| |
| |||||||
Log-Analyse und Auswertung: Windows 7: RSA-2048 Trojaner seit gesternWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.12.2015, 16:07
| #1 |
 |  Windows 7: RSA-2048 Trojaner seit gestern Die FRST.txt Datei habe ich in zwei gesplittet. Ich danke schon mal im voraus!  PS: Ich benutz das Konto meines Bruders.. so bitte Gnade.  defogger_disable.txt Logfiles Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:02 on 10/12/2015 (Bülent)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-12-10 15:21:58
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000005e WDC_WD10 rev.01.0 931,51GB
Running: ztts6src.exe; Driver: C:\Users\BLENT~1\AppData\Local\Temp\awtdrfob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1848] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000000007765dc30 16 bytes [50, 48, B8, 4C, 35, 01, FC, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 000000007765da80 16 bytes [50, 48, B8, 4C, 17, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken 000000007765dbf0 16 bytes [50, 48, B8, A4, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 000000007765dc10 48 bytes [50, 48, B8, 20, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection 000000007765dc50 16 bytes [50, 48, B8, 70, 17, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx 000000007765dca0 32 bytes [50, 48, B8, C8, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 000000007765dce0 16 bytes [50, 48, B8, B0, 15, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile 000000007765dd80 16 bytes [50, 48, B8, F8, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 000000007765df00 16 bytes [50, 48, B8, 74, 14, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken 000000007765e970 16 bytes [50, 48, B8, 44, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 000000007765e9c0 16 bytes [50, 48, B8, 80, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2156] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile 000000007765eb10 16 bytes [50, 48, B8, 0C, 17, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 000000007765da80 16 bytes [50, 48, B8, 4C, 17, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken 000000007765dbf0 16 bytes [50, 48, B8, A4, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 000000007765dc10 48 bytes [50, 48, B8, 20, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection 000000007765dc50 16 bytes [50, 48, B8, 70, 17, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx 000000007765dca0 32 bytes [50, 48, B8, C8, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 000000007765dce0 16 bytes [50, 48, B8, B0, 15, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile 000000007765dd80 16 bytes [50, 48, B8, F8, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 000000007765df00 16 bytes [50, 48, B8, 74, 14, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken 000000007765e970 16 bytes [50, 48, B8, 44, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 000000007765e9c0 16 bytes [50, 48, B8, 80, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2688] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile 000000007765eb10 16 bytes [50, 48, B8, 0C, 17, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 000000007765da80 16 bytes [50, 48, B8, 4C, 17, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken 000000007765dbf0 16 bytes [50, 48, B8, A4, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 000000007765dc10 48 bytes [50, 48, B8, 20, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection 000000007765dc50 16 bytes [50, 48, B8, 70, 17, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx 000000007765dca0 32 bytes [50, 48, B8, C8, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 000000007765dce0 16 bytes [50, 48, B8, B0, 15, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile 000000007765dd80 16 bytes [50, 48, B8, F8, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 000000007765df00 16 bytes [50, 48, B8, 74, 14, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken 000000007765e970 16 bytes [50, 48, B8, 44, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 000000007765e9c0 16 bytes [50, 48, B8, 80, 16, 65, 3F, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4068] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile 000000007765eb10 16 bytes [50, 48, B8, 0C, 17, 65, 3F, ...]
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
EDIT: Alte FRST1.txt, alte FRST2.txt und Addition.txt gelöscht Anhänge zu: Alte FRST1.txt, alte FRST2.txt und Addition.txt -- veraltet Letzter Post sind die neuen Logfiles. Geändert von Deilnefle (10.12.2015 um 17:06 Uhr) |
|
10.12.2015, 16:16
| #2 |
| /// Malwareteam  | Windows 7: RSA-2048 Trojaner seit gestern Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld Kommst du nicht in den normalen Modus rein? Und zukünftig die Logs bitte in CODE, nicht QUOTE-Tags posten bitte
__________________ |
|
10.12.2015, 16:27
| #3 |
| | Windows 7: RSA-2048 Trojaner seit gestern alter FRST2.txt Logfiles -- gelöscht
__________________Geändert von Deilnefle (10.12.2015 um 16:58 Uhr) |
|
10.12.2015, 16:28
| #4 |
| /// Malwareteam | Windows 7: RSA-2048 Trojaner seit gestern Dann bitte FRST von dort, mit Additions.txt angehakerlt. |
|
10.12.2015, 16:38
| #5 |
| | Windows 7: RSA-2048 Trojaner seit gestern alter FRST2.txt Logfile -- gelöscht Geändert von Deilnefle (10.12.2015 um 16:57 Uhr) |
|
10.12.2015, 16:41
| #6 |
| /// Malwareteam | Windows 7: RSA-2048 Trojaner seit gestern Das Log ist aus dem abgesicherten Modus, starte den PC doch einfach normal und führ FRST von dort aus. Die Logs die dann erstellt werden, postest du dann hier.
__________________ --> Windows 7: RSA-2048 Trojaner seit gestern |
|
10.12.2015, 16:53
| #7 | |
| | Windows 7: RSA-2048 Trojaner seit gesternZitat:
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
durchgeführt von Multimedia (Administrator) auf SINAI-BKAZAN (10-12-2015 16:43:07)
Gestartet von F:\
Geladene Profile: Multimedia (Verfügbare Profile: Multimedia & UpdatusUser & Bülent & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\MountPoints2: {9beaa6cd-4364-11e0-9c68-00262d216fb1} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\MountPoints2: {e19d9f92-b2a8-11e0-ad46-00262d216fb1} - F:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => Keine Datei
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => Keine Datei
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.html [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.txt [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.html [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.txt [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.html [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.txt [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.html [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.txt [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.html [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.txt [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.html [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.txt [2015-12-09] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:56316;https=127.0.0.1:56316
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5A4F0A5F-8EA0-44EA-AF9A-AB6E3FBD2D6E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60705F6F-02B6-478A-8328-509DFE8E8627}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{93C72F3C-2101-442B-AF59-DE2394A5DAD8}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1413646066&from=cor&uid=395049983_1052514_486366F8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1413646066&from=cor&uid=395049983_1052514_486366F8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1413646066&from=cor&uid=395049983_1052514_486366F8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1413646066&from=cor&uid=395049983_1052514_486366F8&q={searchTerms}
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aravebulun.com/?yeni
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtBtDtDyDyEyByEyCzzyBtByCyC0FzztN0D0Tzu0SyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=557507326&ir=
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=102&itype=n&ver=13986&tm=-15857&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=102&itype=n&ver=13986&tm=-15857&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtBtDtDyDyEyByEyCzzyBtByCyC0FzztN0D0Tzu0SyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=557507326&ir=
SearchScopes: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321902&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP624C4886-2FC0-431C-8A53-0B5325F4DBC7&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtBtDtDyDyEyByEyCzzyBtByCyC0FzztN0D0Tzu0SyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=557507326&ir=
SearchScopes: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=102&itype=n&ver=13986&tm=-15857&src=ds&p={searchTerms}
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-15] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-15] (Oracle Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1413643916&from=bdo&uid=395049983_1052514_486366F8
FireFox:
========
FF ProfilePath: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-20] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-20] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-03] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-03] (RealNetworks, Inc.)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-10-18] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-10-18] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3445553229-585193536-3719774176-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Multimedia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-07-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-11-19] (Apple Inc.)
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\conduit-search.xml [2014-03-21]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+amx.html [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+amx.txt [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+bhm.html [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+bhm.txt [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+vrm.html [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+vrm.txt [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\softonic.xml [2013-03-25]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\web-search.xml [2010-11-03]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml [2014-10-18]
FF Extension: NoScript - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-12-09]
FF Extension: HTTPS-Everywhere - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\extensions\https-everywhere@eff.org [2015-12-09]
FF Extension: Snap Links Plus - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2015-06-07]
FF Extension: iMacros for Firefox - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-12-09]
FF Extension: Video DownloadHelper - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-28]
FF Extension: Adblock Plus - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-28]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-06-12] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ACHTUNG
Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.google.de/
CHR StartupUrls: Profile 2 -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09]
CHR Extension: (Google Docs) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Google Drive) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09]
CHR Extension: (YouTube) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (Adblock Plus) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-09]
CHR Extension: (Adblock für Youtube™) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-12-09]
CHR Extension: (Google-Suche) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (Google Tabellen) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09]
CHR Extension: (Google Docs Offline) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-09]
CHR Extension: (Lyoness Cashback Bar) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ibocncflemnoggjhchgnakpnhdiajnjl [2015-12-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-09]
CHR Extension: (Google Mail) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S4 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()
S4 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-18] (globalUpdate) [Datei ist nicht signiert] <==== ACHTUNG
S4 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-18] (globalUpdate) [Datei ist nicht signiert] <==== ACHTUNG
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [20752 2012-05-11] (Mobile Stream)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-12-09] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-09] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2011-07-13] (Sony Ericsson Mobile Communications) [Datei ist nicht signiert]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S1 ttnfd; system32\drivers\ttnfd.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-10 16:29 - 2015-12-10 16:29 - 00083510 _____ C:\Users\Bülent\Downloads\FRST1.txt
2015-12-10 16:08 - 2015-12-10 16:08 - 00039597 _____ C:\Users\Bülent\Downloads\Addition (1).txt
2015-12-10 16:08 - 2015-12-10 16:08 - 00007015 _____ C:\Users\Bülent\Downloads\Gmer.txt
2015-12-10 16:08 - 2015-12-10 16:08 - 00000474 _____ C:\Users\Bülent\Downloads\defogger_disable (1).txt
2015-12-10 16:07 - 2015-12-10 16:07 - 00039597 _____ C:\Users\Bülent\Downloads\Addition.txt
2015-12-10 16:05 - 2015-12-10 16:05 - 00065154 _____ C:\Users\Bülent\Desktop\FRST2.txt
2015-12-10 15:59 - 2015-12-10 15:59 - 00000474 _____ C:\Users\Bülent\Downloads\defogger_disable.txt
2015-12-10 15:52 - 2015-12-10 15:52 - 477469582 _____ C:\Windows\MEMORY.DMP
2015-12-10 15:52 - 2015-12-10 15:52 - 00475928 _____ C:\Windows\Minidump\121015-16910-01.dmp
2015-12-10 15:38 - 2015-12-10 15:38 - 00000000 ____D C:\Users\Multimedia\AppData\Local\ElevatedDiagnostics
2015-12-10 15:23 - 2015-12-10 16:05 - 00083510 _____ C:\Users\Bülent\Desktop\FRST1.txt
2015-12-10 15:23 - 2015-12-10 14:23 - 00039597 _____ C:\Users\Bülent\Desktop\Addition.txt
2015-12-10 15:21 - 2015-12-10 15:21 - 00007015 _____ C:\Users\Bülent\Desktop\Gmer.txt
2015-12-10 15:04 - 2015-12-10 15:04 - 00380416 _____ C:\Users\Bülent\Desktop\ztts6src.exe
2015-12-10 15:02 - 2015-12-10 15:02 - 00000474 _____ C:\Users\Bülent\Desktop\defogger_disable.txt
2015-12-10 15:02 - 2015-12-10 15:02 - 00000000 _____ C:\Users\Bülent\defogger_reenable
2015-12-10 15:00 - 2015-12-10 15:00 - 00050477 _____ C:\Users\Bülent\Desktop\Defogger.exe
2015-12-10 14:32 - 2015-12-10 16:36 - 00000000 ____D C:\Users\Bülent\AppData\Local\Google
2015-12-10 14:32 - 2015-12-10 14:32 - 00002251 _____ C:\Users\Bülent\Desktop\Google Chrome.lnk
2015-12-10 14:32 - 2015-12-10 14:32 - 00001425 _____ C:\Users\Bülent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-10 14:32 - 2015-12-10 14:32 - 00000000 ____D C:\Users\Bülent\AppData\Roaming\Adobe
2015-12-10 14:31 - 2015-12-10 14:31 - 00000000 ____D C:\Users\Bülent\AppData\Local\VirtualStore
2015-12-10 14:29 - 2015-12-10 15:02 - 00000000 ____D C:\Users\Bülent
2015-12-10 14:29 - 2015-12-10 14:29 - 00000020 ___SH C:\Users\Bülent\ntuser.ini
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Vorlagen
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Startmenü
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Netzwerkumgebung
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Lokale Einstellungen
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Eigene Dateien
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Druckumgebung
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Documents\Eigene Videos
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Documents\Eigene Musik
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Documents\Eigene Bilder
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\AppData\Local\Verlauf
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\AppData\Local\Anwendungsdaten
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Anwendungsdaten
2015-12-10 14:29 - 2013-04-09 08:20 - 00000000 ____D C:\Users\Bülent\AppData\Roaming\Macromedia
2015-12-10 14:29 - 2010-05-26 02:03 - 00000000 ____D C:\Users\Bülent\AppData\Local\Microsoft Help
2015-12-10 14:29 - 2009-07-14 08:44 - 00000000 ____D C:\Users\Bülent\AppData\Roaming\Media Center Programs
