 14:10 - 2006-10-10 22:34 - 00000000 ____D C:\Users\Public\Documents\Screensaver
2015-12-09 14:09 - 2015-09-17 13:31 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\AVG
2015-12-09 14:09 - 2015-09-15 14:53 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Oracle
2015-12-09 14:09 - 2015-07-24 10:31 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Steam
2015-12-09 14:09 - 2015-06-24 10:04 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Battle.net
2015-12-09 14:09 - 2015-01-12 12:03 - 00000000 __SHD C:\Users\Multimedia\AppData\LocalLow\EmieBrowserModeList
2015-12-09 14:09 - 2015-01-09 19:42 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Opera Software
2015-12-09 14:09 - 2015-01-09 19:37 - 00000000 ____D C:\Users\Multimedia\AppData\Local\TuneUp Software
2015-12-09 14:09 - 2014-10-08 13:09 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\CodeTwo CatMan
2015-12-09 14:09 - 2014-06-11 12:53 - 00000000 __SHD C:\Users\Multimedia\AppData\LocalLow\EmieUserList
2015-12-09 14:09 - 2014-05-14 14:25 - 00000000 __SHD C:\Users\Multimedia\AppData\LocalLow\EmieSiteList
2015-12-09 14:09 - 2014-03-06 10:43 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Skype
2015-12-09 14:09 - 2013-08-27 15:52 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\EPSON
2015-12-09 14:09 - 2013-04-09 08:21 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-12-09 14:09 - 2013-03-25 14:45 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Windows Live
2015-12-09 14:09 - 2012-11-16 14:46 - 00000000 ____D C:\Users\Multimedia\AppData\Local\HP
2015-12-09 14:09 - 2012-08-17 08:32 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\boost_interprocess
2015-12-09 14:09 - 2012-07-26 08:16 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Macromedia
2015-12-09 14:09 - 2012-07-21 11:18 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Unity
2015-12-09 14:09 - 2012-07-21 11:18 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Unity
2015-12-09 14:09 - 2012-03-14 08:29 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Apple Computer
2015-12-09 14:09 - 2012-02-14 18:34 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Apple Computer
2015-12-09 14:09 - 2011-11-30 13:23 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Canneverbe Limited
2015-12-09 14:09 - 2011-07-22 11:31 - 00000000 ____D C:\Users\Multimedia\AppData\Local\LG Electronics
2015-12-09 14:09 - 2011-07-13 11:19 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Sun
2015-12-09 14:09 - 2011-07-06 16:10 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Adobe
2015-12-09 14:09 - 2011-07-01 14:14 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Oberon Games
2015-12-09 14:09 - 2011-06-21 09:19 - 00000000 ___RD C:\Users\Multimedia\AppData\Roaming\Brother
2015-12-09 14:09 - 2010-10-26 19:36 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\TVU Networks
2015-12-09 14:09 - 2010-10-26 19:36 - 00000000 ____D C:\Users\Multimedia\AppData\Local\TVU Networks
2015-12-09 14:09 - 2010-09-13 14:16 - 00000000 ____D C:\Users\Multimedia\AppData\Local\uTorrent
2015-12-09 14:09 - 2010-06-30 12:37 - 00000000 ___SD C:\Users\Multimedia\AppData\LocalLow\Temp
2015-12-09 14:09 - 2010-04-30 10:08 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Microsoft Help
2015-12-09 14:09 - 2010-04-29 20:10 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Microsoft Games
2015-12-09 14:09 - 2010-04-29 15:57 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Mozilla
2015-12-09 14:09 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Adobe
2015-12-09 14:09 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Google
2015-12-09 14:09 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Google
2015-12-09 14:09 - 2010-04-29 13:45 - 00000000 ____D C:\Users\Multimedia\AppData\Local\VirtualStore
2015-12-09 14:08 - 2015-09-17 13:26 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Avg
2015-12-09 14:08 - 2015-09-15 14:54 - 00000000 ____D C:\Users\Multimedia\.oracle_jre_usage
2015-12-09 14:08 - 2015-07-24 10:31 - 00000000 ____D C:\Users\Multimedia\AppData\Local\CEF
2015-12-09 14:08 - 2015-07-17 10:50 - 00000000 ____D C:\Users\Multimedia\AppData\Local\elfopatch
2015-12-09 14:08 - 2015-06-24 10:05 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Blizzard Entertainment
2015-12-09 14:08 - 2015-06-24 10:04 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Battle.net
2015-12-09 14:08 - 2015-01-12 12:03 - 00000000 __SHD C:\Users\Multimedia\AppData\Local\EmieBrowserModeList
2015-12-09 14:08 - 2014-12-09 12:59 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Template
2015-12-09 14:08 - 2014-11-12 16:06 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Mozilla
2015-12-09 14:08 - 2014-11-12 16:06 - 00000000 ____D C:\Users\Gast\AppData\Local\Mozilla
2015-12-09 14:08 - 2014-11-12 14:20 - 00000000 ____D C:\Users\Gast\Documents\Sümeye
2015-12-09 14:08 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\LocalLow\EmieUserList
2015-12-09 14:08 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\LocalLow\EmieSiteList
2015-12-09 14:08 - 2014-05-14 14:25 - 00000000 __SHD C:\Users\Multimedia\AppData\Local\EmieUserList
2015-12-09 14:08 - 2014-05-14 14:25 - 00000000 __SHD C:\Users\Multimedia\AppData\Local\EmieSiteList
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Media Center Programs
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Local\Microsoft Help
2015-12-09 14:08 - 2013-11-09 14:39 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Apps\2.0
2015-12-09 14:08 - 2012-08-17 08:32 - 00000000 ____D C:\Users\Multimedia\AppData\Local\DDMSettings
2015-12-09 14:08 - 2012-02-14 18:35 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Apple
2015-12-09 14:08 - 2010-04-29 19:54 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Adobe
2015-12-09 14:08 - 2010-04-29 13:46 - 00000000 ____D C:\Users\Multimedia\AppData\Local\EgisTec
2015-12-09 14:07 - 2015-09-16 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-09 14:07 - 2015-09-10 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-12-09 14:07 - 2015-09-10 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-12-09 14:07 - 2015-07-17 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-12-09 14:07 - 2015-07-17 10:44 - 00000000 ____D C:\ProgramData\elsterformular
2015-12-09 14:07 - 2015-06-24 10:04 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-12-09 14:07 - 2015-06-24 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-12-09 14:07 - 2015-03-20 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-09 14:07 - 2015-03-06 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-09 14:07 - 2015-03-06 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-12-09 14:07 - 2015-01-09 19:34 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-12-09 14:07 - 2014-11-12 16:09 - 00000000 ____D C:\Users\Gast\AppData\Local\Macromedia
2015-12-09 14:07 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\Local\EmieUserList
2015-12-09 14:07 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\Local\EmieSiteList
2015-12-09 14:07 - 2014-06-20 15:10 - 00000000 ____D C:\ProgramData\Oracle
2015-12-09 14:07 - 2014-02-14 13:41 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