2015-12-10 13:22 - 2015-12-10 13:23 - 00039083 _____ C:\Users\Multimedia\Downloads\Addition.txt
2015-12-10 13:20 - 2015-12-10 13:23 - 00151787 _____ C:\Users\Multimedia\Downloads\FRST.txt
2015-12-10 13:19 - 2015-12-10 16:43 - 00000000 ____D C:\FRST
2015-12-09 19:12 - 2015-12-09 19:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-09 19:12 - 2015-12-09 19:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 19:12 - 2015-12-09 19:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-09 19:11 - 2015-12-09 19:11 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Multimedia\Downloads\mbar-1.09.3.1001.exe
2015-12-09 19:11 - 2015-12-09 19:11 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 19:11 - 2015-12-09 19:11 - 00000000 ____D C:\Users\Multimedia\Desktop\mbar
2015-12-09 18:48 - 2015-12-09 18:48 - 00000000 ____D C:\.Trash-999
2015-12-09 18:00 - 2015-12-09 18:00 - 00001638 _____ C:\Windows\system32\Benim senden bir isteğim olacak bildiğim kadarıyla senin telefonun da samsung ve bir telefoncuya git ve onlara Viber diye bir program var onu yüklet bunu yapmayı ama unutma ve benim telefon n.txt.lnk
2015-12-09 17:37 - 2015-12-10 22:42 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-12-09 17:37 - 2015-12-09 17:38 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2015-12-09 17:37 - 2015-12-09 17:37 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Multimedia\Downloads\LinuxLive_USB_Creator_2.9.4.exe
2015-12-09 17:30 - 2015-12-10 15:58 - 00257520 _____ C:\Windows\ntbtlog.txt
2015-12-09 17:18 - 2015-12-10 12:57 - 00000000 ____D C:\Users\Multimedia\Desktop\vvv Files
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\Downloads\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\Documents\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\Downloads\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\Documents\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\Downloads\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\Documents\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\Downloads\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\Documents\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\how_recover+vrm.txt
2015-12-09 14:09 - 2015-12-09 14:09 - 00009620 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+vrm.html
2015-12-09 14:09 - 2015-12-09 14:09 - 00002787 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Local\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Local\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\Downloads\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\Documents\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\LocalLow\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\Downloads\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\Documents\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\LocalLow\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Public\Documents\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Public\Documents\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Local\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Roaming\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Local\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:07 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:07 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:06 - 2015-12-09 14:07 - 00009620 _____ C:\ProgramData\how_recover+vrm.html
2015-12-09 14:06 - 2015-12-09 14:07 - 00002787 _____ C:\ProgramData\how_recover+vrm.txt
2015-12-09 14:06 - 2015-12-09 14:06 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_owpbkiaym.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\Downloads\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\Documents\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\Downloads\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\Documents\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\Downloads\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\Documents\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\Downloads\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\Documents\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\how_recover+bhm.txt
2015-12-09 12:29 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.html
2015-12-09 12:29 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.txt
2015-12-09 12:29 - 2015-12-09 12:29 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:29 - 2015-12-09 12:29 - 00009620 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+bhm.html
2015-12-09 12:29 - 2015-12-09 12:29 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:29 - 2015-12-09 12:29 - 00002787 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\Local\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\Local\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\Downloads\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\Documents\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\LocalLow\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\Downloads\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\Documents\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\LocalLow\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\how_recover+bhm.txt
2015-12-09 12:26 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:26 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Local\how_recover+bhm.html
2015-12-09 12:26 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Roaming\how_recover+bhm.txt
2015-12-09 12:26 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Local\how_recover+bhm.txt
2015-12-09 12:26 - 2015-12-09 12:26 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:26 - 2015-12-09 12:26 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:25 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Public\Documents\how_recover+bhm.html
2015-12-09 12:25 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Public\Documents\how_recover+bhm.txt
2015-12-09 12:25 - 2015-12-09 12:26 - 00009620 _____ C:\ProgramData\how_recover+bhm.html
2015-12-09 12:25 - 2015-12-09 12:26 - 00002787 _____ C:\ProgramData\how_recover+bhm.txt
2015-12-09 12:24 - 2015-12-09 12:24 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_ljfgqgthi.txt
2015-12-09 12:22 - 2015-12-09 12:22 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_vjcfxqcof.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\Downloads\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\Documents\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\Downloads\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\Downloads\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\Documents\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\Downloads\how_recover+amx.txt
2015-12-09 10:33 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\Documents\how_recover+amx.html
2015-12-09 10:33 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\Documents\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\AppData\Local\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\AppData\Local\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\Downloads\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\Documents\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\LocalLow\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\Downloads\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\Documents\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\LocalLow\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\how_recover+amx.txt
2015-12-09 10:11 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Roaming\how_recover+amx.html
2015-12-09 10:11 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Local\how_recover+amx.html
2015-12-09 10:11 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Roaming\how_recover+amx.txt
2015-12-09 10:11 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Local\how_recover+amx.txt
2015-12-09 10:10 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Public\Documents\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Public\Documents\how_recover+amx.txt
2015-12-09 10:10 - 2015-12-09 10:11 - 00009620 _____ C:\ProgramData\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:11 - 00002787 _____ C:\ProgramData\how_recover+amx.txt
2015-12-09 10:10 - 2015-12-09 10:10 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:10 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:08 - 2015-12-09 10:08 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_yldyrxihj.txt
2015-12-07 08:29 - 2015-12-09 10:30 - 00000000 ____D C:\Users\Multimedia\Desktop\Neuer Ordner (3)
2015-12-03 11:27 - 2015-12-09 10:33 - 00183470 _____ C:\Users\Multimedia\Documents\Ghana-Project.pdf.vvv
2015-12-03 09:13 - 2015-12-09 12:30 - 00000000 ____D C:\Users\Multimedia\Desktop\Ghana Projekt Dateien
2015-11-30 18:26 - 2015-11-30 18:26 - 00001958 _____ C:\Windows\system32\Benim senden bir isteğim olacak bildiğim kadarıyla senin telefonun da samsung ve bir telefoncuya git ve onlara Viber diye bir program var onu yüklet bunu yapmayı ama unutma ve benim telefon numar.lnk
2015-11-28 10:14 - 2015-12-09 10:25 - 00000000 ____D C:\Users\Multimedia\Desktop\Ghana Video
2015-11-28 09:51 - 2015-12-09 10:29 - 00000000 ____D C:\Users\Multimedia\Desktop\Neuer Ordner
2015-11-28 07:58 - 2015-11-28 07:58 - 00428704 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-27 21:12 - 2015-11-27 21:12 - 00111288 _____ C:\Users\Multimedia\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-27 19:46 - 2015-11-27 19:46 - 00216184 _____ C:\Users\Multimedia\Documents\cc_20151127_194603.reg
2015-11-27 19:46 - 2015-11-27 19:46 - 00209792 _____ C:\Users\Multimedia\Documents\cc_20151127_194623.reg
2015-11-27 19:38 - 2015-12-09 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-27 19:38 - 2015-12-04 07:35 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-27 19:38 - 2015-11-27 19:38 - 00002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-27 19:38 - 2015-11-27 19:38 - 00000000 ____D C:\Program Files\CCleaner
2015-11-27 19:37 - 2015-11-27 19:37 - 05524624 _____ (Piriform Ltd) C:\Users\Multimedia\Downloads\ccsetup511_slim.exe
2015-11-27 09:08 - 2015-12-09 10:34 - 00145310 _____ C:\Users\Multimedia\Downloads\rechnung-2015-11-01-1153839255.pdf.vvv
2015-11-26 16:13 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-26 16:12 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-26 16:12 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-26 16:12 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-26 16:12 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-26 16:12 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-26 16:12 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-26 16:12 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-26 16:12 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-26 16:12 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-26 16:12 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-26 16:12 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-26 16:12 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-26 16:12 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-26 16:12 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-26 16:12 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-26 16:12 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-26 16:12 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-26 16:12 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-26 16:12 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-26 16:12 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-26 16:12 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-26 16:12 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-26 16:12 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-26 16:12 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-26 16:12 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-26 16:12 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-26 16:12 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-26 16:12 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-26 16:12 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-26 16:12 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-26 16:12 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-26 16:12 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-26 16:12 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-26 16:12 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-26 16:12 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-26 16:12 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-26 16:12 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-26 16:12 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-26 16:12 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-26 16:12 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-26 16:12 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-26 16:12 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-26 16:12 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-26 16:12 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-26 16:12 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-26 16:12 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-26 16:12 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-26 16:12 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-26 16:12 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-26 16:12 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-26 16:12 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-26 16:12 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-26 16:12 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-26 16:12 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-26 16:12 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-26 16:12 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-26 16:12 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-26 16:12 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-26 16:12 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-26 16:12 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-26 16:12 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-26 16:12 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-26 16:12 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-26 16:12 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-26 16:12 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-26 16:12 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-26 16:12 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-26 16:12 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-26 16:12 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-26 16:12 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-26 16:12 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-26 16:12 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-26 16:12 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-26 16:12 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-26 16:12 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-26 16:12 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-26 16:12 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-26 16:12 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-26 16:12 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-26 16:12 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-26 16:12 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-26 16:12 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-26 16:12 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-26 16:12 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-26 16:12 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-26 16:12 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-26 16:12 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-26 16:12 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-26 16:12 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-26 16:12 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-26 16:12 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-26 16:12 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-26 16:12 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-26 16:12 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-26 16:12 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-26 16:12 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-26 16:12 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-26 16:12 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-26 16:11 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-26 16:11 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-26 16:11 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-26 16:11 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-26 16:11 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-26 16:11 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-26 16:11 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-26 16:11 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-26 16:11 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-26 16:11 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-26 16:11 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-26 16:11 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-26 16:11 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-26 16:11 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-26 16:11 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-26 16:11 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-26 16:11 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-26 16:11 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-26 16:11 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-26 16:11 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-26 16:11 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-26 16:11 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-26 16:11 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-26 16:11 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-26 16:11 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-26 16:11 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-26 16:11 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-26 16:11 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-26 16:11 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-26 16:08 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-11-26 16:08 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-26 16:08 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-11-26 15:52 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-11-26 15:52 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-11-26 15:52 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-11-26 15:52 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-11-26 15:51 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-26 15:51 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-26 15:50 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-11-26 15:50 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-11-26 15:50 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-11-26 15:50 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-11-26 15:50 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-11-26 15:50 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-11-26 15:50 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-10 22:42 - 2015-04-11 11:26 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-10 22:42 - 2014-02-06 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-10 22:42 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast
2015-12-10 22:42 - 2012-09-06 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 22:42 - 2012-09-06 14:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 22:42 - 2012-09-06 14:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 22:42 - 2011-07-13 13:40 - 00000000 ____D C:\Users\UpdatusUser
2015-12-10 22:42 - 2009-10-17 03:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 22:42 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-10 16:44 - 2015-05-16 08:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-10 16:42 - 2015-05-16 08:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-10 16:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-10 15:52 - 2015-09-17 09:04 - 00000000 ____D C:\Windows\Minidump
2015-12-10 15:52 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2015-12-10 15:40 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-10 15:40 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-10 15:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-10 14:32 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-10 14:15 - 2012-12-27 10:56 - 00000000 ____D C:\Windows\pss
2015-12-10 14:14 - 2009-07-14 06:13 - 01722418 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-10 14:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-10 14:14 - 2006-10-11 08:02 - 00741124 _____ C:\Windows\system32\perfh007.dat
2015-12-10 14:14 - 2006-10-11 08:02 - 00166430 _____ C:\Windows\system32\perfc007.dat
2015-12-10 14:12 - 2010-04-29 13:43 - 00000000 ____D C:\Users\Multimedia
2015-12-09 14:10 - 2015-09-16 15:19 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\dvdcss
2015-12-09 14:10 - 2015-09-16 14:25 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\vlc
2015-12-09 14:10 - 2015-09-15 14:54 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Sun
2015-12-09 14:10 - 2015-09-10 09:58 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-12-09 14:10 - 2015-09-10 09:49 - 00000000 ____D C:\Users\Multimedia\Documents\UseNeXT
2015-12-09 14:10 - 2015-09-10 09:49 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\UseNeXT
2015-12-09 14:10 - 2015-07-24 10:34 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-09 14:10 - 2015-07-17 10:48 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\elsterformular
2015-12-09 14:10 - 2015-01-23 10:16 - 00000000 ____D C:\Users\Multimedia\Documents\JC_Anträge
2015-12-09 14:10 - 2015-01-11 17:05 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\FirefoxToolbar
2015-12-09 14:10 - 2015-01-09 19:42 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Opera Software
2015-12-09 14:10 - 2015-01-09 19:37 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\TuneUp Software
2015-12-09 14:10 - 2015-01-09 19:33 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\RHEng
2015-12-09 14:10 - 2014-12-09 14:51 - 00000000 ____D C:\Users\Multimedia\Downloads\Smartphone
2015-12-09 14:10 - 2014-10-20 09:09 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu
|
|
10.12.2015, 16:55
| #8 |
| | Windows 7: RSA-2048 Trojaner seit gestern FRST2.txt Logfiles Code:
ATTFilter \Programs\Revo Uninstaller
2015-12-09 14:10 - 2014-10-18 16:30 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\LookThisUp
2015-12-09 14:10 - 2014-10-18 15:55 - 00000000 ____D C:\Users\Multimedia\Documents\Optimizer Pro
2015-12-09 14:10 - 2014-10-18 15:54 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Systweak
2015-12-09 14:10 - 2014-09-15 12:25 - 00000000 __RSD C:\Users\Multimedia\Documents\My Stationery
2015-12-09 14:10 - 2014-07-21 09:20 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Naru
2015-12-09 14:10 - 2014-07-21 09:20 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Ekeras
2015-12-09 14:10 - 2014-05-17 11:11 - 00000000 ____D C:\Users\Multimedia\Downloads\FileZilla_3.8.0_win32
2015-12-09 14:10 - 2014-05-17 11:11 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\FileZilla
2015-12-09 14:10 - 2014-01-24 16:00 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\DAEMON Tools Lite
2015-12-09 14:10 - 2013-12-16 18:20 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\EPSON
2015-12-09 14:10 - 2013-11-27 20:42 - 00000000 ____D C:\Users\Multimedia\Documents\LG OSP
2015-12-09 14:10 - 2013-07-30 10:03 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\WinRAR
2015-12-09 14:10 - 2013-07-30 10:03 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 14:10 - 2013-07-20 15:37 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Skype
2015-12-09 14:10 - 2013-06-26 10:21 - 00000000 ____D C:\Users\Multimedia\Formular-Management-System der Bundesfinanzverwaltung (010190 - KG 1 - Anlage Kind)_files
2015-12-09 14:10 - 2013-04-09 11:59 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\PDAppFlex
2015-12-09 14:10 - 2013-04-09 08:35 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\SolidDocuments
2015-12-09 14:10 - 2012-12-03 11:21 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\QuickScan
2015-12-09 14:10 - 2012-11-16 14:48 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\HpUpdate
2015-12-09 14:10 - 2012-10-20 13:25 - 00000000 ____D C:\Users\Multimedia\Documents\My Games
2015-12-09 14:10 - 2012-09-27 14:15 - 00000000 ____D C:\Users\Multimedia\Downloads\CNL_BB_topless_v1
2015-12-09 14:10 - 2012-09-22 13:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Amazon_Appstore
2015-12-09 14:10 - 2012-08-03 15:33 - 00000000 ____D C:\Users\Multimedia\Documents\lieferschein-drucken-Dateien
2015-12-09 14:10 - 2012-07-21 15:25 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\NVIDIA
2015-12-09 14:10 - 2012-07-21 12:04 - 00000000 ___SD C:\Users\Multimedia\Documents\Eigene Datenquellen
2015-12-09 14:10 - 2012-07-19 18:39 - 00000000 ____D C:\Users\Multimedia\temp
2015-12-09 14:10 - 2011-12-28 17:05 - 00000000 ___RD C:\Users\Multimedia\Documents\Scanned Documents
2015-12-09 14:10 - 2011-12-28 17:05 - 00000000 ____D C:\Users\Multimedia\Documents\Fax
2015-12-09 14:10 - 2011-12-07 14:03 - 00000000 ____D C:\Users\Multimedia\Downloads\EG-V1_2_17_34_EFI
2015-12-09 14:10 - 2011-12-07 14:01 - 00000000 ____D C:\Users\Multimedia\Downloads\Express_Gate_Cloud_Source_Code
2015-12-09 14:10 - 2011-12-07 11:57 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Download Manager
2015-12-09 14:10 - 2011-11-25 22:21 - 00000000 ____D C:\Users\Multimedia\Downloads\avira_registry_cleaner_de
2015-12-09 14:10 - 2011-11-24 20:58 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\yWorks
2015-12-09 14:10 - 2011-11-03 14:10 - 00000000 ____D C:\Users\Multimedia\Documents\DVDVideoSoft
2015-12-09 14:10 - 2011-11-03 14:10 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\DVDVideoSoft
2015-12-09 14:10 - 2011-10-24 12:22 - 00000000 ____D C:\Users\Multimedia\Downloads\Auhip_5098_port
2015-12-09 14:10 - 2011-09-12 11:41 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\InstallShield
2015-12-09 14:10 - 2011-07-22 11:31 - 00000000 ____D C:\Users\Multimedia\Documents\LG PC Suite IV
2015-12-09 14:10 - 2011-07-13 14:27 - 00000000 ____D C:\Users\Multimedia\Downloads\SuperOneClick
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\SuperOneClickv1.9-ShortFuse.Drivers
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Root
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Exploits
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Dependencies
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\ADB
2015-12-09 14:10 - 2011-07-13 13:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs
2015-12-09 14:10 - 2011-07-13 13:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2015-12-09 14:10 - 2011-07-13 12:33 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2015-12-09 14:10 - 2011-07-08 11:05 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Template
2015-12-09 14:10 - 2011-06-27 14:59 - 00000000 ____D C:\Users\Multimedia\Documents\OneNote-Notizbücher
2015-12-09 14:10 - 2011-06-17 16:56 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\ScanSoft
2015-12-09 14:10 - 2011-06-14 11:46 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Logitech
2015-12-09 14:10 - 2011-06-14 11:46 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Leadertech
2015-12-09 14:10 - 2011-06-14 10:33 - 00000000 ____D C:\Users\Multimedia\Documents\Eigene PaperPort-Dokumente
2015-12-09 14:10 - 2011-06-14 10:33 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Zeon
2015-12-09 14:10 - 2011-01-25 13:54 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\TeamViewer
2015-12-09 14:10 - 2010-10-03 16:07 - 00000000 ____D C:\Users\Multimedia\Downloads\[www.busters.to]...Asterix.bei.den.Olympischen.Spielen.German.AC3.DVDRip.XviD-CRUCiAL
2015-12-09 14:10 - 2010-09-13 14:16 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\uTorrent
2015-12-09 14:10 - 2010-08-20 13:38 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Nero
2015-12-09 14:10 - 2010-06-11 11:47 - 00000000 ____D C:\Users\Multimedia\Documents\iMacros
2015-12-09 14:10 - 2010-05-13 21:23 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\GameConsole
2015-12-09 14:10 - 2010-05-08 05:51 - 00000000 ____D C:\Users\Multimedia\dwhelper
2015-12-09 14:10 - 2010-05-07 12:28 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Win7codecs
2015-12-09 14:10 - 2010-05-07 12:17 - 00000000 ____D C:\Users\Multimedia\Tracing
2015-12-09 14:10 - 2010-05-01 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\DivX
2015-12-09 14:10 - 2010-04-29 15:57 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Mozilla
2015-12-09 14:10 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Google
2015-12-09 14:10 - 2010-04-29 13:46 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Macromedia
2015-12-09 14:10 - 2010-04-29 13:43 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Media Center Programs
2015-12-09 14:10 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-09 14:10 - 2006-10-10 22:34 - 00000000 ____D C:\Users\Public\Documents\Screensaver
2015-12-09 14:09 - 2015-09-17 13:31 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\AVG
2015-12-09 14:09 - 2015-09-15 14:53 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Oracle
2015-12-09 14:09 - 2015-07-24 10:31 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Steam
2015-12-09 14:09 - 2015-06-24 10:04 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Battle.net
2015-12-09 14:09 - 2015-01-12 12:03 - 00000000 __SHD C:\Users\Multimedia\AppData\LocalLow\EmieBrowserModeList
2015-12-09 14:09 - 2015-01-09 19:42 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Opera Software
2015-12-09 14:09 - 2015-01-09 19:37 - 00000000 ____D C:\Users\Multimedia\AppData\Local\TuneUp Software
2015-12-09 14:09 - 2014-10-18 16:28 - 00000000 ____D C:\Users\Multimedia\AppData\Local\mbot_de_177
2015-12-09 14:09 - 2014-10-08 13:09 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\CodeTwo CatMan
2015-12-09 14:09 - 2014-06-11 12:53 - 00000000 __SHD C:\Users\Multimedia\AppData\LocalLow\EmieUserList
2015-12-09 14:09 - 2014-05-14 14:25 - 00000000 __SHD C:\Users\Multimedia\AppData\LocalLow\EmieSiteList
2015-12-09 14:09 - 2014-03-06 10:43 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Skype
2015-12-09 14:09 - 2013-08-27 15:52 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\EPSON
2015-12-09 14:09 - 2013-04-09 08:21 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-12-09 14:09 - 2013-04-03 14:47 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Softonic
2015-12-09 14:09 - 2013-03-25 14:45 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Windows Live
2015-12-09 14:09 - 2012-11-16 14:46 - 00000000 ____D C:\Users\Multimedia\AppData\Local\HP
2015-12-09 14:09 - 2012-08-17 08:32 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\boost_interprocess
2015-12-09 14:09 - 2012-07-26 08:16 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Macromedia
2015-12-09 14:09 - 2012-07-21 11:18 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Unity
2015-12-09 14:09 - 2012-07-21 11:18 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Unity
2015-12-09 14:09 - 2012-03-14 08:29 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Apple Computer
2015-12-09 14:09 - 2012-02-14 18:34 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Apple Computer
2015-12-09 14:09 - 2011-11-30 13:23 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Canneverbe Limited
2015-12-09 14:09 - 2011-07-22 11:31 - 00000000 ____D C:\Users\Multimedia\AppData\Local\LG Electronics
2015-12-09 14:09 - 2011-07-13 11:19 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Sun
2015-12-09 14:09 - 2011-07-06 16:10 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Adobe
2015-12-09 14:09 - 2011-07-01 14:14 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Oberon Games
2015-12-09 14:09 - 2011-06-21 09:19 - 00000000 ___RD C:\Users\Multimedia\AppData\Roaming\Brother
2015-12-09 14:09 - 2010-10-26 19:36 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\TVU Networks
2015-12-09 14:09 - 2010-10-26 19:36 - 00000000 ____D C:\Users\Multimedia\AppData\Local\TVU Networks
2015-12-09 14:09 - 2010-09-13 14:16 - 00000000 ____D C:\Users\Multimedia\AppData\Local\uTorrent
2015-12-09 14:09 - 2010-06-30 12:37 - 00000000 ___SD C:\Users\Multimedia\AppData\LocalLow\Temp
2015-12-09 14:09 - 2010-04-30 10:08 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Microsoft Help