2015-12-09 14:07 - 2014-01-24 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-12-09 14:07 - 2014-01-24 16:00 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-12-09 14:07 - 2013-11-09 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-12-09 14:07 - 2013-07-30 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 14:07 - 2013-07-20 15:37 - 00000000 ____D C:\ProgramData\Skype
2015-12-09 14:07 - 2013-06-12 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-12-09 14:07 - 2013-06-12 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-12-09 14:07 - 2013-06-12 12:52 - 00000000 ____D C:\ProgramData\EPSON
2015-12-09 14:07 - 2013-04-09 08:29 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-09 14:07 - 2012-11-16 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-09 14:07 - 2012-11-16 14:47 - 00000000 ____D C:\ProgramData\HP
2015-12-09 14:07 - 2012-10-20 14:27 - 00000000 ____D C:\ProgramData\Sandlot Games
2015-12-09 14:07 - 2012-08-20 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-12-09 14:07 - 2012-07-31 09:36 - 00000000 ____D C:\ProgramData\Mozilla
2015-12-09 14:07 - 2012-07-02 15:27 - 00000000 ____D C:\ProgramData\Friends Games
2015-12-09 14:07 - 2012-06-05 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Stream
2015-12-09 14:07 - 2011-11-30 13:23 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-12-09 14:07 - 2011-11-24 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor
2015-12-09 14:07 - 2011-09-12 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-12-09 14:07 - 2011-08-03 14:16 - 00000000 ____D C:\ProgramData\Sun
2015-12-09 14:07 - 2011-07-22 11:59 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2015-12-09 14:07 - 2011-07-13 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Basic 6.0 Runtime&Steuerelemente
2015-12-09 14:07 - 2011-07-13 11:26 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2015-12-09 14:07 - 2011-06-23 14:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-09 14:07 - 2011-06-20 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
2015-12-09 14:07 - 2011-06-20 09:56 - 00000000 ____D C:\ProgramData\Macromedia
2015-12-09 14:07 - 2011-06-17 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 9.0
2015-12-09 14:07 - 2011-06-14 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-09 14:07 - 2011-06-14 11:42 - 00000000 ____D C:\ProgramData\Logitech
2015-12-09 14:07 - 2011-06-14 11:41 - 00000000 ____D C:\ProgramData\LogiShrd
2015-12-09 14:07 - 2011-06-14 10:32 - 00000000 ____D C:\ProgramData\InstallShield
2015-12-09 14:07 - 2011-06-14 10:30 - 00000000 ____D C:\ProgramData\ScanSoft
2015-12-09 14:07 - 2011-06-14 09:31 - 00000000 ____D C:\ProgramData\Brother
2015-12-09 14:07 - 2011-06-13 14:57 - 00000000 ____D C:\ProgramData\ODIR
2015-12-09 14:07 - 2011-05-03 19:27 - 00000000 ____D C:\ProgramData\TEMP
2015-12-09 14:07 - 2010-10-26 19:36 - 00000000 ____D C:\ProgramData\TVU Networks
2015-12-09 14:07 - 2010-08-23 14:18 - 00000000 ____D C:\ProgramData\NortonInstaller
2015-12-09 14:07 - 2010-08-23 14:18 - 00000000 ____D C:\ProgramData\Norton
2015-12-09 14:07 - 2010-05-07 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2015-12-09 14:07 - 2010-05-07 12:23 - 00000000 ____D C:\ProgramData\Win7codecs
2015-12-09 14:07 - 2010-05-01 15:52 - 00000000 ____D C:\ProgramData\DivX
2015-12-09 14:07 - 2009-10-17 03:39 - 00000000 ____D C:\ProgramData\Symantec
2015-12-09 14:07 - 2009-10-17 03:39 - 00000000 ____D C:\ProgramData\OEM
2015-12-09 14:07 - 2009-10-17 03:39 - 00000000 ____D C:\ProgramData\EgisTec
2015-12-09 14:07 - 2009-10-17 03:37 - 00000000 ____D C:\ProgramData\eSobi
2015-12-09 14:07 - 2009-10-17 03:30 - 00000000 ____D C:\ProgramData\Nero
2015-12-09 14:07 - 2009-10-17 03:28 - 00000000 ____D C:\ProgramData\SiteAdvisor
2015-12-09 14:07 - 2009-10-17 03:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-12-09 14:07 - 2009-10-17 03:24 - 00000000 ____D C:\ProgramData\McAfee
2015-12-09 14:07 - 2009-10-17 03:23 - 00000000 ____D C:\ProgramData\Google
2015-12-09 14:07 - 2009-10-17 03:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-09 14:07 - 2009-10-17 03:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-09 14:07 - 2009-10-17 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2015-12-09 14:07 - 2009-10-17 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2015-12-09 14:07 - 2009-10-17 02:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-09 14:07 - 2006-10-10 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-12-09 14:07 - 2006-10-10 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-09 14:07 - 2006-10-10 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-12-09 14:07 - 2006-10-10 22:13 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-09 14:06 - 2015-09-17 08:39 - 00000000 ____D C:\ProgramData\AVG
2015-12-09 14:06 - 2015-06-24 10:01 - 00000000 ____D C:\ProgramData\Battle.net
2015-12-09 14:06 - 2015-03-06 15:27 - 00000000 ____D C:\ProgramData\Apple Computer
2015-12-09 14:06 - 2014-10-18 15:51 - 00000000 ____D C:\ab42784a-c434-4487-a840-d10eaa9a0cf6
2015-12-09 14:06 - 2014-02-16 17:31 - 00000000 ____D C:\bkazan_ablage
2015-12-09 14:06 - 2012-07-20 16:10 - 00000000 ____D C:\0a66a0105cf1a8146a0619
2015-12-09 14:06 - 2012-02-14 18:34 - 00000000 ____D C:\ProgramData\Apple
2015-12-09 14:06 - 2011-07-22 12:06 - 00000000 ____D C:\GD880
2015-12-09 14:06 - 2011-07-20 09:05 - 00000000 ____D C:\Medion
2015-12-09 14:06 - 2011-07-13 14:19 - 00000000 ____D C:\SuperOneClick
2015-12-09 14:06 - 2009-10-17 03:40 - 00000000 ___HD C:\OEM
2015-12-09 14:06 - 2009-10-17 03:36 - 00000000 ____D C:\ProgramData\Adobe
2015-12-09 14:06 - 2009-10-17 03:20 - 00000000 ____D C:\ProgramData\Acer
2015-12-09 14:06 - 2009-10-17 03:12 - 00000000 ____D C:\ProgramData\BackupManager
2015-12-09 14:06 - 2009-07-14 04:20 - 00000000 ____D C:\PerfLogs
2015-12-09 14:06 - 2006-10-10 22:20 - 00000000 ____D C:\book
2015-12-09 10:34 - 2015-10-23 15:29 - 00012142 _____ C:\Users\Multimedia\Downloads\Momox_Gratis-Paketaufkleber_604153717_1.pdf.vvv
2015-12-09 10:34 - 2015-10-13 09:34 - 00012126 _____ C:\Users\Multimedia\Downloads\Ihre Retourenmarke.pdf.vvv
2015-12-09 10:34 - 2015-10-13 09:06 - 00012126 _____ C:\Users\Multimedia\Downloads\Momox_Gratis-Paketaufkleber_876996580_1.pdf.vvv
2015-12-09 10:34 - 2015-05-25 13:41 - 00043966 _____ C:\Users\Multimedia\Downloads\Mustervertrag_15-2013.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:35 - 00250606 _____ C:\Users\Multimedia\Downloads\mdb-elterngeld-antrag.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:35 - 00131662 _____ C:\Users\Multimedia\Downloads\elterngeld_antrag (2).pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:32 - 00065598 _____ C:\Users\Multimedia\Downloads\merkblatt_elterngeld.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:31 - 00131662 _____ C:\Users\Multimedia\Downloads\elterngeld_antrag.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:31 - 00131662 _____ C:\Users\Multimedia\Downloads\elterngeld_antrag (1).pdf.vvv
2015-12-09 10:34 - 2015-04-23 13:30 - 00068014 _____ C:\Users\Multimedia\Downloads\nachweis_eigenbemuehungen.doc.vvv
2015-12-09 10:34 - 2015-04-23 13:30 - 00016814 _____ C:\Users\Multimedia\Downloads\nachweis_von_eigenbemuehungen.xls.vvv
2015-12-09 10:34 - 2015-03-21 15:33 - 00029070 _____ C:\Users\Multimedia\Downloads\erloeschen_aufenthaltstitel (1).pdf.vvv
2015-12-09 10:34 - 2015-03-21 15:07 - 00029070 _____ C:\Users\Multimedia\Downloads\erloeschen_aufenthaltstitel.pdf.vvv