2015-12-09 14:09 - 2010-04-29 20:10 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Microsoft Games
2015-12-09 14:09 - 2010-04-29 15:57 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Mozilla
2015-12-09 14:09 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Adobe
2015-12-09 14:09 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Google
2015-12-09 14:09 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Google
2015-12-09 14:09 - 2010-04-29 13:45 - 00000000 ____D C:\Users\Multimedia\AppData\Local\VirtualStore
2015-12-09 14:08 - 2015-09-17 13:26 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Avg
2015-12-09 14:08 - 2015-09-15 14:54 - 00000000 ____D C:\Users\Multimedia\.oracle_jre_usage
2015-12-09 14:08 - 2015-07-24 10:31 - 00000000 ____D C:\Users\Multimedia\AppData\Local\CEF
2015-12-09 14:08 - 2015-07-17 10:50 - 00000000 ____D C:\Users\Multimedia\AppData\Local\elfopatch
2015-12-09 14:08 - 2015-06-24 10:05 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Blizzard Entertainment
2015-12-09 14:08 - 2015-06-24 10:04 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Battle.net
2015-12-09 14:08 - 2015-01-12 12:03 - 00000000 __SHD C:\Users\Multimedia\AppData\Local\EmieBrowserModeList
2015-12-09 14:08 - 2014-12-09 12:59 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Template
2015-12-09 14:08 - 2014-11-12 16:06 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Mozilla
2015-12-09 14:08 - 2014-11-12 16:06 - 00000000 ____D C:\Users\Gast\AppData\Local\Mozilla
2015-12-09 14:08 - 2014-11-12 14:20 - 00000000 ____D C:\Users\Gast\Documents\Sümeye
2015-12-09 14:08 - 2014-10-18 16:29 - 00000000 ____D C:\Users\Multimedia\AppData\Local\ConvertAd
2015-12-09 14:08 - 2014-10-18 15:58 - 00000000 ____D C:\Users\Multimedia\AppData\Local\globalUpdate
2015-12-09 14:08 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\LocalLow\EmieUserList
2015-12-09 14:08 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\LocalLow\EmieSiteList
2015-12-09 14:08 - 2014-05-14 14:25 - 00000000 __SHD C:\Users\Multimedia\AppData\Local\EmieUserList
2015-12-09 14:08 - 2014-05-14 14:25 - 00000000 __SHD C:\Users\Multimedia\AppData\Local\EmieSiteList
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Media Center Programs
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Local\Microsoft Help
2015-12-09 14:08 - 2013-11-09 14:39 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Apps\2.0
2015-12-09 14:08 - 2012-08-17 08:32 - 00000000 ____D C:\Users\Multimedia\AppData\Local\DDMSettings
2015-12-09 14:08 - 2012-02-14 18:35 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Apple
2015-12-09 14:08 - 2010-04-29 19:54 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Adobe
2015-12-09 14:08 - 2010-04-29 13:46 - 00000000 ____D C:\Users\Multimedia\AppData\Local\EgisTec
2015-12-09 14:07 - 2015-09-18 09:28 - 00000000 ____D C:\ProgramData\DriverGenius
2015-12-09 14:07 - 2015-09-16 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-09 14:07 - 2015-09-10 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-12-09 14:07 - 2015-09-10 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-12-09 14:07 - 2015-07-17 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-12-09 14:07 - 2015-07-17 10:44 - 00000000 ____D C:\ProgramData\elsterformular
2015-12-09 14:07 - 2015-06-24 10:04 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-12-09 14:07 - 2015-06-24 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-12-09 14:07 - 2015-03-20 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-09 14:07 - 2015-03-06 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-09 14:07 - 2015-03-06 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-12-09 14:07 - 2015-01-09 19:34 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-12-09 14:07 - 2014-11-12 16:09 - 00000000 ____D C:\Users\Gast\AppData\Local\Macromedia
2015-12-09 14:07 - 2014-10-18 16:31 - 00000000 ____D C:\ProgramData\Registry Helper
2015-12-09 14:07 - 2014-10-18 15:53 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-12-09 14:07 - 2014-10-18 15:53 - 00000000 ____D C:\ProgramData\IePluginServices
2015-12-09 14:07 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\Local\EmieUserList
2015-12-09 14:07 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\Local\EmieSiteList
2015-12-09 14:07 - 2014-06-20 15:10 - 00000000 ____D C:\ProgramData\Oracle
2015-12-09 14:07 - 2014-02-14 13:41 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
2015-12-09 14:07 - 2014-01-24 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-12-09 14:07 - 2014-01-24 16:00 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-12-09 14:07 - 2013-11-09 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-12-09 14:07 - 2013-07-30 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 14:07 - 2013-07-20 15:37 - 00000000 ____D C:\ProgramData\Skype
2015-12-09 14:07 - 2013-06-12 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-12-09 14:07 - 2013-06-12 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-12-09 14:07 - 2013-06-12 12:52 - 00000000 ____D C:\ProgramData\EPSON
2015-12-09 14:07 - 2013-04-09 08:29 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-09 14:07 - 2012-11-16 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-09 14:07 - 2012-11-16 14:47 - 00000000 ____D C:\ProgramData\HP
2015-12-09 14:07 - 2012-10-20 14:27 - 00000000 ____D C:\ProgramData\Sandlot Games
2015-12-09 14:07 - 2012-08-20 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-12-09 14:07 - 2012-07-31 09:36 - 00000000 ____D C:\ProgramData\Mozilla
2015-12-09 14:07 - 2012-07-02 15:27 - 00000000 ____D C:\ProgramData\Friends Games
2015-12-09 14:07 - 2012-06-05 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Stream
2015-12-09 14:07 - 2011-11-30 13:23 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-12-09 14:07 - 2011-11-24 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor
2015-12-09 14:07 - 2011-09-12 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-12-09 14:07 - 2011-08-03 14:16 - 00000000 ____D C:\ProgramData\Sun
2015-12-09 14:07 - 2011-07-22 11:59 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2015-12-09 14:07 - 2011-07-13 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Basic 6.0 Runtime&Steuerelemente
2015-12-09 14:07 - 2011-07-13 11:26 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2015-12-09 14:07 - 2011-06-23 14:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-09 14:07 - 2011-06-20 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
2015-12-09 14:07 - 2011-06-20 09:56 - 00000000 ____D C:\ProgramData\Macromedia
2015-12-09 14:07 - 2011-06-17 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 9.0
2015-12-09 14:07 - 2011-06-14 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-09 14:07 - 2011-06-14 11:42 - 00000000 ____D C:\ProgramData\Logitech
2015-12-09 14:07 - 2011-06-14 11:41 - 00000000 ____D C:\ProgramData\LogiShrd
2015-12-09 14:07 - 2011-06-14 10:32 - 00000000 ____D C:\ProgramData\InstallShield
2015-12-09 14:07 - 2011-06-14 10:30 - 00000000 ____D C:\ProgramData\ScanSoft
2015-12-09 14:07 - 2011-06-14 09:31 - 00000000 ____D C:\ProgramData\Brother
2015-12-09 14:07 - 2011-06-13 14:57 - 00000000 ____D C:\ProgramData\ODIR
2015-12-09 14:07 - 2011-05-03 19:27 - 00000000 ____D C:\ProgramData\TEMP
2015-12-09 14:07 - 2010-10-26 19:36 - 00000000 ____D C:\ProgramData\TVU Networks
2015-12-09 14:07 - 2010-08-23 14:18 - 00000000 ____D C:\ProgramData\NortonInstaller
2015-12-09 14:07 - 2010-08-23 14:18 - 00000000 ____D C:\ProgramData\Norton
2015-12-09 14:07 - 2010-05-07 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2015-12-09 14:07 - 2010-05-07 12:23 - 00000000 ____D C:\ProgramData\Win7codecs
2015-12-09 14:07 - 2010-05-01 15:52 - 00000000 ____D C:\ProgramData\DivX
2015-12-09 14:07 - 2009-10-17 03:39 - 00000000 ____D C:\ProgramData\Symantec
2015-12-09 14:07 - 2009-10-17 03:39 - 00000000 ____D C:\ProgramData\OEM
2015-12-09 14:07 - 2009-10-17 03:39 - 00000000 ____D C:\ProgramData\EgisTec
2015-12-09 14:07 - 2009-10-17 03:37 - 00000000 ____D C:\ProgramData\eSobi
2015-12-09 14:07 - 2009-10-17 03:30 - 00000000 ____D C:\ProgramData\Nero
2015-12-09 14:07 - 2009-10-17 03:28 - 00000000 ____D C:\ProgramData\SiteAdvisor
2015-12-09 14:07 - 2009-10-17 03:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-12-09 14:07 - 2009-10-17 03:24 - 00000000 ____D C:\ProgramData\McAfee
2015-12-09 14:07 - 2009-10-17 03:23 - 00000000 ____D C:\ProgramData\Partner
2015-12-09 14:07 - 2009-10-17 03:23 - 00000000 ____D C:\ProgramData\Google
2015-12-09 14:07 - 2009-10-17 03:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-09 14:07 - 2009-10-17 03:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-09 14:07 - 2009-10-17 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2015-12-09 14:07 - 2009-10-17 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2015-12-09 14:07 - 2009-10-17 02:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-09 14:07 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-09 14:07 - 2006-10-10 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-12-09 14:07 - 2006-10-10 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-09 14:07 - 2006-10-10 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-12-09 14:07 - 2006-10-10 22:13 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-09 14:06 - 2015-09-17 08:39 - 00000000 ____D C:\ProgramData\AVG
2015-12-09 14:06 - 2015-06-24 10:01 - 00000000 ____D C:\ProgramData\Battle.net
2015-12-09 14:06 - 2015-03-06 15:27 - 00000000 ____D C:\ProgramData\Apple Computer
2015-12-09 14:06 - 2014-10-20 09:25 - 00000000 ____D C:\ProgramData\374311380
2015-12-09 14:06 - 2014-10-18 15:51 - 00000000 ____D C:\ab42784a-c434-4487-a840-d10eaa9a0cf6
2015-12-09 14:06 - 2014-02-16 17:31 - 00000000 ____D C:\bkazan_ablage
2015-12-09 14:06 - 2012-07-20 16:10 - 00000000 ____D C:\0a66a0105cf1a8146a0619
2015-12-09 14:06 - 2012-02-14 18:34 - 00000000 ____D C:\ProgramData\Apple
2015-12-09 14:06 - 2011-07-22 12:06 - 00000000 ____D C:\GD880
2015-12-09 14:06 - 2011-07-20 09:05 - 00000000 ____D C:\Medion
2015-12-09 14:06 - 2011-07-13 14:19 - 00000000 ____D C:\SuperOneClick
2015-12-09 14:06 - 2009-10-17 03:40 - 00000000 ___HD C:\OEM
2015-12-09 14:06 - 2009-10-17 03:36 - 00000000 ____D C:\ProgramData\Adobe
2015-12-09 14:06 - 2009-10-17 03:20 - 00000000 ____D C:\ProgramData\Acer
2015-12-09 14:06 - 2009-10-17 03:12 - 00000000 ____D C:\ProgramData\BackupManager
2015-12-09 14:06 - 2009-07-14 04:20 - 00000000 ____D C:\PerfLogs
2015-12-09 14:06 - 2006-10-10 22:20 - 00000000 ____D C:\book
2015-12-09 10:34 - 2015-10-23 15:29 - 00012142 _____ C:\Users\Multimedia\Downloads\Momox_Gratis-Paketaufkleber_604153717_1.pdf.vvv
2015-12-09 10:34 - 2015-10-13 09:34 - 00012126 _____ C:\Users\Multimedia\Downloads\Ihre Retourenmarke.pdf.vvv
2015-12-09 10:34 - 2015-10-13 09:06 - 00012126 _____ C:\Users\Multimedia\Downloads\Momox_Gratis-Paketaufkleber_876996580_1.pdf.vvv
2015-12-09 10:34 - 2015-05-25 13:41 - 00043966 _____ C:\Users\Multimedia\Downloads\Mustervertrag_15-2013.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:35 - 00250606 _____ C:\Users\Multimedia\Downloads\mdb-elterngeld-antrag.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:35 - 00131662 _____ C:\Users\Multimedia\Downloads\elterngeld_antrag (2).pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:32 - 00065598 _____ C:\Users\Multimedia\Downloads\merkblatt_elterngeld.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:31 - 00131662 _____ C:\Users\Multimedia\Downloads\elterngeld_antrag.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:31 - 00131662 _____ C:\Users\Multimedia\Downloads\elterngeld_antrag (1).pdf.vvv
2015-12-09 10:34 - 2015-04-23 13:30 - 00068014 _____ C:\Users\Multimedia\Downloads\nachweis_eigenbemuehungen.doc.vvv
2015-12-09 10:34 - 2015-04-23 13:30 - 00016814 _____ C:\Users\Multimedia\Downloads\nachweis_von_eigenbemuehungen.xls.vvv
2015-12-09 10:34 - 2015-03-21 15:33 - 00029070 _____ C:\Users\Multimedia\Downloads\erloeschen_aufenthaltstitel (1).pdf.vvv
2015-12-09 10:34 - 2015-03-21 15:07 - 00029070 _____ C:\Users\Multimedia\Downloads\erloeschen_aufenthaltstitel.pdf.vvv
2015-12-09 10:34 - 2015-03-21 15:06 - 00030094 _____ C:\Users\Multimedia\Downloads\labo_4323_antrag_auf_erteilung_der_ne_2007.pdf.vvv
2015-12-09 10:34 - 2015-02-24 18:24 - 00118814 _____ C:\Users\Multimedia\Downloads\Muell_OT_2007.pdf.vvv
2015-12-09 10:34 - 2015-02-16 10:51 - 00023550 _____ C:\Users\Multimedia\Downloads\tutis (2).odt.vvv
2015-12-09 10:34 - 2015-02-16 10:50 - 00023550 _____ C:\Users\Multimedia\Downloads\tutis (1).odt.vvv
2015-12-09 10:34 - 2015-02-16 10:48 - 00023550 _____ C:\Users\Multimedia\Downloads\tutis.odt.vvv
2015-12-09 10:34 - 2015-02-05 11:14 - 00150462 _____ C:\Users\Multimedia\Downloads\form.doc.vvv
2015-12-09 10:34 - 2015-01-10 08:04 - 00160350 _____ C:\Users\Multimedia\Downloads\mdb-gewa1_online.pdf.vvv
2015-12-09 10:34 - 2014-12-31 12:50 - 02405358 _____ C:\Users\Multimedia\Downloads\Pass_Aufenthalt.pdf.vvv
2015-12-09 10:34 - 2014-11-01 12:21 - 00345294 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000443186.pdf.vvv
2015-12-09 10:34 - 2014-11-01 11:57 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000443155.pdf.vvv
2015-12-09 10:34 - 2014-10-25 10:59 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000432162.pdf.vvv
2015-12-09 10:34 - 2014-10-21 16:21 - 00345854 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000427981.pdf.vvv
2015-12-09 10:34 - 2014-10-21 12:56 - 00345934 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000427713.pdf.vvv
2015-12-09 10:34 - 2014-10-21 11:27 - 00345950 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000427560.pdf.vvv
2015-12-09 10:34 - 2014-10-16 10:06 - 00345774 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000423284.pdf.vvv
2015-12-09 10:34 - 2014-10-16 09:33 - 00345310 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000423234.pdf.vvv
2015-12-09 10:34 - 2014-10-15 16:13 - 00345870 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000422714.pdf.vvv
2015-12-09 10:34 - 2014-10-15 10:29 - 00345454 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000422311.pdf.vvv
2015-12-09 10:34 - 2014-10-15 07:53 - 00005550 _____ C:\Users\Multimedia\Downloads\Export_15_10_2014_06-52-37.xls.vvv
2015-12-09 10:34 - 2014-10-15 07:52 - 00005550 _____ C:\Users\Multimedia\Downloads\Export_15_10_2014_06-52-25.xls.vvv
2015-12-09 10:34 - 2014-10-14 11:42 - 00345358 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000421088.pdf.vvv
2015-12-09 10:34 - 2014-10-13 09:36 - 00345918 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000419580.pdf.vvv
2015-12-09 10:34 - 2014-10-10 15:11 - 00345422 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000418043.pdf.vvv
2015-12-09 10:34 - 2014-10-10 10:52 - 00345086 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000417755.pdf.vvv
2015-12-09 10:34 - 2014-10-09 11:34 - 00345246 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000416737.pdf.vvv
2015-12-09 10:34 - 2014-10-07 16:05 - 00345486 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000414784.pdf.vvv
2015-12-09 10:34 - 2014-10-07 09:48 - 00227854 _____ C:\Users\Multimedia\Downloads\kostenlose Vorlage Untermietvertrag (227 KB).pdf.vvv
2015-12-09 10:34 - 2014-10-07 09:48 - 00227854 _____ C:\Users\Multimedia\Downloads\kostenlose Vorlage Untermietvertrag (227 KB) (1).pdf.vvv
2015-12-09 10:34 - 2014-10-07 09:48 - 00041902 _____ C:\Users\Multimedia\Downloads\untermietervertrag.doc.vvv
2015-12-09 10:34 - 2014-10-06 09:40 - 00344494 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000412401.pdf.vvv
2015-12-09 10:34 - 2014-10-01 19:35 - 00092078 _____ C:\Users\Multimedia\Downloads\Export_01_10_2014_18-35-14.xls.vvv
2015-12-09 10:34 - 2014-10-01 12:48 - 00345294 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000409293.pdf.vvv
2015-12-09 10:34 - 2014-09-30 18:09 - 00346462 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408527.pdf.vvv
2015-12-09 10:34 - 2014-09-30 17:47 - 00346302 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408504.pdf.vvv
2015-12-09 10:34 - 2014-09-30 17:28 - 00345758 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408484.pdf.vvv
2015-12-09 10:34 - 2014-09-30 15:45 - 00345710 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408413.pdf.vvv
2015-12-09 10:34 - 2014-09-30 15:04 - 00346158 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408355.pdf.vvv