2015-12-09 10:34 - 2015-03-21 15:06 - 00030094 _____ C:\Users\Multimedia\Downloads\labo_4323_antrag_auf_erteilung_der_ne_2007.pdf.vvv
2015-12-09 10:34 - 2015-02-24 18:24 - 00118814 _____ C:\Users\Multimedia\Downloads\Muell_OT_2007.pdf.vvv
2015-12-09 10:34 - 2015-02-16 10:51 - 00023550 _____ C:\Users\Multimedia\Downloads\tutis (2).odt.vvv
2015-12-09 10:34 - 2015-02-16 10:50 - 00023550 _____ C:\Users\Multimedia\Downloads\tutis (1).odt.vvv
2015-12-09 10:34 - 2015-02-16 10:48 - 00023550 _____ C:\Users\Multimedia\Downloads\tutis.odt.vvv
2015-12-09 10:34 - 2015-02-05 11:14 - 00150462 _____ C:\Users\Multimedia\Downloads\form.doc.vvv
2015-12-09 10:34 - 2015-01-10 08:04 - 00160350 _____ C:\Users\Multimedia\Downloads\mdb-gewa1_online.pdf.vvv
2015-12-09 10:34 - 2014-12-31 12:50 - 02405358 _____ C:\Users\Multimedia\Downloads\Pass_Aufenthalt.pdf.vvv
2015-12-09 10:34 - 2014-11-01 12:21 - 00345294 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000443186.pdf.vvv
2015-12-09 10:34 - 2014-11-01 11:57 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000443155.pdf.vvv
2015-12-09 10:34 - 2014-10-25 10:59 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000432162.pdf.vvv
2015-12-09 10:34 - 2014-10-21 16:21 - 00345854 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000427981.pdf.vvv
2015-12-09 10:34 - 2014-10-21 12:56 - 00345934 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000427713.pdf.vvv
2015-12-09 10:34 - 2014-10-21 11:27 - 00345950 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000427560.pdf.vvv
2015-12-09 10:34 - 2014-10-16 10:06 - 00345774 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000423284.pdf.vvv
2015-12-09 10:34 - 2014-10-16 09:33 - 00345310 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000423234.pdf.vvv
2015-12-09 10:34 - 2014-10-15 16:13 - 00345870 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000422714.pdf.vvv
2015-12-09 10:34 - 2014-10-15 10:29 - 00345454 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000422311.pdf.vvv
2015-12-09 10:34 - 2014-10-15 07:53 - 00005550 _____ C:\Users\Multimedia\Downloads\Export_15_10_2014_06-52-37.xls.vvv
2015-12-09 10:34 - 2014-10-15 07:52 - 00005550 _____ C:\Users\Multimedia\Downloads\Export_15_10_2014_06-52-25.xls.vvv
2015-12-09 10:34 - 2014-10-14 11:42 - 00345358 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000421088.pdf.vvv
2015-12-09 10:34 - 2014-10-13 09:36 - 00345918 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000419580.pdf.vvv
2015-12-09 10:34 - 2014-10-10 15:11 - 00345422 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000418043.pdf.vvv
2015-12-09 10:34 - 2014-10-10 10:52 - 00345086 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000417755.pdf.vvv
2015-12-09 10:34 - 2014-10-09 11:34 - 00345246 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000416737.pdf.vvv
2015-12-09 10:34 - 2014-10-07 16:05 - 00345486 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000414784.pdf.vvv
2015-12-09 10:34 - 2014-10-07 09:48 - 00227854 _____ C:\Users\Multimedia\Downloads\kostenlose Vorlage Untermietvertrag (227 KB).pdf.vvv
2015-12-09 10:34 - 2014-10-07 09:48 - 00227854 _____ C:\Users\Multimedia\Downloads\kostenlose Vorlage Untermietvertrag (227 KB) (1).pdf.vvv
2015-12-09 10:34 - 2014-10-07 09:48 - 00041902 _____ C:\Users\Multimedia\Downloads\untermietervertrag.doc.vvv
2015-12-09 10:34 - 2014-10-06 09:40 - 00344494 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000412401.pdf.vvv
2015-12-09 10:34 - 2014-10-01 19:35 - 00092078 _____ C:\Users\Multimedia\Downloads\Export_01_10_2014_18-35-14.xls.vvv
2015-12-09 10:34 - 2014-10-01 12:48 - 00345294 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000409293.pdf.vvv
2015-12-09 10:34 - 2014-09-30 18:09 - 00346462 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408527.pdf.vvv
2015-12-09 10:34 - 2014-09-30 17:47 - 00346302 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408504.pdf.vvv
2015-12-09 10:34 - 2014-09-30 17:28 - 00345758 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408484.pdf.vvv
2015-12-09 10:34 - 2014-09-30 15:45 - 00345710 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408413.pdf.vvv
2015-12-09 10:34 - 2014-09-30 15:04 - 00346158 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408355.pdf.vvv
2015-12-09 10:34 - 2014-09-30 14:52 - 00345598 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408344.pdf.vvv
2015-12-09 10:34 - 2014-09-30 10:01 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407881.pdf.vvv
2015-12-09 10:34 - 2014-09-30 09:58 - 00345854 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407870.pdf.vvv
2015-12-09 10:34 - 2014-09-30 09:55 - 00346062 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407859.pdf.vvv
2015-12-09 10:34 - 2014-09-30 09:51 - 00345566 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407847.pdf.vvv
2015-12-09 10:34 - 2014-09-30 08:48 - 00345806 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407750.pdf.vvv
2015-12-09 10:34 - 2014-09-26 07:28 - 00345374 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000404370.pdf.vvv
2015-12-09 10:34 - 2014-09-25 13:03 - 00345934 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000403653.pdf.vvv
2015-12-09 10:34 - 2014-09-25 08:36 - 00347006 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000403273.pdf.vvv
2015-12-09 10:34 - 2014-09-24 11:52 - 00346302 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000402458.pdf.vvv
2015-12-09 10:34 - 2014-09-24 09:49 - 00005038 _____ C:\Users\Multimedia\Downloads\Export_24_09_2014_08-49-07.xls.vvv
2015-12-09 10:34 - 2014-09-24 08:12 - 00005038 _____ C:\Users\Multimedia\Downloads\Export_24_09_2014_07-12-25.xls.vvv
2015-12-09 10:34 - 2014-09-23 13:49 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000401253.pdf.vvv
2015-12-09 10:34 - 2014-09-23 13:46 - 00345326 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000401246.pdf.vvv
2015-12-09 10:34 - 2014-09-22 14:35 - 00345566 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399902.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:59 - 00346078 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399530.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:21 - 00346206 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399495.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:16 - 00344926 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399491.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:12 - 00346462 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399486.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:07 - 00345998 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399475.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:07 - 00345998 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399475 (1).pdf.vvv
2015-12-09 10:34 - 2014-09-22 07:28 - 00345278 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399446.pdf.vvv
2015-12-09 10:34 - 2014-09-16 18:14 - 00345662 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000395542.pdf.vvv
2015-12-09 10:34 - 2014-09-16 17:43 - 00345886 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000395503.pdf.vvv
2015-12-09 10:34 - 2014-09-13 11:08 - 00029630 _____ C:\Users\Multimedia\Downloads\Order.pdf.vvv