2015-12-09 10:34 - 2014-09-30 14:52 - 00345598 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408344.pdf.vvv
2015-12-09 10:34 - 2014-09-30 10:01 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407881.pdf.vvv
2015-12-09 10:34 - 2014-09-30 09:58 - 00345854 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407870.pdf.vvv
2015-12-09 10:34 - 2014-09-30 09:55 - 00346062 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407859.pdf.vvv
2015-12-09 10:34 - 2014-09-30 09:51 - 00345566 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407847.pdf.vvv
2015-12-09 10:34 - 2014-09-30 08:48 - 00345806 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407750.pdf.vvv
2015-12-09 10:34 - 2014-09-26 07:28 - 00345374 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000404370.pdf.vvv
2015-12-09 10:34 - 2014-09-25 13:03 - 00345934 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000403653.pdf.vvv
2015-12-09 10:34 - 2014-09-25 08:36 - 00347006 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000403273.pdf.vvv
2015-12-09 10:34 - 2014-09-24 11:52 - 00346302 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000402458.pdf.vvv
2015-12-09 10:34 - 2014-09-24 09:49 - 00005038 _____ C:\Users\Multimedia\Downloads\Export_24_09_2014_08-49-07.xls.vvv
2015-12-09 10:34 - 2014-09-24 08:12 - 00005038 _____ C:\Users\Multimedia\Downloads\Export_24_09_2014_07-12-25.xls.vvv
2015-12-09 10:34 - 2014-09-23 13:49 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000401253.pdf.vvv
2015-12-09 10:34 - 2014-09-23 13:46 - 00345326 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000401246.pdf.vvv
2015-12-09 10:34 - 2014-09-22 14:35 - 00345566 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399902.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:59 - 00346078 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399530.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:21 - 00346206 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399495.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:16 - 00344926 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399491.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:12 - 00346462 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399486.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:07 - 00345998 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399475.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:07 - 00345998 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399475 (1).pdf.vvv
2015-12-09 10:34 - 2014-09-22 07:28 - 00345278 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399446.pdf.vvv
2015-12-09 10:34 - 2014-09-16 18:14 - 00345662 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000395542.pdf.vvv
2015-12-09 10:34 - 2014-09-16 17:43 - 00345886 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000395503.pdf.vvv
2015-12-09 10:34 - 2014-09-13 11:08 - 00029630 _____ C:\Users\Multimedia\Downloads\Order.pdf.vvv
2015-12-09 10:34 - 2014-09-12 12:00 - 00007086 _____ C:\Users\Multimedia\Downloads\Export_12_09_2014_11-00-25.xls.vvv
2015-12-09 10:34 - 2014-05-24 11:45 - 00321758 _____ C:\Users\Multimedia\Downloads\l6019022dstbai378191.pdf.vvv
2015-12-09 10:34 - 2014-05-17 11:10 - 07386542 _____ C:\Users\Multimedia\Downloads\FileZilla_3.8.0_win32.zip.vvv
2015-12-09 10:34 - 2014-05-06 12:35 - 00122830 _____ C:\Users\Multimedia\Downloads\Outlook.com.zip.vvv
2015-12-09 10:34 - 2014-03-10 11:39 - 00412286 _____ C:\Users\Multimedia\Downloads\Rapor YENI.pdf.vvv
2015-12-09 10:34 - 2013-12-30 14:36 - 01519518 _____ C:\Users\Multimedia\Downloads\Merkblatt.pdf.vvv
2015-12-09 10:34 - 2013-12-30 14:36 - 01519518 _____ C:\Users\Multimedia\Downloads\Merkblatt(1).pdf.vvv
2015-12-09 10:34 - 2013-12-30 14:34 - 00578126 _____ C:\Users\Multimedia\Downloads\Zulassungskriterien.pdf.vvv
2015-12-09 10:34 - 2013-10-30 11:33 - 00113982 _____ C:\Users\Multimedia\Downloads\TramMetro_0912_2012A3.PDF.vvv
2015-12-09 10:34 - 2013-09-25 14:34 - 00018206 _____ C:\Users\Multimedia\Downloads\SinaiBerg.docx.vvv
2015-12-09 10:34 - 2013-08-13 10:27 - 00036654 _____ C:\Users\Multimedia\Downloads\Weg_zum_Ticket_S_08-2013.pdf.vvv
2015-12-09 10:34 - 2013-08-07 08:27 - 00011470 _____ C:\Users\Multimedia\Stromabschlag.docx-2.docx.vvv
2015-12-09 10:34 - 2013-08-07 08:19 - 00011406 _____ C:\Users\Multimedia\Stromabschlag.docx.vvv
2015-12-09 10:34 - 2013-08-02 10:35 - 00010926 _____ C:\Users\Multimedia\Sajjad Ahmed.docx020813.docx.vvv
2015-12-09 10:34 - 2013-08-01 15:44 - 00048270 _____ C:\Users\Multimedia\Downloads\nutzungsordnung_der_computereinricht.pdf.vvv
2015-12-09 10:34 - 2013-08-01 15:44 - 00040958 _____ C:\Users\Multimedia\Downloads\merkblatt_regelungen_bei_fehlzeiten.pdf.vvv
2015-12-09 10:34 - 2013-07-31 12:20 - 00010894 _____ C:\Users\Multimedia\Sinaiberg e.docx.vvv
2015-12-09 10:34 - 2013-07-31 10:37 - 00012542 _____ C:\Users\Multimedia\Kooperationsvertrag.docx.vvv
2015-12-09 10:34 - 2013-07-23 08:46 - 00011198 _____ C:\Users\Multimedia\Vollmacht.docx230713.docx.vvv
2015-12-09 10:34 - 2013-07-15 11:27 - 00028078 _____ C:\Users\Multimedia\Fatma Bas.doc.vvv
2015-12-09 10:34 - 2013-06-27 12:16 - 00011518 _____ C:\Users\Multimedia\Widerspruch.docxAvcibas.docx.vvv
2015-12-09 10:34 - 2013-06-27 09:39 - 00011374 _____ C:\Users\Multimedia\Leszek Olszewski.docx.vvv
2015-12-09 10:34 - 2013-06-21 09:42 - 00011374 _____ C:\Users\Multimedia\Sinaiberg e.docxSposito_Lauro.docx.vvv
2015-12-09 10:34 - 2013-06-21 07:05 - 00155230 _____ C:\Users\Multimedia\Downloads\PDF_Rechnung_M211130074064798_06-2013.pdf.vvv
2015-12-09 10:34 - 2013-06-19 11:34 - 00083006 _____ C:\Users\Multimedia\Einkommensbescheinigung.pdfsahin_Ebru.pdf.vvv
2015-12-09 10:34 - 2013-06-19 10:27 - 00443934 _____ C:\Users\Multimedia\Hauptantrag-Arbeitslosengeld-II-1.pdfsahin.pdf.vvv
2015-12-09 10:34 - 2013-05-15 09:54 - 00050334 _____ C:\Users\Multimedia\Downloads\Tagesprogramm_Anmeldeformular_04_06_2013 (2).pdf.vvv
2015-12-09 10:34 - 2013-04-18 08:52 - 00034798 _____ C:\Users\Multimedia\Downloads\gewa1_neutral(1).pdf.vvv
2015-12-09 10:34 - 2013-04-18 08:51 - 00034798 _____ C:\Users\Multimedia\Downloads\gewa1_neutral.pdf.vvv
2015-12-09 10:34 - 2013-04-08 11:24 - 03387118 _____ C:\Users\Multimedia\Downloads\Konzept_Yücel, 15. Februar 2013(1).pdf.vvv
2015-12-09 10:34 - 2013-04-08 11:15 - 05789486 _____ C:\Users\Multimedia\Downloads\Zertifikate, 15. Februar 2013(1).pdf.vvv
2015-12-09 10:34 - 2013-04-03 12:05 - 05789486 _____ C:\Users\Multimedia\Downloads\Zertifikate, 15. Februar 2013.pdf.vvv
2015-12-09 10:34 - 2013-04-03 12:01 - 03387118 _____ C:\Users\Multimedia\Downloads\Konzept_Yücel, 15. Februar 2013.pdf.vvv
2015-12-09 10:34 - 2013-03-21 12:49 - 00154110 _____ C:\Users\Multimedia\Downloads\PDF_Rechnung_M211130067104642_03-2013.pdf.vvv
2015-12-09 10:34 - 2013-02-21 09:44 - 00405598 _____ C:\Users\Multimedia\Downloads\Tragfaehigkeitsbescheinigung (4).pdf.vvv
2015-12-09 10:34 - 2013-02-18 12:16 - 08107214 _____ C:\Users\Multimedia\Downloads\est-12.zip.vvv
2015-12-09 10:34 - 2013-01-16 15:05 - 00355518 _____ C:\Users\Multimedia\Downloads\logo_sicherheit.png.vvv
2015-12-09 10:34 - 2012-01-16 21:03 - 00108590 _____ C:\Users\Multimedia\Downloads\RegionalFolder(7).pdf.vvv
2015-12-09 10:34 - 2012-01-16 19:02 - 00104814 _____ C:\Users\Multimedia\Downloads\RegionalFolder(6).pdf.vvv
2015-12-09 10:34 - 2012-01-15 14:16 - 00109838 _____ C:\Users\Multimedia\Downloads\RegionalFolder(5).pdf.vvv
2015-12-09 10:34 - 2012-01-05 19:54 - 00111310 _____ C:\Users\Multimedia\Downloads\RegionalFolder(4).pdf.vvv
2015-12-09 10:34 - 2012-01-05 19:35 - 00109838 _____ C:\Users\Multimedia\Downloads\RegionalFolder(3).pdf.vvv
2015-12-09 10:34 - 2012-01-05 19:34 - 00106430 _____ C:\Users\Multimedia\Downloads\RegionalFolder(2).pdf.vvv
2015-12-09 10:34 - 2012-01-02 20:45 - 00110078 _____ C:\Users\Multimedia\Downloads\RegionalFolder(1).pdf.vvv
2015-12-09 10:34 - 2011-12-20 22:17 - 00030078 _____ C:\Users\Multimedia\Downloads\RegionalFolder.pdf.vvv
2015-12-09 10:34 - 2011-12-09 15:18 - 00403742 _____ C:\Users\Multimedia\Downloads\Makbuz Lyoness Engin.pdf.vvv
2015-12-09 10:34 - 2011-12-07 12:24 - 296489806 _____ C:\Users\Multimedia\Downloads\EG-V1_2_17_34_EFI.zip.vvv
2015-12-09 10:34 - 2011-11-21 13:39 - 00022062 _____ C:\Users\Multimedia\Downloads\MoDaCo_NoData.rar.vvv
2015-12-09 10:34 - 2011-07-13 12:24 - 04303326 _____ C:\Users\Multimedia\Downloads\SETreiber for Faq4mobiles.rar.vvv
2015-12-09 10:33 - 2015-08-03 13:34 - 00116398 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-07-24-1152657077 (1).pdf.vvv
2015-12-09 10:33 - 2015-08-03 13:34 - 00105630 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-01-05-115149803.pdf.vvv
2015-12-09 10:33 - 2015-08-03 13:32 - 00116398 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-07-24-1152657077.pdf.vvv
2015-12-09 10:33 - 2015-07-22 17:18 - 00144078 _____ C:\Users\Multimedia\Downloads\blau_verbindungen_22.06.2015_bis_22.07.2015.pdf.vvv
2015-12-09 10:33 - 2015-07-22 17:16 - 00244142 _____ C:\Users\Multimedia\Downloads\blau_verbindungen_03.05.2015_bis_22.07.2015.pdf.vvv
2015-12-09 10:33 - 2015-07-22 17:08 - 00111406 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-07-06-1152422097.pdf.vvv
2015-12-09 10:33 - 2015-07-02 07:12 - 00084782 _____ C:\Users\Multimedia\Downloads\antrag_auf_erlaubnis_einer_besch__ftigung.pdf.vvv
2015-12-09 10:33 - 2015-07-02 07:12 - 00084782 _____ C:\Users\Multimedia\Downloads\antrag_auf_erlaubnis_einer_besch__ftigung (1).pdf.vvv
2015-12-09 10:33 - 2015-06-13 05:38 - 00025262 _____ C:\Users\Multimedia\Documents\Dokumentvorlage mit neuem Uni.docx.vvv
2015-12-09 10:33 - 2015-06-11 10:59 - 00668958 _____ C:\Users\Multimedia\Documents\Klicken Sie hier.docx.vvv
2015-12-09 10:33 - 2015-06-07 11:05 - 00000590 ____H C:\Users\Multimedia\Desktop\~$ April 2015.docx.vvv
2015-12-09 10:33 - 2015-06-06 13:43 - 00109534 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-05-24-1151890301.pdf.vvv
2015-12-09 10:33 - 2015-05-26 12:54 - 00102334 _____ C:\Users\Multimedia\Downloads\11046331_1000576496649631_658300545086702200_n.jpg.vvv
2015-12-09 10:33 - 2015-04-29 11:15 - 00018238 _____ C:\Users\Multimedia\Documents\Merhabaa.docx.vvv
2015-12-09 10:33 - 2015-04-23 13:26 - 01917134 _____ C:\Users\Multimedia\Downloads\amip_2015.pdf.vvv
2015-12-09 10:33 - 2015-03-17 11:25 - 00021422 _____ C:\Users\Multimedia\Documents\Kundendaten (Entwicklung).xls.vvv
2015-12-09 10:33 - 2015-03-08 09:54 - 00174926 _____ C:\Users\Multimedia\Documents\Dok1.docx.vvv
2015-12-09 10:33 - 2015-02-23 12:49 - 00025214 _____ C:\Users\Multimedia\Downloads\22336434_s.jpg.vvv
2015-12-09 10:33 - 2015-02-11 20:06 - 00111278 _____ C:\Users\Multimedia\Downloads\115398926 (1).pdf.vvv
2015-12-09 10:33 - 2015-02-11 20:06 - 00105662 _____ C:\Users\Multimedia\Downloads\115525705.pdf.vvv
2015-12-09 10:33 - 2015-02-10 09:23 - 00010910 _____ C:\Users\Multimedia\Documents\- EJ-Erkl.docx.vvv
2015-12-09 10:33 - 2015-01-27 14:33 - 00111278 _____ C:\Users\Multimedia\Downloads\115398926.pdf.vvv
2015-12-09 10:33 - 2015-01-16 09:06 - 00039854 _____ C:\Users\Multimedia\Downloads\Bescheinigung_ab_01.07.2013_02 (2).xls.vvv
2015-12-09 10:33 - 2015-01-16 08:59 - 00039854 _____ C:\Users\Multimedia\Downloads\Bescheinigung_ab_01.07.2013_02 (1).xls.vvv
2015-12-09 10:33 - 2015-01-16 08:57 - 00039854 _____ C:\Users\Multimedia\Downloads\Bescheinigung_ab_01.07.2013_02.xls.vvv
2015-12-09 10:33 - 2014-12-17 14:37 - 00028174 _____ C:\Users\Multimedia\Downloads\1081_Muster_Untermietvertrag_Wohnung.docx.vvv
2015-12-09 10:33 - 2014-11-24 14:46 - 00111262 _____ C:\Users\Multimedia\Downloads\1143939404 (1).pdf.vvv
2015-12-09 10:33 - 2014-10-31 11:03 - 00087342 _____ C:\Users\Multimedia\Downloads\112987600.pdf.vvv
2015-12-09 10:33 - 2014-10-31 11:03 - 00053294 _____ C:\Users\Multimedia\Downloads\112529496.pdf.vvv
2015-12-09 10:33 - 2014-10-31 11:02 - 00111262 _____ C:\Users\Multimedia\Downloads\1143939404.pdf.vvv
2015-12-09 10:33 - 2014-10-14 10:12 - 00011774 _____ C:\Users\Multimedia\Documents\Ihre E_abel-rahman.abdel-atti.docx.vvv
2015-12-09 10:33 - 2014-10-01 19:36 - 00145662 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument (3).pdf.vvv
2015-12-09 10:33 - 2014-10-01 19:36 - 00145662 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument (2).pdf.vvv
2015-12-09 10:33 - 2014-09-20 13:07 - 00527278 _____ C:\Users\Multimedia\Downloads\CS_Lohnsteuertabelle-2014.pdf.vvv
2015-12-09 10:33 - 2014-09-20 12:39 - 00011934 _____ C:\Users\Multimedia\Documents\Ihre E93.710.docx.vvv
2015-12-09 10:33 - 2014-09-16 17:49 - 00123470 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument (1).pdf.vvv
2015-12-09 10:33 - 2014-09-08 19:34 - 00011790 _____ C:\Users\Multimedia\Documents\foustok bewerbung 2014.docx.vvv
2015-12-09 10:33 - 2014-08-29 15:10 - 00011438 _____ C:\Users\Multimedia\Documents\bedinung 1.docx.vvv
2015-12-09 10:33 - 2014-08-15 16:33 - 00010782 _____ C:\Users\Multimedia\Documents\kündigung 22.docx.vvv
2015-12-09 10:33 - 2014-07-07 18:59 - 00011918 _____ C:\Users\Multimedia\Documents\Mohamad Jamal Foustok Sybelstr.docx.vvv
2015-12-09 10:33 - 2014-07-07 12:07 - 00135342 _____ C:\Users\Multimedia\Documents\Foto.JPG.vvv
2015-12-09 10:33 - 2014-07-05 12:32 - 00011950 _____ C:\Users\Multimedia\Downloads\DHL-Paketaufkleber_23.942.pdf.vvv
2015-12-09 10:33 - 2014-07-02 13:00 - 00011982 _____ C:\Users\Multimedia\Downloads\DHL-Paketaufkleber_23.807.pdf.vvv
2015-12-09 10:33 - 2014-06-21 10:23 - 00131038 _____ C:\Users\Multimedia\Downloads\com_xmap.zip.vvv
2015-12-09 10:33 - 2014-06-03 10:57 - 02754254 _____ C:\Users\Multimedia\Downloads\141542795640129.pdf.vvv
2015-12-09 10:33 - 2014-05-28 12:28 - 00018046 _____ C:\Users\Multimedia\Downloads\DRP50157795.pdf.vvv
2015-12-09 10:33 - 2014-05-17 14:36 - 00018782 _____ C:\Users\Multimedia\Downloads\1400351786_Old_tv.png.vvv
2015-12-09 10:33 - 2014-05-17 10:42 - 00011054 _____ C:\Users\Multimedia\Downloads\1400337759_iPod Touch.png.vvv
2015-12-09 10:33 - 2014-05-09 09:14 - 00111886 _____ C:\Users\Multimedia\Downloads\1141606977.pdf.vvv
2015-12-09 10:33 - 2014-05-03 12:35 - 00173902 _____ C:\Users\Multimedia\Documents\betholz.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:28 - 00198926 _____ C:\Users\Multimedia\Documents\einze2.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:27 - 00030270 _____ C:\Users\Multimedia\Documents\einzel.jpg.vvv
2015-12-09 10:33 - 2014-05-03 12:22 - 00194526 _____ C:\Users\Multimedia\Documents\bett3.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:20 - 00182286 _____ C:\Users\Multimedia\Documents\bett ho.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:20 - 00051886 _____ C:\Users\Multimedia\Documents\bett hoh.JPG.vvv
2015-12-09 10:33 - 2014-04-02 08:06 - 00128910 _____ C:\Users\Multimedia\Downloads\ausbildungsstaetten.pdf.vvv
2015-12-09 10:33 - 2014-02-27 17:36 - 00011774 _____ C:\Users\Multimedia\Documents\Abdulhamid Wayaya Berlin den.docx.vvv
2015-12-09 10:33 - 2014-02-14 17:09 - 00019886 _____ C:\Users\Multimedia\Documents\barcli.docx.vvv
2015-12-09 10:33 - 2014-02-06 11:06 - 00603982 _____ C:\Users\Multimedia\Documents\Mietrückstand022.pdf.vvv
2015-12-09 10:33 - 2014-02-04 15:03 - 02873054 _____ C:\Users\Multimedia\Downloads\28-02-2013_003.part3.rar.vvv
2015-12-09 10:33 - 2014-01-07 09:08 - 00005982 _____ C:\Users\Multimedia\Documents\Lebenslauf Berlin den.odt.vvv
2015-12-09 10:33 - 2014-01-07 08:59 - 00006862 _____ C:\Users\Multimedia\Documents\Bewerbung.odt.vvv
2015-12-09 10:33 - 2013-09-30 13:35 - 00059038 _____ C:\Users\Multimedia\Downloads\5416234.pdf.vvv
2015-12-09 10:33 - 2013-08-06 07:50 - 00271470 _____ C:\Users\Multimedia\Downloads\E-ticket0120372337007.pdf.vvv
2015-12-09 10:33 - 2013-07-23 13:34 - 00011422 _____ C:\Users\Multimedia\Documents\Carmen Lischka.docx.vvv
2015-12-09 10:33 - 2013-07-16 09:25 - 00012654 _____ C:\Users\Multimedia\Documents\Irene Hagelganz.docx.vvv
2015-12-09 10:33 - 2013-06-27 08:56 - 00913854 _____ C:\Users\Multimedia\Downloads\131782304160129.pdf.vvv
2015-12-09 10:33 - 2013-06-21 12:01 - 00097790 _____ C:\Users\Multimedia\Downloads\Brau_u_Getraenketechnik_111215_v1_3.pdf.vvv
2015-12-09 10:33 - 2013-06-18 10:09 - 00137374 _____ C:\Users\Multimedia\Downloads\Anlage-WEP-Weitere-Personen-d-Bedarfsgemeinschaft.pdf.vvv
2015-12-09 10:33 - 2013-06-12 11:34 - 00849374 _____ C:\Users\Multimedia\Downloads\131632282060129.pdf.vvv