2015-12-09 10:34 - 2014-09-12 12:00 - 00007086 _____ C:\Users\Multimedia\Downloads\Export_12_09_2014_11-00-25.xls.vvv
2015-12-09 10:34 - 2014-05-24 11:45 - 00321758 _____ C:\Users\Multimedia\Downloads\l6019022dstbai378191.pdf.vvv
2015-12-09 10:34 - 2014-05-17 11:10 - 07386542 _____ C:\Users\Multimedia\Downloads\FileZilla_3.8.0_win32.zip.vvv
2015-12-09 10:34 - 2014-05-06 12:35 - 00122830 _____ C:\Users\Multimedia\Downloads\Outlook.com.zip.vvv
2015-12-09 10:34 - 2014-03-10 11:39 - 00412286 _____ C:\Users\Multimedia\Downloads\Rapor YENI.pdf.vvv
2015-12-09 10:34 - 2013-12-30 14:36 - 01519518 _____ C:\Users\Multimedia\Downloads\Merkblatt.pdf.vvv
2015-12-09 10:34 - 2013-12-30 14:36 - 01519518 _____ C:\Users\Multimedia\Downloads\Merkblatt(1).pdf.vvv
2015-12-09 10:34 - 2013-12-30 14:34 - 00578126 _____ C:\Users\Multimedia\Downloads\Zulassungskriterien.pdf.vvv
2015-12-09 10:34 - 2013-10-30 11:33 - 00113982 _____ C:\Users\Multimedia\Downloads\TramMetro_0912_2012A3.PDF.vvv
2015-12-09 10:34 - 2013-09-25 14:34 - 00018206 _____ C:\Users\Multimedia\Downloads\SinaiBerg.docx.vvv
2015-12-09 10:34 - 2013-08-13 10:27 - 00036654 _____ C:\Users\Multimedia\Downloads\Weg_zum_Ticket_S_08-2013.pdf.vvv
2015-12-09 10:34 - 2013-08-07 08:27 - 00011470 _____ C:\Users\Multimedia\Stromabschlag.docx-2.docx.vvv
2015-12-09 10:34 - 2013-08-07 08:19 - 00011406 _____ C:\Users\Multimedia\Stromabschlag.docx.vvv
2015-12-09 10:34 - 2013-08-02 10:35 - 00010926 _____ C:\Users\Multimedia\Sajjad Ahmed.docx020813.docx.vvv
2015-12-09 10:34 - 2013-08-01 15:44 - 00048270 _____ C:\Users\Multimedia\Downloads\nutzungsordnung_der_computereinricht.pdf.vvv
2015-12-09 10:34 - 2013-08-01 15:44 - 00040958 _____ C:\Users\Multimedia\Downloads\merkblatt_regelungen_bei_fehlzeiten.pdf.vvv
2015-12-09 10:34 - 2013-07-31 12:20 - 00010894 _____ C:\Users\Multimedia\Sinaiberg e.docx.vvv
2015-12-09 10:34 - 2013-07-31 10:37 - 00012542 _____ C:\Users\Multimedia\Kooperationsvertrag.docx.vvv
2015-12-09 10:34 - 2013-07-23 08:46 - 00011198 _____ C:\Users\Multimedia\Vollmacht.docx230713.docx.vvv
2015-12-09 10:34 - 2013-07-15 11:27 - 00028078 _____ C:\Users\Multimedia\Fatma Bas.doc.vvv
2015-12-09 10:34 - 2013-06-27 12:16 - 00011518 _____ C:\Users\Multimedia\Widerspruch.docxAvcibas.docx.vvv
2015-12-09 10:34 - 2013-06-27 09:39 - 00011374 _____ C:\Users\Multimedia\Leszek Olszewski.docx.vvv
2015-12-09 10:34 - 2013-06-21 09:42 - 00011374 _____ C:\Users\Multimedia\Sinaiberg e.docxSposito_Lauro.docx.vvv
2015-12-09 10:34 - 2013-06-21 07:05 - 00155230 _____ C:\Users\Multimedia\Downloads\PDF_Rechnung_M211130074064798_06-2013.pdf.vvv
2015-12-09 10:34 - 2013-06-19 11:34 - 00083006 _____ C:\Users\Multimedia\Einkommensbescheinigung.pdfsahin_Ebru.pdf.vvv
2015-12-09 10:34 - 2013-06-19 10:27 - 00443934 _____ C:\Users\Multimedia\Hauptantrag-Arbeitslosengeld-II-1.pdfsahin.pdf.vvv
2015-12-09 10:34 - 2013-05-15 09:54 - 00050334 _____ C:\Users\Multimedia\Downloads\Tagesprogramm_Anmeldeformular_04_06_2013 (2).pdf.vvv
2015-12-09 10:34 - 2013-04-18 08:52 - 00034798 _____ C:\Users\Multimedia\Downloads\gewa1_neutral(1).pdf.vvv
2015-12-09 10:34 - 2013-04-18 08:51 - 00034798 _____ C:\Users\Multimedia\Downloads\gewa1_neutral.pdf.vvv
2015-12-09 10:34 - 2013-04-08 11:24 - 03387118 _____ C:\Users\Multimedia\Downloads\Konzept_Yücel, 15. Februar 2013(1).pdf.vvv
2015-12-09 10:34 - 2013-04-08 11:15 - 05789486 _____ C:\Users\Multimedia\Downloads\Zertifikate, 15. Februar 2013(1).pdf.vvv
2015-12-09 10:34 - 2013-04-03 12:05 - 05789486 _____ C:\Users\Multimedia\Downloads\Zertifikate, 15. Februar 2013.pdf.vvv
2015-12-09 10:34 - 2013-04-03 12:01 - 03387118 _____ C:\Users\Multimedia\Downloads\Konzept_Yücel, 15. Februar 2013.pdf.vvv
2015-12-09 10:34 - 2013-03-21 12:49 - 00154110 _____ C:\Users\Multimedia\Downloads\PDF_Rechnung_M211130067104642_03-2013.pdf.vvv
2015-12-09 10:34 - 2013-02-21 09:44 - 00405598 _____ C:\Users\Multimedia\Downloads\Tragfaehigkeitsbescheinigung (4).pdf.vvv
2015-12-09 10:34 - 2013-02-18 12:16 - 08107214 _____ C:\Users\Multimedia\Downloads\est-12.zip.vvv
2015-12-09 10:34 - 2013-01-16 15:05 - 00355518 _____ C:\Users\Multimedia\Downloads\logo_sicherheit.png.vvv
2015-12-09 10:34 - 2012-01-16 21:03 - 00108590 _____ C:\Users\Multimedia\Downloads\RegionalFolder(7).pdf.vvv
2015-12-09 10:34 - 2012-01-16 19:02 - 00104814 _____ C:\Users\Multimedia\Downloads\RegionalFolder(6).pdf.vvv
2015-12-09 10:34 - 2012-01-15 14:16 - 00109838 _____ C:\Users\Multimedia\Downloads\RegionalFolder(5).pdf.vvv
2015-12-09 10:34 - 2012-01-05 19:54 - 00111310 _____ C:\Users\Multimedia\Downloads\RegionalFolder(4).pdf.vvv
2015-12-09 10:34 - 2012-01-05 19:35 - 00109838 _____ C:\Users\Multimedia\Downloads\RegionalFolder(3).pdf.vvv
2015-12-09 10:34 - 2012-01-05 19:34 - 00106430 _____ C:\Users\Multimedia\Downloads\RegionalFolder(2).pdf.vvv
2015-12-09 10:34 - 2012-01-02 20:45 - 00110078 _____ C:\Users\Multimedia\Downloads\RegionalFolder(1).pdf.vvv
2015-12-09 10:34 - 2011-12-20 22:17 - 00030078 _____ C:\Users\Multimedia\Downloads\RegionalFolder.pdf.vvv
2015-12-09 10:34 - 2011-12-09 15:18 - 00403742 _____ C:\Users\Multimedia\Downloads\Makbuz Lyoness Engin.pdf.vvv
2015-12-09 10:34 - 2011-12-07 12:24 - 296489806 _____ C:\Users\Multimedia\Downloads\EG-V1_2_17_34_EFI.zip.vvv
2015-12-09 10:34 - 2011-11-21 13:39 - 00022062 _____ C:\Users\Multimedia\Downloads\MoDaCo_NoData.rar.vvv
2015-12-09 10:34 - 2011-07-13 12:24 - 04303326 _____ C:\Users\Multimedia\Downloads\SETreiber for Faq4mobiles.rar.vvv
2015-12-09 10:33 - 2015-08-03 13:34 - 00116398 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-07-24-1152657077 (1).pdf.vvv
2015-12-09 10:33 - 2015-08-03 13:34 - 00105630 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-01-05-115149803.pdf.vvv
2015-12-09 10:33 - 2015-08-03 13:32 - 00116398 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-07-24-1152657077.pdf.vvv
2015-12-09 10:33 - 2015-07-22 17:18 - 00144078 _____ C:\Users\Multimedia\Downloads\blau_verbindungen_22.06.2015_bis_22.07.2015.pdf.vvv
2015-12-09 10:33 - 2015-07-22 17:16 - 00244142 _____ C:\Users\Multimedia\Downloads\blau_verbindungen_03.05.2015_bis_22.07.2015.pdf.vvv
2015-12-09 10:33 - 2015-07-22 17:08 - 00111406 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-07-06-1152422097.pdf.vvv
2015-12-09 10:33 - 2015-07-02 07:12 - 00084782 _____ C:\Users\Multimedia\Downloads\antrag_auf_erlaubnis_einer_besch__ftigung.pdf.vvv
2015-12-09 10:33 - 2015-07-02 07:12 - 00084782 _____ C:\Users\Multimedia\Downloads\antrag_auf_erlaubnis_einer_besch__ftigung (1).pdf.vvv
2015-12-09 10:33 - 2015-06-13 05:38 - 00025262 _____ C:\Users\Multimedia\Documents\Dokumentvorlage mit neuem Uni.docx.vvv
2015-12-09 10:33 - 2015-06-11 10:59 - 00668958 _____ C:\Users\Multimedia\Documents\Klicken Sie hier.docx.vvv
2015-12-09 10:33 - 2015-06-07 11:05 - 00000590 ____H C:\Users\Multimedia\Desktop\~$ April 2015.docx.vvv
2015-12-09 10:33 - 2015-06-06 13:43 - 00109534 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-05-24-1151890301.pdf.vvv
2015-12-09 10:33 - 2015-05-26 12:54 - 00102334 _____ C:\Users\Multimedia\Downloads\11046331_1000576496649631_658300545086702200_n.jpg.vvv
2015-12-09 10:33 - 2015-04-29 11:15 - 00018238 _____ C:\Users\Multimedia\Documents\Merhabaa.docx.vvv
2015-12-09 10:33 - 2015-04-23 13:26 - 01917134 _____ C:\Users\Multimedia\Downloads\amip_2015.pdf.vvv