2015-12-09 10:33 - 2013-05-26 15:21 - 00095598 _____ C:\Users\Multimedia\Downloads\1131288575.pdf.vvv
2015-12-09 10:33 - 2013-05-26 15:21 - 00095598 _____ C:\Users\Multimedia\Downloads\1131288575(1).pdf.vvv
2015-12-09 10:33 - 2013-05-06 09:11 - 01723118 _____ C:\Users\Multimedia\Downloads\6000001663-Schluss-VWN-GCD.pdf.vvv
2015-12-09 10:33 - 2013-04-23 11:37 - 00011230 _____ C:\Users\Multimedia\Documents\Belgin Kisner.docx.vvv
2015-12-09 10:33 - 2013-04-23 11:17 - 00011774 _____ C:\Users\Multimedia\Documents\Olimpia Moldoveanu.docx.vvv
2015-12-09 10:33 - 2013-04-12 13:16 - 00011454 _____ C:\Users\Multimedia\Documents\Melanie.docx.vvv
2015-12-09 10:33 - 2013-04-08 10:19 - 00011342 _____ C:\Users\Multimedia\Documents\Farah Al Nomairy.docx.vvv
2015-12-09 10:33 - 2013-03-26 13:44 - 01112398 _____ C:\Users\Multimedia\Downloads\atlas_release_8_3.pdf.vvv
2015-12-09 10:33 - 2013-03-26 09:00 - 00849294 _____ C:\Users\Multimedia\Downloads\130852166050129(1).pdf.vvv
2015-12-09 10:33 - 2013-03-26 08:48 - 00849294 _____ C:\Users\Multimedia\Downloads\130852166050129.pdf.vvv
2015-12-09 10:33 - 2013-03-22 15:09 - 00011838 _____ C:\Users\Multimedia\Documents\Tburghard.docx.vvv
2015-12-09 10:33 - 2013-03-22 14:32 - 00011534 _____ C:\Users\Multimedia\Documents\Faik Aras.docx.vvv
2015-12-09 10:33 - 2013-02-22 09:19 - 00049838 _____ C:\Users\Multimedia\Downloads\0000267891.pdf.vvv
2015-12-09 10:33 - 2013-01-23 09:37 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(7).zip.vvv
2015-12-09 10:33 - 2012-12-20 08:49 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(6).zip.vvv
2015-12-09 10:33 - 2012-12-06 12:50 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(5).zip.vvv
2015-12-09 10:33 - 2012-11-29 10:43 - 00422270 _____ C:\Users\Multimedia\Documents\BusinessPlan_Stand 12 11 25.docx.vvv
2015-12-09 10:33 - 2012-11-20 12:11 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(4).zip.vvv
2015-12-09 10:33 - 2012-11-12 11:48 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(3).zip.vvv
2015-12-09 10:33 - 2012-11-09 08:49 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(2).zip.vvv
2015-12-09 10:33 - 2012-11-06 09:01 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(1).zip.vvv
2015-12-09 10:33 - 2012-11-05 13:04 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments.zip.vvv
2015-12-09 10:33 - 2012-11-02 09:32 - 00000430 _____ C:\Users\Multimedia\Downloads\Conan.der.Barbar.2011.BDRip.AC3.German.XviD-POE.avi.vvv
2015-12-09 10:33 - 2012-09-22 13:10 - 07880014 _____ C:\Users\Multimedia\Downloads\Amazon_Appstore.zip.vvv
2015-12-09 10:33 - 2012-08-29 15:18 - 00062302 _____ C:\Users\Multimedia\Documents\3083.Birsen_Tirtandocx.docx.vvv
2015-12-09 10:33 - 2012-08-29 08:06 - 00010910 _____ C:\Users\Multimedia\Documents\Begünstigter_Eigenanteil.docx.vvv
2015-12-09 10:33 - 2012-08-21 08:34 - 00061678 _____ C:\Users\Multimedia\Documents\3069.docx.vvv
2015-12-09 10:33 - 2012-08-21 08:00 - 00062366 _____ C:\Users\Multimedia\Documents\3068.Makrutzi, Heiner.docx.vvv
2015-12-09 10:33 - 2012-08-11 11:58 - 00002062 _____ C:\Users\Multimedia\Documents\ChatLog TeleSon Grundschulung Energie 2012_08_11 12_58.rtf.vvv
2015-12-09 10:33 - 2012-07-31 09:29 - 00062510 _____ C:\Users\Multimedia\Documents\3055_Capuozzo_Marca.docx.vvv
2015-12-09 10:33 - 2012-07-30 10:24 - 00062542 _____ C:\Users\Multimedia\Documents\3052.Aldinov_Aldindocx.docx.vvv
2015-12-09 10:33 - 2012-07-24 09:24 - 00062126 _____ C:\Users\Multimedia\Documents\3047_Kavun_Violeta.docx.vvv
2015-12-09 10:33 - 2012-07-23 08:41 - 00011278 _____ C:\Users\Multimedia\Documents\Velko Mitkov Yosifov_Ortsabwesentheitsschreiben.docx.vvv
2015-12-09 10:33 - 2012-07-20 11:38 - 00013022 _____ C:\Users\Multimedia\Documents\Amtsgericht München.docx Jasmina Ilic.docx.vvv
2015-12-09 10:33 - 2012-07-13 09:09 - 00031150 _____ C:\Users\Multimedia\Downloads\3-Antrag-Stundung-der-Verfahrenskosten.doc.vvv
2015-12-09 10:33 - 2012-07-10 15:03 - 01303982 _____ C:\Users\Multimedia\Downloads\Antrag auf Eröffnungdes Insolvenzverfahrens(1).doc.vvv
2015-12-09 10:33 - 2012-07-10 14:58 - 01303982 _____ C:\Users\Multimedia\Downloads\Antrag auf Eröffnungdes Insolvenzverfahrens.doc.vvv
2015-12-09 10:33 - 2012-07-10 09:34 - 00080302 _____ C:\Users\Multimedia\Downloads\A305_91_sbpa_7.doc.vvv
2015-12-09 10:33 - 2012-07-10 09:18 - 00117678 _____ C:\Users\Multimedia\Downloads\A305_9_glfvz_6.doc.vvv
2015-12-09 10:33 - 2012-06-27 11:40 - 00062334 _____ C:\Users\Multimedia\Documents\3029_Sposito_Lauro_Eduardo_Jose.docx.vvv
2015-12-09 10:33 - 2012-06-11 08:06 - 00038062 _____ C:\Users\Multimedia\Documents\Kassenbuch-Möbel.xlsx.vvv
2015-12-09 10:33 - 2012-06-07 12:39 - 00011150 _____ C:\Users\Multimedia\Documents\An das Jobcenter Berlin.docx.vvv
2015-12-09 10:33 - 2012-06-06 16:16 - 00009758 _____ C:\Users\Multimedia\Documents\Löhne.xlsx.vvv
2015-12-09 10:33 - 2012-03-07 22:43 - 00113886 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument.pdf.vvv
2015-12-09 10:33 - 2011-12-09 15:18 - 00986494 _____ C:\Users\Multimedia\Downloads\Belge Lyoness Engin.pdf.vvv
2015-12-09 10:33 - 2011-12-07 12:05 - 07961790 _____ C:\Users\Multimedia\Documents\G5255_Win7_German.zip.vvv
2015-12-09 10:33 - 2011-11-30 12:59 - 00587374 _____ C:\Users\Multimedia\Downloads\AntiBundestrojaner_Globell_V_1_3_3.zip.vvv
2015-12-09 10:33 - 2011-11-25 22:21 - 00110046 _____ C:\Users\Multimedia\Downloads\avira_registry_cleaner_de.zip.vvv
2015-12-09 10:33 - 2011-11-21 13:46 - 00000878 _____ C:\Users\Multimedia\Downloads\DataConnSettingTool_Readme.txt.vvv
2015-12-09 10:33 - 2011-11-07 08:08 - 00026542 _____ C:\Users\Multimedia\Documents\1Deckblatt Kirilla.doc.vvv
2015-12-09 10:33 - 2011-11-05 14:20 - 00064430 _____ C:\Users\Multimedia\Documents\Text Konzept Kirilla.doc.vvv
2015-12-09 10:33 - 2011-10-24 12:21 - 03444542 _____ C:\Users\Multimedia\Downloads\Auhip_5098_port.rar.vvv
2015-12-09 10:33 - 2011-07-18 14:42 - 00064158 _____ C:\Users\Multimedia\Downloads\AGB.pdf.vvv
2015-12-09 10:33 - 2011-07-13 15:39 - 03070366 _____ C:\Users\Multimedia\Downloads\com.android.vending-1.apk.vvv
2015-12-09 10:33 - 2011-02-27 10:46 - 03909038 _____ C:\Users\Multimedia\Downloads\Bilgilendirme_Brosuru.doc.vvv
2015-12-09 10:33 - 2011-02-16 04:15 - 00044462 _____ C:\Users\Multimedia\Documents\Michael Strogoff.doc.vvv
2015-12-09 10:33 - 2011-02-13 10:07 - 00052654 _____ C:\Users\Multimedia\Documents\KfW-Gründercoaches.xls.vvv
2015-12-09 10:33 - 2011-02-12 22:49 - 00051118 _____ C:\Users\Multimedia\Documents\Die chaotische Klasse.doc.vvv
2015-12-09 10:33 - 2011-01-22 17:25 - 00260014 _____ C:\Users\Multimedia\Documents\I.doc.vvv
2015-12-09 10:33 - 2011-01-19 23:05 - 00103342 _____ C:\Users\Multimedia\Documents\OttomanEmpireIn1683tr.png.vvv
2015-12-09 10:33 - 2011-01-19 22:54 - 00313726 _____ C:\Users\Multimedia\Documents\BustOfAyseHafsaSultan_ManisaTurkey.jpg.vvv
2015-12-09 10:33 - 2011-01-19 22:46 - 00148814 _____ C:\Users\Multimedia\Documents\Europe_map_450.PNG.vvv
2015-12-09 10:33 - 2011-01-19 22:45 - 00071518 _____ C:\Users\Multimedia\Documents\395px-Europe_map_450.PNG.vvv
2015-12-09 10:33 - 2011-01-19 22:43 - 00185630 _____ C:\Users\Multimedia\Documents\450_roman-hunnic-empire_1764x1116.jpg.vvv
2015-12-09 10:33 - 2010-10-19 20:53 - 00018174 _____ C:\Users\Multimedia\Documents\Adriano Celentano.docx.vvv
2015-12-09 10:33 - 2010-10-17 20:27 - 00409102 _____ C:\Users\Multimedia\Documents\1.lig sonucu 1959-2000.xlsx.vvv
2015-12-09 10:33 - 2010-09-25 18:09 - 00173134 _____ C:\Users\Multimedia\Documents\DM1903_1963.xlsb.vvv
2015-12-09 10:33 - 2010-09-02 22:03 - 00062926 _____ C:\Users\Multimedia\Documents\U090615-004a.jpg.vvv
2015-12-09 10:33 - 2010-09-02 22:02 - 00059598 _____ C:\Users\Multimedia\Documents\WMF Modell 2200 Silberbesteck.jpg.vvv
2015-12-09 10:33 - 2010-09-02 22:01 - 00068878 _____ C:\Users\Multimedia\Documents\WMF Modell 2200 Silberbestecka.jpg.vvv
2015-12-09 10:33 - 2010-08-17 21:57 - 00710062 _____ C:\Users\Multimedia\Documents\ZDF-Hitparade von 1969-1990.xls.vvv
2015-12-09 10:33 - 2010-08-01 21:46 - 00275182 _____ C:\Users\Multimedia\Documents\1.lig fikstür sonuclari 1959-1993.xlsx.vvv
2015-12-09 10:33 - 2010-08-01 19:50 - 00014270 _____ C:\Users\Multimedia\Documents\Istanbul Isattikleri Puanlar.xlsx.vvv
2015-12-09 10:32 - 2015-06-15 13:32 - 00000000 ____D C:\Users\Multimedia\Desktop\SINAI BERG e.V._Bilder
2015-12-09 10:25 - 2015-06-17 13:32 - 00000000 ____D C:\Users\Multimedia\Desktop\M.Gropp
2015-12-09 10:18 - 2015-09-18 12:23 - 00000000 ____D C:\Users\Multimedia\Desktop\Gescannt
2015-12-09 10:18 - 2013-07-09 09:40 - 00011054 _____ C:\Users\Multimedia\Cemil Akgün.docx.vvv
2015-12-09 10:18 - 2013-06-18 11:45 - 00011134 _____ C:\Users\Multimedia\Brzezinska Bozena.docx.vvv
2015-12-09 10:13 - 2014-12-09 13:38 - 00010670 _____ C:\Users\Gast\Documents\Fritteuse.wps.vvv
2015-12-09 10:13 - 2014-11-10 11:27 - 00011342 _____ C:\Users\Gast\Documents\Ismet Ars10.docx.vvv
2015-12-09 10:13 - 2013-06-19 11:29 - 00162910 _____ C:\Users\Multimedia\Anlage-MEB-Aerztl-Bescheinigung-Mehrbedarf-Ernaehrung.pdfSahin_Ebru.pdf.vvv
2015-12-09 10:13 - 2013-06-19 11:22 - 00107822 _____ C:\Users\Multimedia\Anlage-HG-Hilfebeduerftigkeit-Haushaltsgemeinschaft-1.pdfsahin_Ebru.pdf.vvv
2015-12-09 10:13 - 2013-06-19 11:08 - 00162238 _____ C:\Users\Multimedia\Anlage-VM-Vermoegen.pdfsahin_ebru.pdf.vvv
2015-12-09 10:13 - 2013-06-19 10:45 - 00229966 _____ C:\Users\Multimedia\Anlage-EK-Einkommenserklaerung.pdfsahin ebru.pdf.vvv
2015-12-09 04:39 - 2012-11-16 15:13 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 06:21 - 2011-01-25 13:03 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-07 14:19 - 2012-07-31 09:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-07 14:19 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-07 08:30 - 2010-05-07 20:26 - 00121344 _____ C:\Users\Multimedia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-07 08:21 - 2012-12-06 14:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-05 07:39 - 2015-05-16 08:40 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 07:39 - 2015-05-16 08:40 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-27 18:14 - 2015-09-17 13:30 - 00000000 ____D C:\Program Files (x86)\AVG
2015-11-27 07:35 - 2014-12-15 07:31 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-27 07:35 - 2014-05-06 18:23 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-11-27 07:04 - 2011-07-13 11:27 - 01695762 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-27 07:01 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2009-10-17 03:04 - 2009-02-10 20:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\Multimedia\AppData\Roaming\cbg4Eg1uzl8hVhbOVeC8
2015-12-09 10:13 - 2015-12-09 10:18 - 0009620 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:18 - 0002787 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+amx.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 0009620 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 0002787 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 0009620 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 0002787 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.txt
2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\Multimedia\AppData\Roaming\jnQmSMuT6xN
2014-10-18 15:58 - 2014-10-18 15:58 - 2032544 _____ (smart-saverplus) C:\Users\Multimedia\AppData\Roaming\KRLVQAY.exe
2015-03-31 09:14 - 2015-03-31 09:14 - 0005655 _____ () C:\Users\Multimedia\AppData\Roaming\sGHU6xI5w8em8aXqgPl1
2015-04-03 14:49 - 2015-04-03 14:49 - 1577472 _____ () C:\Users\Multimedia\AppData\Roaming\sGHU6xI5w8em8aXqgPl1.exe
2014-10-18 15:59 - 2014-10-18 15:59 - 1548192 _____ (smart-saverplus) C:\Users\Multimedia\AppData\Roaming\TOU.exe
2011-07-08 11:05 - 2013-07-31 14:33 - 0000238 _____ () C:\Users\Multimedia\AppData\Roaming\wklnhst.dat
2010-05-07 20:26 - 2015-12-07 08:30 - 0121344 _____ () C:\Users\Multimedia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-09 10:13 - 2015-12-09 10:34 - 0009620 _____ () C:\Users\Multimedia\AppData\Local\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:34 - 0002787 _____ () C:\Users\Multimedia\AppData\Local\how_recover+amx.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 0009620 _____ () C:\Users\Multimedia\AppData\Local\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 0002787 _____ () C:\Users\Multimedia\AppData\Local\how_recover+bhm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 0009620 _____ () C:\Users\Multimedia\AppData\Local\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 0002787 _____ () C:\Users\Multimedia\AppData\Local\how_recover+vrm.txt
2014-07-14 15:26 - 2015-03-18 12:35 - 0004096 ____H () C:\Users\Multimedia\AppData\Local\keyfile3.drm
2013-12-15 20:07 - 2013-12-15 20:07 - 0014370 _____ () C:\Users\Multimedia\AppData\Local\MyWinLockerInstaller.txt-20131215.log
2015-05-11 12:26 - 2015-09-16 21:44 - 0007606 _____ () C:\Users\Multimedia\AppData\Local\Resmon.ResmonCfg
2012-11-16 14:47 - 2012-11-16 14:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-10-17 03:04 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-12-09 10:10 - 2015-12-09 10:11 - 0009620 _____ () C:\ProgramData\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:11 - 0002787 _____ () C:\ProgramData\how_recover+amx.txt
2015-12-09 12:25 - 2015-12-09 12:26 - 0009620 _____ () C:\ProgramData\how_recover+bhm.html
2015-12-09 12:25 - 2015-12-09 12:26 - 0002787 _____ () C:\ProgramData\how_recover+bhm.txt
2015-12-09 14:06 - 2015-12-09 14:07 - 0009620 _____ () C:\ProgramData\how_recover+vrm.html
2015-12-09 14:06 - 2015-12-09 14:07 - 0002787 _____ () C:\ProgramData\how_recover+vrm.txt
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-10 08:09
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-12-2015
durchgeführt von Multimedia (2015-12-10 16:46:55)
Gestartet von F:\
Windows 7 Home Premium Service Pack 1 (X64) (2010-04-29 12:43:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3445553229-585193536-3719774176-500 - Administrator - Disabled)
Bülent (S-1-5-21-3445553229-585193536-3719774176-1008 - Administrator - Enabled) => C:\Users\Bülent
Gast (S-1-5-21-3445553229-585193536-3719774176-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3445553229-585193536-3719774176-1004 - Limited - Enabled)
Multimedia (S-1-5-21-3445553229-585193536-3719774176-1001 - Administrator - Enabled) => C:\Users\Multimedia
UpdatusUser (S-1-5-21-3445553229-585193536-3719774176-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.2.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Anti-Twin (Installation 27.11.2013) (HKLM-x32\...\Anti-Twin 2013-11-27 15.31.49) (Version: - Joerg Rosenthal, Germany)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
EasyTether (HKLM\...\{6C81C2B4-068D-4470-9FE0-2F2989ED4BB8}) (Version: 1.1.15 - Mobile Stream)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{695C8469-7822-4B31-A673-5ED84815B649}) (Version: 1.17.0000 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version: - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
HP Photosmart 6510 series - Grundlegende Software für das Gerät (HKLM\...\{D476ED05-969B-4ECD-92D4-77BFA3742DA2}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Macromedia Fireworks 8 (HKLM-x32\...\{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}) (Version: 8.0.0.777 - Macromedia)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
NVIDIA 3D Vision Controller-Treiber 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 285.62 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: - )
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PaperPort (HKLM-x32\...\{71C97545-E547-4A8B-B0C8-61FF853270AC}) (Version: 9.02.0827 - ScanSoft, Inc.)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{A737E18A-5171-40D0-8034-7DD243420081}) (Version: 4.1.1 - SEIKO EPSON CORPORATION) <==== ACHTUNG
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Basic 6.0 Runtime&Steuerelemente (HKLM-x32\...\ST6UNST #1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.4.9 - Shark007)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
yEd Graph Editor 3.8 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.8 - yWorks GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
10-12-2015 07:19:15 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {136D3DBA-28A4-43CC-80D3-78C747DA6EE0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {2187DB60-2210-4730-9528-F998401B94CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.)
Task: {C547AB32-B151-428A-916C-6AEA12592BF4} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04] (Oracle Corporation)
Task: {F3387C01-A817-410F-B975-C49C31C76BA1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FA90E203-27D9-4763-9643-6958DBC9E2B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-11-26 12:20 - 2012-12-06 13:09 - 00136704 _____ () C:\Windows\System32\zlhp1600.dll
2013-12-02 16:40 - 2012-12-06 13:52 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll
2015-10-19 21:00 - 2015-10-19 21:00 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0
AlternateDataStreams: C:\ProgramData\TEMP:444C53BA
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_PM_RPCV4_04 => 2
MSCONFIG\Services: EZ Software Updater => 2
MSCONFIG\Services: ForceWare Intelligent Application Manager (IAM) => 2
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: Greg_Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 3
MSCONFIG\Services: nSvcIp => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: servervo => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: Update BooZaka => 2
MSCONFIG\Services: Updater Service => 2
MSCONFIG\Services: Util BooZaka => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EasyTether => "C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe"
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: HP Photosmart 6510 series (NET) => "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN216430CP05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IndexSearch => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PaperPort PTD => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{39E2D5BB-8497-43B0-A7A2-179567B43037}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{E02BC29C-CD90-4637-AEFE-FDEE16837410}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7D14706F-0382-4513-B527-4663982B8600}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{1B673D14-86EF-400B-98EC-3F8D0704C6DA}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\DeviceSetup.exe
FirewallRules: [{593B925F-B9AE-44DD-B346-47E9715F893D}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{99BDA712-84C9-4FC4-9956-20C7B1346326}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BF3039FA-887C-41A2-AF1D-4CC2BC8622E8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D8C5C8B6-1DDA-44F8-B571-B2C7CA530108}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{A0FAB126-B7A0-4AA2-BE4C-54F9B536D5AC}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{A7D73967-262A-4A96-B6AB-4D312711CA22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3C9E3DF6-C8A7-4572-BF14-97056C35CCBD}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{EDA96396-9B30-4873-B04E-B969423E7329}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{C93F0D8B-0001-407F-BD52-76B4E44C47C5}C:\program files (x86)\jdownloader\jre\bin\java.exe] => (Block) C:\program files (x86)\jdownloader\jre\bin\java.exe
FirewallRules: [UDP Query User{AC491F3F-6C81-4684-820E-ECDFD05ADB0D}C:\program files (x86)\jdownloader\jre\bin\java.exe] => (Block) C:\program files (x86)\jdownloader\jre\bin\java.exe
FirewallRules: [{39012434-5690-4D10-B33F-00057CD26D56}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{9D258D48-03F7-44A0-AE27-D164D1208ED8}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{0F7635DA-A601-47DF-901B-8F095B61474C}] => (Allow) C:\Windows\SysWOW64\explorer.exe
FirewallRules: [{619BD259-2C90-4783-B6BB-25B541339886}] => (Allow) C:\Windows\SysWOW64\explorer.exe
FirewallRules: [TCP Query User{D7055B04-1743-4082-AF07-80D5A58EF74D}C:\program files (x86)\yworks\yed\yed.exe] => (Block) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [UDP Query User{D7BD4827-124E-4010-8423-012831209455}C:\program files (x86)\yworks\yed\yed.exe] => (Block) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [{906FC082-1BAD-4FEF-80B6-DBEC81B9151F}] => (Allow) C:\PROGRA~2\MICROS~1\Office12\OUTLOOK.EXE
FirewallRules: [{EC58FA94-C6FF-42F1-AE1F-DC49A66E00E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E5579E5A-8AF4-45F4-8749-B8A14569B487}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0FDB5D7F-7AFC-42B0-94C7-B82FBB2F38DF}] => (Allow) C:\PROGRA~2\MICROS~1\Office12\OUTLOOK.EXE
FirewallRules: [TCP Query User{055CCB89-E311-4AFE-85A5-D8B933DD3A62}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7457D705-E389-4584-B27C-9FADD2F279B2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{F62E4134-97C1-4229-B308-28DF7F07CCE6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{421220E0-8807-4C05-8D31-BE6060F26196}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{11FF557B-D284-403A-897B-493C20059616}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A9B002D4-7294-488E-A529-6DE5F154EF97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B596CA11-C58E-4AA0-991E-A405A85592EE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EFE0BF06-71F1-4033-A96D-8FF87D95AADD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E342E0BA-2744-41A3-A301-88B270483498}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Camera
Description: Camera
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: ttnfd
Description: ttnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ttnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/10/2015 02:23:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/10/2015 02:23:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/09/2015 05:14:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/09/2015 05:14:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/09/2015 12:27:45 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/09 12:27:45.249]: [00003828]: Initialize TwdsMain Class failed!
Error: (12/09/2015 12:27:45 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/09 12:27:45.248]: [00003828]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (12/08/2015 04:13:35 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/08 16:13:35.939]: [00004136]: Initialize TwdsMain Class failed!
Error: (12/08/2015 04:13:35 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/08 16:13:35.939]: [00004136]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (12/07/2015 09:23:32 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/07 09:23:32.006]: [00005808]: Initialize TwdsMain Class failed!
Error: (12/07/2015 09:23:32 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/07 09:23:32.006]: [00005808]: ##### Fatal ERROR!! Create STI-device failed! #####
Systemfehler:
=============
Error: (12/10/2015 04:42:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/10/2015 04:41:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (12/10/2015 04:41:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ttnfd
Error: (12/10/2015 04:41:28 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt
Feature: %%886
Fehlercode: 0x80070005
Fehlerbeschreibung: Zugriff verweigert
Grund: %%892
Error: (12/10/2015 04:07:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/10/2015 04:07:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/10/2015 04:07:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/10/2015 04:07:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/10/2015 04:07:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/10/2015 04:07:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
CodeIntegrity:
===================================
Date: 2015-11-27 07:14:21.238
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-27 07:14:20.521
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-27 07:14:19.912
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 16:14:43.888
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 16:14:43.669
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 16:14:43.357
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 15:32:19.044
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 15:32:18.841
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 15:32:17.874
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-26 15:32:17.640
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) II X2 215 Processor
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 2814.55 MB
Verfügbarer physikalischer RAM: 1204.55 MB
Summe virtueller Speicher: 5627.31 MB
Verfügbarer virtueller Speicher: 3745.76 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:458.87 GB) (Free:361.24 GB) NTFS
Drive d: (DATA) (Fixed) (Total:458.87 GB) (Free:306.51 GB) NTFS
Drive f: () (Removable) (Total:0.48 GB) (Free:0.47 GB) FAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 45B4AF2D)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 489 MB) (Disk ID: 70A07A1C)
Partition 1: (Not Active) - (Size=488 MB) - (Type=06)
==================== Ende von Addition.txt ============================
|
|
10.12.2015, 16:59
| #9 |
| | Windows 7: RSA-2048 Trojaner seit gestern Neue FRST1.txt, FRST2.txt und Addition.txt angehängt |
|
11.12.2015, 10:51
| #10 |
| /// Malwareteam | Windows 7: RSA-2048 Trojaner seit gesternMein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Los gehts Schritt # 1: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt # 2: AdwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt # 3: JRT Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt # 4: FRST Bitte noch ein FRST-Log erstellen. Schritt # 5: Bitte Posten
|
|
11.12.2015, 16:16
| #11 |
| | Windows 7: RSA-2048 Trojaner seit gestern mbam.txt Logfile Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 11.12.2015 Suchlaufzeit: 14:54 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.11.03 Rootkit-Datenbank: v2015.12.07.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Multimedia Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 481801 Abgelaufene Zeit: 29 Min., 23 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.024 - Bericht erstellt am 11/12/2015 um 15:55:10
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Multimedia - SINAI-BKAZAN
# Gestartet von : C:\Users\Multimedia\Desktop\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
[-] Ordner Gelöscht : C:\Program Files (x86)\predm
[-] Ordner Gelöscht : C:\Program Files (x86)\Registry Helper
[-] Ordner Gelöscht : C:\ProgramData\Partner
[-] Ordner Gelöscht : C:\ProgramData\Registry Helper
[-] Ordner Gelöscht : C:\Users\Multimedia\AppData\Local\globalUpdate
[-] Ordner Gelöscht : C:\Users\Multimedia\AppData\LocalLow\Softonic
[-] Ordner Gelöscht : C:\Users\Multimedia\AppData\Roaming\LookThisUp
[-] Ordner Gelöscht : C:\Users\Multimedia\AppData\Roaming\Systweak
[-] Ordner Gelöscht : C:\Users\Multimedia\AppData\Roaming\RHEng
[-] Ordner Gelöscht : C:\Users\Multimedia\AppData\Roaming\download Manager
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\my.cfg
[-] Datei Gelöscht : C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\web-search.xml
[-] Datei Gelöscht : C:\Windows\SysNative\roboot64.exe
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [SmartSaver+ 21-bg.exe]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ba494e8b-0647-42d3-bd49-5e212231ccae
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
[-] Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Reg\Clean
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Driver-Soft
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Reg\Clean
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A81E737A17150D040843D72D34240018
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A81E737A17150D040843D72D34240018
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A81E737A17150D040843D72D34240018
***** [ Internetbrowser ] *****
[-] [C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flpcjncodpafbgdpnkljologafpionhb
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [17514 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Multimedia (Administrator) on 11.12.2015 at 16:02:38,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\ProgramData\drivergenius (Folder)
Successfully deleted: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\extensions\hxxps-everywhere@eff.org\chrome\locale\ru@petr1708 (Folder)
Successfully deleted: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\extensions\hxxps-everywhere@eff.org\chrome\locale\zh_CN.GB2312 (Folder)
Successfully deleted: C:\Users\Multimedia\Documents\optimizer pro (Folder)
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.12.2015 at 16:05:11,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
durchgeführt von Multimedia (Administrator) auf SINAI-BKAZAN (11-12-2015 16:07:39)
Gestartet von F:\
Geladene Profile: Multimedia (Verfügbare Profile: Multimedia & UpdatusUser & Bülent & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\MountPoints2: {9beaa6cd-4364-11e0-9c68-00262d216fb1} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\MountPoints2: {e19d9f92-b2a8-11e0-ad46-00262d216fb1} - F:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => Keine Datei
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => Keine Datei
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.html [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.txt [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.html [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.txt [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.html [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.txt [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.html [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.txt [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.html [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.txt [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.html [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.txt [2015-12-09] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5A4F0A5F-8EA0-44EA-AF9A-AB6E3FBD2D6E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60705F6F-02B6-478A-8328-509DFE8E8627}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{93C72F3C-2101-442B-AF59-DE2394A5DAD8}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130943160094602000&GUID=04F08B28-FEF9-4CE5-9A45-0466020F4D70
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321902&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP624C4886-2FC0-431C-8A53-0B5325F4DBC7&q={searchTerms}&SSPV=
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-15] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-15] (Oracle Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-20] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-20] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-03] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-03] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3445553229-585193536-3719774176-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Multimedia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-07-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-11-19] (Apple Inc.)
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+amx.html [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+amx.txt [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+bhm.html [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+bhm.txt [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+vrm.html [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+vrm.txt [2015-12-09]
FF Extension: NoScript - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-12-09]
FF Extension: HTTPS-Everywhere - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\extensions\https-everywhere@eff.org [2015-12-09]
FF Extension: Snap Links Plus - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2015-06-07]
FF Extension: iMacros for Firefox - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-12-09]
FF Extension: Video DownloadHelper - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-28]
FF Extension: Adblock Plus - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-28]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-06-12] [ist nicht signiert]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.google.de/
CHR StartupUrls: Profile 2 -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09]
CHR Extension: (Google Docs) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Google Drive) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09]
CHR Extension: (YouTube) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (Adblock Plus) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-09]
CHR Extension: (Adblock für Youtube™) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-12-09]
CHR Extension: (Google-Suche) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (Google Tabellen) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09]
CHR Extension: (Google Docs Offline) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-09]
CHR Extension: (Lyoness Cashback Bar) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ibocncflemnoggjhchgnakpnhdiajnjl [2015-12-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-09]
CHR Extension: (Google Mail) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S4 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [20752 2012-05-11] (Mobile Stream)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-11] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2011-07-13] (Sony Ericsson Mobile Communications) [Datei ist nicht signiert]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-11 16:05 - 2015-12-11 16:05 - 00001176 _____ C:\Users\Multimedia\Desktop\JRT.txt
2015-12-11 15:55 - 2015-12-11 15:55 - 00017822 _____ C:\Users\Multimedia\Desktop\AdwCleaner[C1].txt
2015-12-11 15:47 - 2015-12-11 16:01 - 00000000 ____D C:\AdwCleaner
2015-12-11 15:46 - 2015-12-11 15:46 - 00001215 _____ C:\Users\Multimedia\Desktop\mbam.txt
2015-12-11 15:25 - 2015-12-11 15:25 - 00001215 _____ C:\mbam.txt
2015-12-11 14:56 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-11 14:56 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-11 14:56 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-11 14:56 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-11 14:56 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-11 14:56 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-11 14:56 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-11 14:56 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-11 14:56 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-11 14:56 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-11 14:56 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-11 14:56 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-11 14:56 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-11 14:56 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-11 14:56 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-11 14:56 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-11 14:56 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-11 14:56 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-11 14:56 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-11 14:56 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-11 14:56 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-11 14:54 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-11 14:54 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-11 14:54 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-11 14:54 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-11 14:54 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-11 14:54 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-11 14:54 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-11 14:54 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-11 14:54 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-11 14:54 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-11 14:54 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-11 14:54 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-11 14:54 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-11 14:54 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-11 14:54 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-11 14:54 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-11 14:54 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-11 14:54 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-11 14:54 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-11 14:54 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-11 14:54 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-11 14:54 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-11 14:54 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-11 14:54 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-11 14:54 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-11 14:54 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-11 14:54 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-11 14:54 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-11 14:54 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-11 14:54 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-11 14:54 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-11 14:54 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-11 14:54 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-11 14:54 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-11 14:54 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-11 14:54 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-11 14:54 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-11 14:54 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-11 14:54 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-11 14:54 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-11 14:54 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-11 14:54 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-11 14:54 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-11 14:54 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-11 14:54 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-11 14:54 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-11 14:54 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-11 14:54 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-11 14:54 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-11 14:54 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-11 14:54 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-11 14:54 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-11 14:54 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-11 14:54 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-11 14:54 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-11 14:54 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-11 14:54 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-11 14:54 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-11 14:54 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-11 14:54 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-11 14:54 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-11 14:54 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-11 14:54 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-11 14:54 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-11 14:54 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-11 14:53 - 2015-12-11 15:26 - 00001100 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-11 14:53 - 2015-12-11 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-11 14:53 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-11 14:53 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-11 14:53 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-11 14:52 - 2015-12-11 14:52 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-12-11 14:52 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-11 14:52 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-11 14:52 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-11 14:52 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-11 14:51 - 2015-12-11 14:51 - 01738240 _____ C:\Users\Multimedia\Desktop\AdwCleaner_5.024.exe
2015-12-11 14:51 - 2015-12-11 14:51 - 01599336 _____ (Malwarebytes) C:\Users\Multimedia\Desktop\JRT.exe
2015-12-11 14:50 - 2015-12-11 14:50 - 22908888 _____ (Malwarebytes ) C:\Users\Multimedia\Desktop\mbam-setup-2.2.0.1024.exe
2015-12-10 16:29 - 2015-12-10 16:29 - 00083510 _____ C:\Users\Bülent\Downloads\FRST1.txt
2015-12-10 16:08 - 2015-12-10 16:08 - 00039597 _____ C:\Users\Bülent\Downloads\Addition (1).txt
2015-12-10 16:08 - 2015-12-10 16:08 - 00007015 _____ C:\Users\Bülent\Downloads\Gmer.txt
2015-12-10 16:08 - 2015-12-10 16:08 - 00000474 _____ C:\Users\Bülent\Downloads\defogger_disable (1).txt
2015-12-10 16:07 - 2015-12-10 16:07 - 00039597 _____ C:\Users\Bülent\Downloads\Addition.txt
2015-12-10 16:05 - 2015-12-10 16:05 - 00065154 _____ C:\Users\Bülent\Desktop\FRST2.txt