2015-12-09 10:33 - 2015-03-17 11:25 - 00021422 _____ C:\Users\Multimedia\Documents\Kundendaten (Entwicklung).xls.vvv
2015-12-09 10:33 - 2015-03-08 09:54 - 00174926 _____ C:\Users\Multimedia\Documents\Dok1.docx.vvv
2015-12-09 10:33 - 2015-02-23 12:49 - 00025214 _____ C:\Users\Multimedia\Downloads\22336434_s.jpg.vvv
2015-12-09 10:33 - 2015-02-11 20:06 - 00111278 _____ C:\Users\Multimedia\Downloads\115398926 (1).pdf.vvv
2015-12-09 10:33 - 2015-02-11 20:06 - 00105662 _____ C:\Users\Multimedia\Downloads\115525705.pdf.vvv
2015-12-09 10:33 - 2015-02-10 09:23 - 00010910 _____ C:\Users\Multimedia\Documents\- EJ-Erkl.docx.vvv
2015-12-09 10:33 - 2015-01-27 14:33 - 00111278 _____ C:\Users\Multimedia\Downloads\115398926.pdf.vvv
2015-12-09 10:33 - 2015-01-16 09:06 - 00039854 _____ C:\Users\Multimedia\Downloads\Bescheinigung_ab_01.07.2013_02 (2).xls.vvv
2015-12-09 10:33 - 2015-01-16 08:59 - 00039854 _____ C:\Users\Multimedia\Downloads\Bescheinigung_ab_01.07.2013_02 (1).xls.vvv
2015-12-09 10:33 - 2015-01-16 08:57 - 00039854 _____ C:\Users\Multimedia\Downloads\Bescheinigung_ab_01.07.2013_02.xls.vvv
2015-12-09 10:33 - 2014-12-17 14:37 - 00028174 _____ C:\Users\Multimedia\Downloads\1081_Muster_Untermietvertrag_Wohnung.docx.vvv
2015-12-09 10:33 - 2014-11-24 14:46 - 00111262 _____ C:\Users\Multimedia\Downloads\1143939404 (1).pdf.vvv
2015-12-09 10:33 - 2014-10-31 11:03 - 00087342 _____ C:\Users\Multimedia\Downloads\112987600.pdf.vvv
2015-12-09 10:33 - 2014-10-31 11:03 - 00053294 _____ C:\Users\Multimedia\Downloads\112529496.pdf.vvv
2015-12-09 10:33 - 2014-10-31 11:02 - 00111262 _____ C:\Users\Multimedia\Downloads\1143939404.pdf.vvv
2015-12-09 10:33 - 2014-10-14 10:12 - 00011774 _____ C:\Users\Multimedia\Documents\Ihre E_abel-rahman.abdel-atti.docx.vvv
2015-12-09 10:33 - 2014-10-01 19:36 - 00145662 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument (3).pdf.vvv
2015-12-09 10:33 - 2014-10-01 19:36 - 00145662 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument (2).pdf.vvv
2015-12-09 10:33 - 2014-09-20 13:07 - 00527278 _____ C:\Users\Multimedia\Downloads\CS_Lohnsteuertabelle-2014.pdf.vvv
2015-12-09 10:33 - 2014-09-20 12:39 - 00011934 _____ C:\Users\Multimedia\Documents\Ihre E93.710.docx.vvv
2015-12-09 10:33 - 2014-09-16 17:49 - 00123470 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument (1).pdf.vvv
2015-12-09 10:33 - 2014-09-08 19:34 - 00011790 _____ C:\Users\Multimedia\Documents\foustok bewerbung 2014.docx.vvv
2015-12-09 10:33 - 2014-08-29 15:10 - 00011438 _____ C:\Users\Multimedia\Documents\bedinung 1.docx.vvv
2015-12-09 10:33 - 2014-08-15 16:33 - 00010782 _____ C:\Users\Multimedia\Documents\kündigung 22.docx.vvv
2015-12-09 10:33 - 2014-07-07 18:59 - 00011918 _____ C:\Users\Multimedia\Documents\Mohamad Jamal Foustok Sybelstr.docx.vvv
2015-12-09 10:33 - 2014-07-07 12:07 - 00135342 _____ C:\Users\Multimedia\Documents\Foto.JPG.vvv
2015-12-09 10:33 - 2014-07-05 12:32 - 00011950 _____ C:\Users\Multimedia\Downloads\DHL-Paketaufkleber_23.942.pdf.vvv
2015-12-09 10:33 - 2014-07-02 13:00 - 00011982 _____ C:\Users\Multimedia\Downloads\DHL-Paketaufkleber_23.807.pdf.vvv
2015-12-09 10:33 - 2014-06-21 10:23 - 00131038 _____ C:\Users\Multimedia\Downloads\com_xmap.zip.vvv
2015-12-09 10:33 - 2014-06-03 10:57 - 02754254 _____ C:\Users\Multimedia\Downloads\141542795640129.pdf.vvv
2015-12-09 10:33 - 2014-05-28 12:28 - 00018046 _____ C:\Users\Multimedia\Downloads\DRP50157795.pdf.vvv
2015-12-09 10:33 - 2014-05-17 14:36 - 00018782 _____ C:\Users\Multimedia\Downloads\1400351786_Old_tv.png.vvv
2015-12-09 10:33 - 2014-05-17 10:42 - 00011054 _____ C:\Users\Multimedia\Downloads\1400337759_iPod Touch.png.vvv
2015-12-09 10:33 - 2014-05-09 09:14 - 00111886 _____ C:\Users\Multimedia\Downloads\1141606977.pdf.vvv
2015-12-09 10:33 - 2014-05-03 12:35 - 00173902 _____ C:\Users\Multimedia\Documents\betholz.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:28 - 00198926 _____ C:\Users\Multimedia\Documents\einze2.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:27 - 00030270 _____ C:\Users\Multimedia\Documents\einzel.jpg.vvv
2015-12-09 10:33 - 2014-05-03 12:22 - 00194526 _____ C:\Users\Multimedia\Documents\bett3.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:20 - 00182286 _____ C:\Users\Multimedia\Documents\bett ho.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:20 - 00051886 _____ C:\Users\Multimedia\Documents\bett hoh.JPG.vvv
2015-12-09 10:33 - 2014-04-02 08:06 - 00128910 _____ C:\Users\Multimedia\Downloads\ausbildungsstaetten.pdf.vvv
2015-12-09 10:33 - 2014-02-27 17:36 - 00011774 _____ C:\Users\Multimedia\Documents\Abdulhamid Wayaya Berlin den.docx.vvv
2015-12-09 10:33 - 2014-02-14 17:09 - 00019886 _____ C:\Users\Multimedia\Documents\barcli.docx.vvv
2015-12-09 10:33 - 2014-02-06 11:06 - 00603982 _____ C:\Users\Multimedia\Documents\Mietrückstand022.pdf.vvv
2015-12-09 10:33 - 2014-02-04 15:03 - 02873054 _____ C:\Users\Multimedia\Downloads\28-02-2013_003.part3.rar.vvv
2015-12-09 10:33 - 2014-01-07 09:08 - 00005982 _____ C:\Users\Multimedia\Documents\Lebenslauf Berlin den.odt.vvv
2015-12-09 10:33 - 2014-01-07 08:59 - 00006862 _____ C:\Users\Multimedia\Documents\Bewerbung.odt.vvv
2015-12-09 10:33 - 2013-09-30 13:35 - 00059038 _____ C:\Users\Multimedia\Downloads\5416234.pdf.vvv
2015-12-09 10:33 - 2013-08-06 07:50 - 00271470 _____ C:\Users\Multimedia\Downloads\E-ticket0120372337007.pdf.vvv
2015-12-09 10:33 - 2013-07-23 13:34 - 00011422 _____ C:\Users\Multimedia\Documents\Carmen Lischka.docx.vvv
2015-12-09 10:33 - 2013-07-16 09:25 - 00012654 _____ C:\Users\Multimedia\Documents\Irene Hagelganz.docx.vvv
2015-12-09 10:33 - 2013-06-27 08:56 - 00913854 _____ C:\Users\Multimedia\Downloads\131782304160129.pdf.vvv
2015-12-09 10:33 - 2013-06-21 12:01 - 00097790 _____ C:\Users\Multimedia\Downloads\Brau_u_Getraenketechnik_111215_v1_3.pdf.vvv
2015-12-09 10:33 - 2013-06-18 10:09 - 00137374 _____ C:\Users\Multimedia\Downloads\Anlage-WEP-Weitere-Personen-d-Bedarfsgemeinschaft.pdf.vvv
2015-12-09 10:33 - 2013-06-12 11:34 - 00849374 _____ C:\Users\Multimedia\Downloads\131632282060129.pdf.vvv
2015-12-09 10:33 - 2013-05-26 15:21 - 00095598 _____ C:\Users\Multimedia\Downloads\1131288575.pdf.vvv
2015-12-09 10:33 - 2013-05-26 15:21 - 00095598 _____ C:\Users\Multimedia\Downloads\1131288575(1).pdf.vvv
2015-12-09 10:33 - 2013-05-06 09:11 - 01723118 _____ C:\Users\Multimedia\Downloads\6000001663-Schluss-VWN-GCD.pdf.vvv
2015-12-09 10:33 - 2013-04-23 11:37 - 00011230 _____ C:\Users\Multimedia\Documents\Belgin Kisner.docx.vvv
2015-12-09 10:33 - 2013-04-23 11:17 - 00011774 _____ C:\Users\Multimedia\Documents\Olimpia Moldoveanu.docx.vvv
2015-12-09 10:33 - 2013-04-12 13:16 - 00011454 _____ C:\Users\Multimedia\Documents\Melanie.docx.vvv
2015-12-09 10:33 - 2013-04-08 10:19 - 00011342 _____ C:\Users\Multimedia\Documents\Farah Al Nomairy.docx.vvv
2015-12-09 10:33 - 2013-03-26 13:44 - 01112398 _____ C:\Users\Multimedia\Downloads\atlas_release_8_3.pdf.vvv
2015-12-09 10:33 - 2013-03-26 09:00 - 00849294 _____ C:\Users\Multimedia\Downloads\130852166050129(1).pdf.vvv
2015-12-09 10:33 - 2013-03-26 08:48 - 00849294 _____ C:\Users\Multimedia\Downloads\130852166050129.pdf.vvv
2015-12-09 10:33 - 2013-03-22 15:09 - 00011838 _____ C:\Users\Multimedia\Documents\Tburghard.docx.vvv
2015-12-09 10:33 - 2013-03-22 14:32 - 00011534 _____ C:\Users\Multimedia\Documents\Faik Aras.docx.vvv
2015-12-09 10:33 - 2013-02-22 09:19 - 00049838 _____ C:\Users\Multimedia\Downloads\0000267891.pdf.vvv
2015-12-09 10:33 - 2013-01-23 09:37 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(7).zip.vvv
2015-12-09 10:33 - 2012-12-20 08:49 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(6).zip.vvv
2015-12-09 10:33 - 2012-12-06 12:50 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(5).zip.vvv
2015-12-09 10:33 - 2012-11-29 10:43 - 00422270 _____ C:\Users\Multimedia\Documents\BusinessPlan_Stand 12 11 25.docx.vvv
2015-12-09 10:33 - 2012-11-20 12:11 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(4).zip.vvv
2015-12-09 10:33 - 2012-11-12 11:48 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(3).zip.vvv
2015-12-09 10:33 - 2012-11-09 08:49 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(2).zip.vvv
2015-12-09 10:33 - 2012-11-06 09:01 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(1).zip.vvv
2015-12-09 10:33 - 2012-11-05 13:04 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments.zip.vvv
2015-12-09 10:33 - 2012-11-02 09:32 - 00000430 _____ C:\Users\Multimedia\Downloads\Conan.der.Barbar.2011.BDRip.AC3.German.XviD-POE.avi.vvv
2015-12-09 10:33 - 2012-09-22 13:10 - 07880014 _____ C:\Users\Multimedia\Downloads\Amazon_Appstore.zip.vvv
2015-12-09 10:33 - 2012-08-29 15:18 - 00062302 _____ C:\Users\Multimedia\Documents\3083.Birsen_Tirtandocx.docx.vvv
2015-12-09 10:33 - 2012-08-29 08:06 - 00010910 _____ C:\Users\Multimedia\Documents\Begünstigter_Eigenanteil.docx.vvv
2015-12-09 10:33 - 2012-08-21 08:34 - 00061678 _____ C:\Users\Multimedia\Documents\3069.docx.vvv
2015-12-09 10:33 - 2012-08-21 08:00 - 00062366 _____ C:\Users\Multimedia\Documents\3068.Makrutzi, Heiner.docx.vvv
2015-12-09 10:33 - 2012-08-11 11:58 - 00002062 _____ C:\Users\Multimedia\Documents\ChatLog TeleSon Grundschulung Energie 2012_08_11 12_58.rtf.vvv
2015-12-09 10:33 - 2012-07-31 09:29 - 00062510 _____ C:\Users\Multimedia\Documents\3055_Capuozzo_Marca.docx.vvv
2015-12-09 10:33 - 2012-07-30 10:24 - 00062542 _____ C:\Users\Multimedia\Documents\3052.Aldinov_Aldindocx.docx.vvv
2015-12-09 10:33 - 2012-07-24 09:24 - 00062126 _____ C:\Users\Multimedia\Documents\3047_Kavun_Violeta.docx.vvv
2015-12-09 10:33 - 2012-07-23 08:41 - 00011278 _____ C:\Users\Multimedia\Documents\Velko Mitkov Yosifov_Ortsabwesentheitsschreiben.docx.vvv
2015-12-09 10:33 - 2012-07-20 11:38 - 00013022 _____ C:\Users\Multimedia\Documents\Amtsgericht München.docx Jasmina Ilic.docx.vvv
2015-12-09 10:33 - 2012-07-13 09:09 - 00031150 _____ C:\Users\Multimedia\Downloads\3-Antrag-Stundung-der-Verfahrenskosten.doc.vvv
2015-12-09 10:33 - 2012-07-10 15:03 - 01303982 _____ C:\Users\Multimedia\Downloads\Antrag auf Eröffnungdes Insolvenzverfahrens(1).doc.vvv
2015-12-09 10:33 - 2012-07-10 14:58 - 01303982 _____ C:\Users\Multimedia\Downloads\Antrag auf Eröffnungdes Insolvenzverfahrens.doc.vvv
2015-12-09 10:33 - 2012-07-10 09:34 - 00080302 _____ C:\Users\Multimedia\Downloads\A305_91_sbpa_7.doc.vvv
2015-12-09 10:33 - 2012-07-10 09:18 - 00117678 _____ C:\Users\Multimedia\Downloads\A305_9_glfvz_6.doc.vvv
2015-12-09 10:33 - 2012-06-27 11:40 - 00062334 _____ C:\Users\Multimedia\Documents\3029_Sposito_Lauro_Eduardo_Jose.docx.vvv
2015-12-09 10:33 - 2012-06-11 08:06 - 00038062 _____ C:\Users\Multimedia\Documents\Kassenbuch-Möbel.xlsx.vvv
2015-12-09 10:33 - 2012-06-07 12:39 - 00011150 _____ C:\Users\Multimedia\Documents\An das Jobcenter Berlin.docx.vvv
2015-12-09 10:33 - 2012-06-06 16:16 - 00009758 _____ C:\Users\Multimedia\Documents\Löhne.xlsx.vvv
2015-12-09 10:33 - 2012-03-07 22:43 - 00113886 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument.pdf.vvv
2015-12-09 10:33 - 2011-12-09 15:18 - 00986494 _____ C:\Users\Multimedia\Downloads\Belge Lyoness Engin.pdf.vvv
2015-12-09 10:33 - 2011-12-07 12:05 - 07961790 _____ C:\Users\Multimedia\Documents\G5255_Win7_German.zip.vvv
2015-12-09 10:33 - 2011-11-30 12:59 - 00587374 _____ C:\Users\Multimedia\Downloads\AntiBundestrojaner_Globell_V_1_3_3.zip.vvv
2015-12-09 10:33 - 2011-11-25 22:21 - 00110046 _____ C:\Users\Multimedia\Downloads\avira_registry_cleaner_de.zip.vvv
2015-12-09 10:33 - 2011-11-21 13:46 - 00000878 _____ C:\Users\Multimedia\Downloads\DataConnSettingTool_Readme.txt.vvv
2015-12-09 10:33 - 2011-11-07 08:08 - 00026542 _____ C:\Users\Multimedia\Documents\1Deckblatt Kirilla.doc.vvv
2015-12-09 10:33 - 2011-11-05 14:20 - 00064430 _____ C:\Users\Multimedia\Documents\Text Konzept Kirilla.doc.vvv
2015-12-09 10:33 - 2011-10-24 12:21 - 03444542 _____ C:\Users\Multimedia\Downloads\Auhip_5098_port.rar.vvv
2015-12-09 10:33 - 2011-07-18 14:42 - 00064158 _____ C:\Users\Multimedia\Downloads\AGB.pdf.vvv
2015-12-09 10:33 - 2011-07-13 15:39 - 03070366 _____ C:\Users\Multimedia\Downloads\com.android.vending-1.apk.vvv
2015-12-09 10:33 - 2011-02-27 10:46 - 03909038 _____ C:\Users\Multimedia\Downloads\Bilgilendirme_Brosuru.doc.vvv
2015-12-09 10:33 - 2011-02-16 04:15 - 00044462 _____ C:\Users\Multimedia\Documents\Michael Strogoff.doc.vvv
2015-12-09 10:33 - 2011-02-13 10:07 - 00052654 _____ C:\Users\Multimedia\Documents\KfW-Gründercoaches.xls.vvv
2015-12-09 10:33 - 2011-02-12 22:49 - 00051118 _____ C:\Users\Multimedia\Documents\Die chaotische Klasse.doc.vvv
2015-12-09 10:33 - 2011-01-22 17:25 - 00260014 _____ C:\Users\Multimedia\Documents\I.doc.vvv
2015-12-09 10:33 - 2011-01-19 23:05 - 00103342 _____ C:\Users\Multimedia\Documents\OttomanEmpireIn1683tr.png.vvv
2015-12-09 10:33 - 2011-01-19 22:54 - 00313726 _____ C:\Users\Multimedia\Documents\BustOfAyseHafsaSultan_ManisaTurkey.jpg.vvv
2015-12-09 10:33 - 2011-01-19 22:46 - 00148814 _____ C:\Users\Multimedia\Documents\Europe_map_450.PNG.vvv
2015-12-09 10:33 - 2011-01-19 22:45 - 00071518 _____ C:\Users\Multimedia\Documents\395px-Europe_map_450.PNG.vvv
2015-12-09 10:33 - 2011-01-19 22:43 - 00185630 _____ C:\Users\Multimedia\Documents\450_roman-hunnic-empire_1764x1116.jpg.vvv
2015-12-09 10:33 - 2010-10-19 20:53 - 00018174 _____ C:\Users\Multimedia\Documents\Adriano Celentano.docx.vvv
2015-12-09 10:33 - 2010-10-17 20:27 - 00409102 _____ C:\Users\Multimedia\Documents\1.lig sonucu 1959-2000.xlsx.vvv
2015-12-09 10:33 - 2010-09-25 18:09 - 00173134 _____ C:\Users\Multimedia\Documents\DM1903_1963.xlsb.vvv
2015-12-09 10:33 - 2010-09-02 22:03 - 00062926 _____ C:\Users\Multimedia\Documents\U090615-004a.jpg.vvv
2015-12-09 10:33 - 2010-09-02 22:02 - 00059598 _____ C:\Users\Multimedia\Documents\WMF Modell 2200 Silberbesteck.jpg.vvv
2015-12-09 10:33 - 2010-09-02 22:01 - 00068878 _____ C:\Users\Multimedia\Documents\WMF Modell 2200 Silberbestecka.jpg.vvv
2015-12-09 10:33 - 2010-08-17 21:57 - 00710062 _____ C:\Users\Multimedia\Documents\ZDF-Hitparade von 1969-1990.xls.vvv
2015-12-09 10:33 - 2010-08-01 21:46 - 00275182 _____ C:\Users\Multimedia\Documents\1.lig fikstür sonuclari 1959-1993.xlsx.vvv
2015-12-09 10:33 - 2010-08-01 19:50 - 00014270 _____ C:\Users\Multimedia\Documents\Istanbul Isattikleri Puanlar.xlsx.vvv
2015-12-09 10:32 - 2015-06-15 13:32 - 00000000 ____D C:\Users\Multimedia\Desktop\SINAI BERG e.V._Bilder
2015-12-09 10:25 - 2015-06-17 13:32 - 00000000 ____D C:\Users\Multimedia\Desktop\M.Gropp
2015-12-09 10:18 - 2015-09-18 12:23 - 00000000 ____D C:\Users\Multimedia\Desktop\Gescannt
2015-12-09 10:18 - 2013-07-09 09:40 - 00011054 _____ C:\Users\Multimedia\Cemil Akgün.docx.vvv
2015-12-09 10:18 - 2013-06-18 11:45 - 00011134 _____ C:\Users\Multimedia\Brzezinska Bozena.docx.vvv
2015-12-09 10:13 - 2014-12-09 13:38 - 00010670 _____ C:\Users\Gast\Documents\Fritteuse.wps.vvv
2015-12-09 10:13 - 2014-11-10 11:27 - 00011342 _____ C:\Users\Gast\Documents\Ismet Ars10.docx.vvv
2015-12-09 10:13 - 2013-06-19 11:29 - 00162910 _____ C:\Users\Multimedia\Anlage-MEB-Aerztl-Bescheinigung-Mehrbedarf-Ernaehrung.pdfSahin_Ebru.pdf.vvv
2015-12-09 10:13 - 2013-06-19 11:22 - 00107822 _____ C:\Users\Multimedia\Anlage-HG-Hilfebeduerftigkeit-Haushaltsgemeinschaft-1.pdfsahin_Ebru.pdf.vvv
2015-12-09 10:13 - 2013-06-19 11:08 - 00162238 _____ C:\Users\Multimedia\Anlage-VM-Vermoegen.pdfsahin_ebru.pdf.vvv
2015-12-09 10:13 - 2013-06-19 10:45 - 00229966 _____ C:\Users\Multimedia\Anlage-EK-Einkommenserklaerung.pdfsahin ebru.pdf.vvv
2015-12-09 04:39 - 2012-11-16 15:13 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 06:21 - 2011-01-25 13:03 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-07 14:19 - 2012-07-31 09:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-07 14:19 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-07 08:30 - 2010-05-07 20:26 - 00121344 _____ C:\Users\Multimedia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-05 07:39 - 2015-05-16 08:40 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 07:39 - 2015-05-16 08:40 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-27 18:14 - 2015-09-17 13:30 - 00000000 ____D C:\Program Files (x86)\AVG
2015-11-27 07:35 - 2014-12-15 07:31 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-27 07:35 - 2014-05-06 18:23 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-11-27 07:01 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2009-10-17 03:04 - 2009-02-10 20:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\Multimedia\AppData\Roaming\cbg4Eg1uzl8hVhbOVeC8
2015-12-09 10:13 - 2015-12-09 10:18 - 0009620 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:18 - 0002787 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+amx.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 0009620 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 0002787 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 0009620 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 0002787 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.txt
2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\Multimedia\AppData\Roaming\jnQmSMuT6xN
2015-03-31 09:14 - 2015-03-31 09:14 - 0005655 _____ () C:\Users\Multimedia\AppData\Roaming\sGHU6xI5w8em8aXqgPl1
2011-07-08 11:05 - 2013-07-31 14:33 - 0000238 _____ () C:\Users\Multimedia\AppData\Roaming\wklnhst.dat
2010-05-07 20:26 - 2015-12-07 08:30 - 0121344 _____ () C:\Users\Multimedia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-09 10:13 - 2015-12-09 10:34 - 0009620 _____ () C:\Users\Multimedia\AppData\Local\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:34 - 0002787 _____ () C:\Users\Multimedia\AppData\Local\how_recover+amx.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 0009620 _____ () C:\Users\Multimedia\AppData\Local\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 0002787 _____ () C:\Users\Multimedia\AppData\Local\how_recover+bhm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 0009620 _____ () C:\Users\Multimedia\AppData\Local\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 0002787 _____ () C:\Users\Multimedia\AppData\Local\how_recover+vrm.txt
2014-07-14 15:26 - 2015-03-18 12:35 - 0004096 ____H () C:\Users\Multimedia\AppData\Local\keyfile3.drm
2013-12-15 20:07 - 2013-12-15 20:07 - 0014370 _____ () C:\Users\Multimedia\AppData\Local\MyWinLockerInstaller.txt-20131215.log
2015-05-11 12:26 - 2015-09-16 21:44 - 0007606 _____ () C:\Users\Multimedia\AppData\Local\Resmon.ResmonCfg
2012-11-16 14:47 - 2012-11-16 14:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-10-17 03:04 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-12-09 10:10 - 2015-12-09 10:11 - 0009620 _____ () C:\ProgramData\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:11 - 0002787 _____ () C:\ProgramData\how_recover+amx.txt
2015-12-09 12:25 - 2015-12-09 12:26 - 0009620 _____ () C:\ProgramData\how_recover+bhm.html
2015-12-09 12:25 - 2015-12-09 12:26 - 0002787 _____ () C:\ProgramData\how_recover+bhm.txt
2015-12-09 14:06 - 2015-12-09 14:07 - 0009620 _____ () C:\ProgramData\how_recover+vrm.html
2015-12-09 14:06 - 2015-12-09 14:07 - 0002787 _____ () C:\ProgramData\how_recover+vrm.txt
Einige Dateien in TEMP:
====================
C:\Users\Multimedia\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-10 08:09
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-12-2015
durchgeführt von Multimedia (2015-12-12 14:58:20)
Gestartet von F:\
Windows 7 Home Premium Service Pack 1 (X64) (2010-04-29 12:43:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3445553229-585193536-3719774176-500 - Administrator - Disabled)
Bülent (S-1-5-21-3445553229-585193536-3719774176-1008 - Administrator - Enabled) => C:\Users\Bülent
Gast (S-1-5-21-3445553229-585193536-3719774176-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3445553229-585193536-3719774176-1004 - Limited - Enabled)
Multimedia (S-1-5-21-3445553229-585193536-3719774176-1001 - Administrator - Enabled) => C:\Users\Multimedia
UpdatusUser (S-1-5-21-3445553229-585193536-3719774176-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.2.0812 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Anti-Twin (Installation 27.11.2013) (HKLM-x32\...\Anti-Twin 2013-11-27 15.31.49) (Version: - Joerg Rosenthal, Germany)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
EasyTether (HKLM\...\{6C81C2B4-068D-4470-9FE0-2F2989ED4BB8}) (Version: 1.1.15 - Mobile Stream)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{695C8469-7822-4B31-A673-5ED84815B649}) (Version: 1.17.0000 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version: - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
HP Photosmart 6510 series - Grundlegende Software für das Gerät (HKLM\...\{D476ED05-969B-4ECD-92D4-77BFA3742DA2}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Macromedia Fireworks 8 (HKLM-x32\...\{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}) (Version: 8.0.0.777 - Macromedia)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
NVIDIA 3D Vision Controller-Treiber 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 285.62 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: - )
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PaperPort (HKLM-x32\...\{71C97545-E547-4A8B-B0C8-61FF853270AC}) (Version: 9.02.0827 - ScanSoft, Inc.)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{A737E18A-5171-40D0-8034-7DD243420081}) (Version: 4.1.1 - SEIKO EPSON CORPORATION) <==== ACHTUNG
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Basic 6.0 Runtime&Steuerelemente (HKLM-x32\...\ST6UNST #1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.4.9 - Shark007)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
yEd Graph Editor 3.8 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.8 - yWorks GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {136D3DBA-28A4-43CC-80D3-78C747DA6EE0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {2187DB60-2210-4730-9528-F998401B94CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.)
Task: {C547AB32-B151-428A-916C-6AEA12592BF4} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04] (Oracle Corporation)
Task: {F3387C01-A817-410F-B975-C49C31C76BA1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FA90E203-27D9-4763-9643-6958DBC9E2B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-11-26 12:20 - 2012-12-06 13:09 - 00136704 _____ () C:\Windows\System32\zlhp1600.dll
2013-12-02 16:40 - 2012-12-06 13:52 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll
2015-10-19 21:00 - 2015-10-19 21:00 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-11 19:46 - 2015-12-04 23:17 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libglesv2.dll
2015-12-11 19:46 - 2015-12-04 23:17 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0
AlternateDataStreams: C:\ProgramData\TEMP:444C53BA
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_PM_RPCV4_04 => 2
MSCONFIG\Services: EZ Software Updater => 2
MSCONFIG\Services: ForceWare Intelligent Application Manager (IAM) => 2
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: Greg_Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 3
MSCONFIG\Services: nSvcIp => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: servervo => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: Update BooZaka => 2
MSCONFIG\Services: Updater Service => 2
MSCONFIG\Services: Util BooZaka => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EasyTether => "C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe"
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: HP Photosmart 6510 series (NET) => "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN216430CP05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IndexSearch => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PaperPort PTD => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{39E2D5BB-8497-43B0-A7A2-179567B43037}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{E02BC29C-CD90-4637-AEFE-FDEE16837410}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7D14706F-0382-4513-B527-4663982B8600}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{1B673D14-86EF-400B-98EC-3F8D0704C6DA}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\DeviceSetup.exe
FirewallRules: [{593B925F-B9AE-44DD-B346-47E9715F893D}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{99BDA712-84C9-4FC4-9956-20C7B1346326}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BF3039FA-887C-41A2-AF1D-4CC2BC8622E8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D8C5C8B6-1DDA-44F8-B571-B2C7CA530108}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{A0FAB126-B7A0-4AA2-BE4C-54F9B536D5AC}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{A7D73967-262A-4A96-B6AB-4D312711CA22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3C9E3DF6-C8A7-4572-BF14-97056C35CCBD}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{EDA96396-9B30-4873-B04E-B969423E7329}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{C93F0D8B-0001-407F-BD52-76B4E44C47C5}C:\program files (x86)\jdownloader\jre\bin\java.exe] => (Block) C:\program files (x86)\jdownloader\jre\bin\java.exe
FirewallRules: [UDP Query User{AC491F3F-6C81-4684-820E-ECDFD05ADB0D}C:\program files (x86)\jdownloader\jre\bin\java.exe] => (Block) C:\program files (x86)\jdownloader\jre\bin\java.exe
FirewallRules: [{39012434-5690-4D10-B33F-00057CD26D56}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{9D258D48-03F7-44A0-AE27-D164D1208ED8}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{0F7635DA-A601-47DF-901B-8F095B61474C}] => (Allow) C:\Windows\SysWOW64\explorer.exe
FirewallRules: [{619BD259-2C90-4783-B6BB-25B541339886}] => (Allow) C:\Windows\SysWOW64\explorer.exe
FirewallRules: [TCP Query User{D7055B04-1743-4082-AF07-80D5A58EF74D}C:\program files (x86)\yworks\yed\yed.exe] => (Block) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [UDP Query User{D7BD4827-124E-4010-8423-012831209455}C:\program files (x86)\yworks\yed\yed.exe] => (Block) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [{906FC082-1BAD-4FEF-80B6-DBEC81B9151F}] => (Allow) C:\PROGRA~2\MICROS~1\Office12\OUTLOOK.EXE
FirewallRules: [{EC58FA94-C6FF-42F1-AE1F-DC49A66E00E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E5579E5A-8AF4-45F4-8749-B8A14569B487}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0FDB5D7F-7AFC-42B0-94C7-B82FBB2F38DF}] => (Allow) C:\PROGRA~2\MICROS~1\Office12\OUTLOOK.EXE
FirewallRules: [TCP Query User{055CCB89-E311-4AFE-85A5-D8B933DD3A62}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7457D705-E389-4584-B27C-9FADD2F279B2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{F62E4134-97C1-4229-B308-28DF7F07CCE6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{421220E0-8807-4C05-8D31-BE6060F26196}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{11FF557B-D284-403A-897B-493C20059616}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A9B002D4-7294-488E-A529-6DE5F154EF97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EFE0BF06-71F1-4033-A96D-8FF87D95AADD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E342E0BA-2744-41A3-A301-88B270483498}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B489670F-A908-46EE-8334-A717FA7637E5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Camera
Description: Camera
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/11/2015 03:27:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (12/11/2015 03:27:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (12/10/2015 02:23:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/10/2015 02:23:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/09/2015 05:14:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/09/2015 05:14:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/09/2015 12:27:45 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/09 12:27:45.249]: [00003828]: Initialize TwdsMain Class failed!
Error: (12/09/2015 12:27:45 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/09 12:27:45.248]: [00003828]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (12/08/2015 04:13:35 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/08 16:13:35.939]: [00004136]: Initialize TwdsMain Class failed!
Error: (12/08/2015 04:13:35 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/08 16:13:35.939]: [00004136]: ##### Fatal ERROR!! Create STI-device failed! #####
Systemfehler:
=============
Error: (12/12/2015 02:50:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/12/2015 02:45:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/12/2015 02:33:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/12/2015 02:30:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/12/2015 02:29:26 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.
Error: (12/12/2015 02:29:26 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Datenfehler des Geräts.
Gerät: \Device\RaidPort0
Modell: WDC WD10EADS-22M2B0
Firmware-Version: 01.0
Seriennummer: WD-WCAV56901422
Anschluss: 1
Error: (12/12/2015 02:29:24 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Datenfehler des Geräts.
Gerät: \Device\RaidPort0
Modell: WDC WD10EADS-22M2B0
Firmware-Version: 01.0
Seriennummer: WD-WCAV56901422
Anschluss: 1
Error: (12/12/2015 02:29:24 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Datenfehler des Geräts.
Gerät: \Device\RaidPort0
Modell: WDC WD10EADS-22M2B0
Firmware-Version: 01.0
Seriennummer: WD-WCAV56901422
Anschluss: 1
Error: (12/12/2015 02:29:24 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Datenfehler des Geräts.
Gerät: \Device\RaidPort0
Modell: WDC WD10EADS-22M2B0
Firmware-Version: 01.0
Seriennummer: WD-WCAV56901422
Anschluss: 1
Error: (12/12/2015 02:29:21 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Datenfehler des Geräts.
Gerät: \Device\RaidPort0
Modell: WDC WD10EADS-22M2B0
Firmware-Version: 01.0
Seriennummer: WD-WCAV56901422
Anschluss: 1
CodeIntegrity:
===================================
Date: 2015-11-27 07:14:21.238
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-27 07:14:20.521
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-27 07:14:19.912
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 16:14:43.888
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 16:14:43.669
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 16:14:43.357
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 15:32:19.044
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 15:32:18.841
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 15:32:17.874
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 15:32:17.640
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) II X2 215 Processor
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 2814.55 MB
Verfügbarer physikalischer RAM: 1402.61 MB
Summe virtueller Speicher: 5627.31 MB
Verfügbarer virtueller Speicher: 3848.12 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:458.87 GB) (Free:361.12 GB) NTFS
Drive d: (DATA) (Fixed) (Total:458.87 GB) (Free:306.51 GB) NTFS
Drive f: () (Removable) (Total:0.48 GB) (Free:0.47 GB) FAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 45B4AF2D)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 489 MB) (Disk ID: 70A07A1C)
Partition 1: (Not Active) - (Size=488 MB) - (Type=06)
==================== Ende von Addition.txt ============================
|
|
12.12.2015, 15:12
| #17 |
| /// Malwareteam  | Windows 7: RSA-2048 Trojaner seit gestern Hi,
__________________Sehr gut, den SpyHunter hast du, denk ich mal, schon deinstalliert. Ich seh keine Reste mehr von dem. Zur Entschlüsselung: Ohne den entsprechenden Schlüssel wird das schwer. Wenn du Backups hast, solltest du auf diese zurückgreifen, du kannst auch mit dem ShadowExplorer schauen, ob noch Schattenkopien vorhanden sind. Da würde ich mir nicht allzu viel Hoffnungen machen. Ansonsten bleibt zahlen und hoffen. Bei manchen ist es gegangen, bei anderen nicht. Wir entfernen noch ein paar Reste und machen Kontrollscans. Schritt # 1: ESET ESET Online Scanner
Schritt # 2: Bitte Posten
__________________ |
|
| Themen zu Windows 7: RSA-2048 Trojaner seit gestern |
| danke, datei, frst.txt, gestern, rsa-2048, troja, trojaner, windows, windows 7 |
Linear-Darstellung