2015-12-10 15:59 - 2015-12-10 15:59 - 00000474 _____ C:\Users\Bülent\Downloads\defogger_disable.txt
2015-12-10 15:52 - 2015-12-10 15:52 - 477469582 _____ C:\Windows\MEMORY.DMP
2015-12-10 15:52 - 2015-12-10 15:52 - 00475928 _____ C:\Windows\Minidump\121015-16910-01.dmp
2015-12-10 15:38 - 2015-12-10 15:38 - 00000000 ____D C:\Users\Multimedia\AppData\Local\ElevatedDiagnostics
2015-12-10 15:23 - 2015-12-10 16:05 - 00083510 _____ C:\Users\Bülent\Desktop\FRST1.txt
2015-12-10 15:23 - 2015-12-10 14:23 - 00039597 _____ C:\Users\Bülent\Desktop\Addition.txt
2015-12-10 15:21 - 2015-12-10 15:21 - 00007015 _____ C:\Users\Bülent\Desktop\Gmer.txt
2015-12-10 15:04 - 2015-12-10 15:04 - 00380416 _____ C:\Users\Bülent\Desktop\ztts6src.exe
2015-12-10 15:02 - 2015-12-10 15:02 - 00000474 _____ C:\Users\Bülent\Desktop\defogger_disable.txt
2015-12-10 15:02 - 2015-12-10 15:02 - 00000000 _____ C:\Users\Bülent\defogger_reenable
2015-12-10 15:00 - 2015-12-10 15:00 - 00050477 _____ C:\Users\Bülent\Desktop\Defogger.exe
2015-12-10 14:32 - 2015-12-10 16:36 - 00000000 ____D C:\Users\Bülent\AppData\Local\Google
2015-12-10 14:32 - 2015-12-10 14:32 - 00002251 _____ C:\Users\Bülent\Desktop\Google Chrome.lnk
2015-12-10 14:32 - 2015-12-10 14:32 - 00001425 _____ C:\Users\Bülent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-10 14:32 - 2015-12-10 14:32 - 00000000 ____D C:\Users\Bülent\AppData\Roaming\Adobe
2015-12-10 14:31 - 2015-12-10 14:31 - 00000000 ____D C:\Users\Bülent\AppData\Local\VirtualStore
2015-12-10 14:29 - 2015-12-10 15:02 - 00000000 ____D C:\Users\Bülent
2015-12-10 14:29 - 2015-12-10 14:29 - 00000020 ___SH C:\Users\Bülent\ntuser.ini
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Vorlagen
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Startmenü
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Netzwerkumgebung
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Lokale Einstellungen
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Eigene Dateien
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Druckumgebung
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Documents\Eigene Videos
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Documents\Eigene Musik
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Documents\Eigene Bilder
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\AppData\Local\Verlauf
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\AppData\Local\Anwendungsdaten
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Anwendungsdaten
2015-12-10 14:29 - 2013-04-09 08:20 - 00000000 ____D C:\Users\Bülent\AppData\Roaming\Macromedia
2015-12-10 14:29 - 2010-05-26 02:03 - 00000000 ____D C:\Users\Bülent\AppData\Local\Microsoft Help
2015-12-10 14:29 - 2009-07-14 08:44 - 00000000 ____D C:\Users\Bülent\AppData\Roaming\Media Center Programs
2015-12-10 13:22 - 2015-12-10 13:23 - 00039083 _____ C:\Users\Multimedia\Downloads\Addition.txt
2015-12-10 13:20 - 2015-12-10 13:23 - 00151787 _____ C:\Users\Multimedia\Downloads\FRST.txt
2015-12-10 13:19 - 2015-12-11 16:07 - 00000000 ____D C:\FRST
2015-12-09 19:12 - 2015-12-11 15:45 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 19:12 - 2015-12-11 14:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-09 19:12 - 2015-12-09 19:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-09 19:11 - 2015-12-09 19:11 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Multimedia\Downloads\mbar-1.09.3.1001.exe
2015-12-09 19:11 - 2015-12-09 19:11 - 00000000 ____D C:\Users\Multimedia\Desktop\mbar
2015-12-09 19:11 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 18:48 - 2015-12-09 18:48 - 00000000 ____D C:\.Trash-999
2015-12-09 18:00 - 2015-12-09 18:00 - 00001638 _____ C:\Windows\system32\Benim senden bir istegim olacak bildigim kadariyla senin telefonun da samsung ve bir telefoncuya git ve onlara Viber diye bir program var onu yüklet bunu yapmayi ama unutma ve benim telefon n.txt.lnk
2015-12-09 17:37 - 2015-12-10 22:42 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-12-09 17:37 - 2015-12-09 17:38 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2015-12-09 17:37 - 2015-12-09 17:37 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Multimedia\Downloads\LinuxLive_USB_Creator_2.9.4.exe
2015-12-09 17:30 - 2015-12-10 15:58 - 00257520 _____ C:\Windows\ntbtlog.txt
2015-12-09 17:18 - 2015-12-10 12:57 - 00000000 ____D C:\Users\Multimedia\Desktop\vvv Files
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\Downloads\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\Documents\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\Downloads\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\Documents\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\Downloads\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\Documents\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\Downloads\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\Documents\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\how_recover+vrm.txt
2015-12-09 14:09 - 2015-12-09 14:09 - 00009620 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+vrm.html
2015-12-09 14:09 - 2015-12-09 14:09 - 00002787 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Local\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Local\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\Downloads\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\Documents\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\LocalLow\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\Downloads\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\Documents\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\LocalLow\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Public\Documents\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Public\Documents\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Local\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Roaming\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Local\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:07 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:07 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:06 - 2015-12-09 14:07 - 00009620 _____ C:\ProgramData\how_recover+vrm.html
2015-12-09 14:06 - 2015-12-09 14:07 - 00002787 _____ C:\ProgramData\how_recover+vrm.txt
2015-12-09 14:06 - 2015-12-09 14:06 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_owpbkiaym.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\Downloads\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\Documents\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\Downloads\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\Documents\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\Downloads\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\Documents\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\Downloads\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\Documents\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\how_recover+bhm.txt
2015-12-09 12:29 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.html
2015-12-09 12:29 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.txt
2015-12-09 12:29 - 2015-12-09 12:29 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:29 - 2015-12-09 12:29 - 00009620 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+bhm.html
2015-12-09 12:29 - 2015-12-09 12:29 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:29 - 2015-12-09 12:29 - 00002787 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\Local\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\Local\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\Downloads\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\Documents\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\LocalLow\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\Downloads\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\Documents\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\LocalLow\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\how_recover+bhm.txt
2015-12-09 12:26 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:26 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Local\how_recover+bhm.html
2015-12-09 12:26 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Roaming\how_recover+bhm.txt
2015-12-09 12:26 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Local\how_recover+bhm.txt
2015-12-09 12:26 - 2015-12-09 12:26 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:26 - 2015-12-09 12:26 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:25 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Public\Documents\how_recover+bhm.html
2015-12-09 12:25 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Public\Documents\how_recover+bhm.txt
2015-12-09 12:25 - 2015-12-09 12:26 - 00009620 _____ C:\ProgramData\how_recover+bhm.html
2015-12-09 12:25 - 2015-12-09 12:26 - 00002787 _____ C:\ProgramData\how_recover+bhm.txt
2015-12-09 12:24 - 2015-12-09 12:24 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_ljfgqgthi.txt
2015-12-09 12:22 - 2015-12-09 12:22 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_vjcfxqcof.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\Downloads\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\Documents\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\Downloads\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\Downloads\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\Documents\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\Downloads\how_recover+amx.txt
2015-12-09 10:33 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\Documents\how_recover+amx.html
2015-12-09 10:33 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\Documents\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\AppData\Local\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\AppData\Local\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\Downloads\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\Documents\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\LocalLow\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\Downloads\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\Documents\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\LocalLow\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\how_recover+amx.txt
2015-12-09 10:11 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Roaming\how_recover+amx.html
2015-12-09 10:11 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Local\how_recover+amx.html
2015-12-09 10:11 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Roaming\how_recover+amx.txt
2015-12-09 10:11 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Local\how_recover+amx.txt
2015-12-09 10:10 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Public\Documents\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Public\Documents\how_recover+amx.txt
2015-12-09 10:10 - 2015-12-09 10:11 - 00009620 _____ C:\ProgramData\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:11 - 00002787 _____ C:\ProgramData\how_recover+amx.txt
2015-12-09 10:10 - 2015-12-09 10:10 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:10 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:08 - 2015-12-09 10:08 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_yldyrxihj.txt
2015-12-07 08:29 - 2015-12-09 10:30 - 00000000 ____D C:\Users\Multimedia\Desktop\Neuer Ordner (3)
2015-12-03 11:27 - 2015-12-09 10:33 - 00183470 _____ C:\Users\Multimedia\Documents\Ghana-Project.pdf.vvv
2015-12-03 09:13 - 2015-12-09 12:30 - 00000000 ____D C:\Users\Multimedia\Desktop\Ghana Projekt Dateien
2015-11-30 18:26 - 2015-11-30 18:26 - 00001958 _____ C:\Windows\system32\Benim senden bir istegim olacak bildigim kadariyla senin telefonun da samsung ve bir telefoncuya git ve onlara Viber diye bir program var onu yüklet bunu yapmayi ama unutma ve benim telefon numar.lnk
2015-11-28 10:14 - 2015-12-09 10:25 - 00000000 ____D C:\Users\Multimedia\Desktop\Ghana Video
2015-11-28 09:51 - 2015-12-09 10:29 - 00000000 ____D C:\Users\Multimedia\Desktop\Neuer Ordner
2015-11-28 07:58 - 2015-12-11 15:41 - 00428704 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-27 21:12 - 2015-11-27 21:12 - 00111288 _____ C:\Users\Multimedia\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-27 19:46 - 2015-11-27 19:46 - 00216184 _____ C:\Users\Multimedia\Documents\cc_20151127_194603.reg
2015-11-27 19:46 - 2015-11-27 19:46 - 00209792 _____ C:\Users\Multimedia\Documents\cc_20151127_194623.reg
2015-11-27 19:38 - 2015-12-11 15:26 - 00000864 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-27 19:38 - 2015-12-09 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-27 19:38 - 2015-11-27 19:38 - 00002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-27 19:38 - 2015-11-27 19:38 - 00000000 ____D C:\Program Files\CCleaner
2015-11-27 19:37 - 2015-11-27 19:37 - 05524624 _____ (Piriform Ltd) C:\Users\Multimedia\Downloads\ccsetup511_slim.exe
2015-11-27 09:08 - 2015-12-09 10:34 - 00145310 _____ C:\Users\Multimedia\Downloads\rechnung-2015-11-01-1153839255.pdf.vvv
2015-11-26 16:12 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-26 16:12 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-26 16:12 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-26 16:12 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-26 16:12 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-26 16:12 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-26 16:12 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-26 16:12 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-26 16:12 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-26 16:12 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-26 16:12 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-26 16:12 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-26 16:12 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-26 16:12 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-26 16:12 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-26 16:12 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-26 16:12 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-26 16:12 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-26 16:12 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-26 16:11 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-26 16:11 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-26 16:11 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-26 16:11 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-26 16:11 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-26 16:11 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-26 16:11 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-26 16:11 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-26 16:11 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-26 16:11 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-26 16:11 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-26 16:11 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-26 16:11 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-26 16:11 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-26 16:11 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-26 16:11 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-26 16:11 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-26 16:11 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-26 16:11 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
|
|
11.12.2015, 16:20
| #12 |
| | Windows 7: RSA-2048 Trojaner seit gestern Danke nochmal für die Mühe!! FRST2.txt Logfile Code:
ATTFilter 2015-11-26 16:11 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-26 16:11 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-26 16:11 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-26 16:11 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-26 16:11 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-26 16:11 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-26 16:11 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-26 16:11 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-26 16:11 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-26 16:08 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-11-26 16:08 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-11-26 16:08 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-26 16:08 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-11-26 16:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-11-26 15:52 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-11-26 15:52 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-11-26 15:52 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-11-26 15:52 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-11-26 15:51 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-26 15:51 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-26 15:50 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-11-26 15:50 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-11-26 15:50 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-11-26 15:50 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-11-26 15:50 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-11-26 15:50 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-11-26 15:50 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-11 16:05 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-11 16:05 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-11 15:57 - 2015-05-16 08:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-11 15:57 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-11 15:55 - 2012-12-06 14:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-11 15:44 - 2015-05-16 08:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-11 15:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-11 15:36 - 2009-10-17 03:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-11 15:34 - 2012-09-06 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-11 15:33 - 2012-09-06 14:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 15:33 - 2012-09-06 14:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-11 15:26 - 2015-07-17 10:45 - 00001474 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2015-12-11 15:26 - 2015-05-11 09:56 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-12-11 15:26 - 2013-12-15 19:51 - 00002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-12-11 15:26 - 2013-12-15 19:51 - 00001949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-12-11 15:26 - 2013-12-15 19:51 - 00001928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2015-12-11 15:26 - 2013-11-27 15:31 - 00001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Twin.lnk
2015-12-11 15:26 - 2013-07-23 07:52 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-12-11 15:26 - 2013-04-09 08:20 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
2015-12-11 15:26 - 2013-01-04 09:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-12-11 15:26 - 2011-07-20 09:10 - 00002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2015-12-11 15:26 - 2011-01-25 13:54 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\TeamViewer
2015-12-11 15:26 - 2009-10-17 02:46 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-11 15:26 - 2009-10-17 02:46 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-11 15:26 - 2009-07-14 05:57 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-11 15:26 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-12-11 15:26 - 2009-07-14 05:57 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-12-11 15:26 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-12-11 15:26 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-12-11 15:25 - 2015-06-12 11:11 - 00001068 _____ C:\Users\Multimedia\Desktop\Vollmacht zur Vertretung v1.0 - Verknüpfung.lnk
2015-12-11 15:25 - 2014-07-21 09:20 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Naru
2015-12-11 15:25 - 2013-07-30 10:03 - 00001126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-12-11 15:25 - 2010-04-29 13:45 - 00001425 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-11 15:25 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-11 15:25 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-12-11 15:25 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-12-10 22:42 - 2015-04-11 11:26 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-10 22:42 - 2014-02-06 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-10 22:42 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast
2015-12-10 22:42 - 2011-07-13 13:40 - 00000000 ____D C:\Users\UpdatusUser
2015-12-10 22:42 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2015-12-10 22:42 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-10 16:48 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2015-12-10 15:52 - 2015-09-17 09:04 - 00000000 ____D C:\Windows\Minidump
2015-12-10 15:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-10 14:15 - 2012-12-27 10:56 - 00000000 ____D C:\Windows\pss
2015-12-10 14:14 - 2009-07-14 06:13 - 01722418 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-10 14:14 - 2006-10-11 08:02 - 00741124 _____ C:\Windows\system32\perfh007.dat
2015-12-10 14:14 - 2006-10-11 08:02 - 00166430 _____ C:\Windows\system32\perfc007.dat
2015-12-10 14:12 - 2010-04-29 13:43 - 00000000 ____D C:\Users\Multimedia
2015-12-09 14:10 - 2015-09-16 15:19 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\dvdcss
2015-12-09 14:10 - 2015-09-16 14:25 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\vlc
2015-12-09 14:10 - 2015-09-15 14:54 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Sun
2015-12-09 14:10 - 2015-09-10 09:58 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-12-09 14:10 - 2015-09-10 09:49 - 00000000 ____D C:\Users\Multimedia\Documents\UseNeXT
2015-12-09 14:10 - 2015-09-10 09:49 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\UseNeXT
2015-12-09 14:10 - 2015-07-24 10:34 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-09 14:10 - 2015-07-17 10:48 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\elsterformular
2015-12-09 14:10 - 2015-01-23 10:16 - 00000000 ____D C:\Users\Multimedia\Documents\JC_Anträge
2015-12-09 14:10 - 2015-01-09 19:42 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Opera Software
2015-12-09 14:10 - 2015-01-09 19:37 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\TuneUp Software
2015-12-09 14:10 - 2014-12-09 14:51 - 00000000 ____D C:\Users\Multimedia\Downloads\Smartphone
2015-12-09 14:10 - 2014-10-20 09:09 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-12-09 14:10 - 2014-09-15 12:25 - 00000000 __RSD C:\Users\Multimedia\Documents\My Stationery
2015-12-09 14:10 - 2014-07-21 09:20 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Ekeras
2015-12-09 14:10 - 2014-05-17 11:11 - 00000000 ____D C:\Users\Multimedia\Downloads\FileZilla_3.8.0_win32
2015-12-09 14:10 - 2014-05-17 11:11 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\FileZilla
2015-12-09 14:10 - 2014-01-24 16:00 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\DAEMON Tools Lite
2015-12-09 14:10 - 2013-12-16 18:20 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\EPSON
2015-12-09 14:10 - 2013-11-27 20:42 - 00000000 ____D C:\Users\Multimedia\Documents\LG OSP
2015-12-09 14:10 - 2013-07-30 10:03 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\WinRAR
2015-12-09 14:10 - 2013-07-30 10:03 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 14:10 - 2013-07-20 15:37 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Skype
2015-12-09 14:10 - 2013-06-26 10:21 - 00000000 ____D C:\Users\Multimedia\Formular-Management-System der Bundesfinanzverwaltung (010190 - KG 1 - Anlage Kind)_files
2015-12-09 14:10 - 2013-04-09 11:59 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\PDAppFlex
2015-12-09 14:10 - 2013-04-09 08:35 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\SolidDocuments
2015-12-09 14:10 - 2012-12-03 11:21 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\QuickScan
2015-12-09 14:10 - 2012-11-16 14:48 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\HpUpdate
2015-12-09 14:10 - 2012-10-20 13:25 - 00000000 ____D C:\Users\Multimedia\Documents\My Games
2015-12-09 14:10 - 2012-09-27 14:15 - 00000000 ____D C:\Users\Multimedia\Downloads\CNL_BB_topless_v1
2015-12-09 14:10 - 2012-09-22 13:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Amazon_Appstore
2015-12-09 14:10 - 2012-08-03 15:33 - 00000000 ____D C:\Users\Multimedia\Documents\lieferschein-drucken-Dateien
2015-12-09 14:10 - 2012-07-21 15:25 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\NVIDIA
2015-12-09 14:10 - 2012-07-21 12:04 - 00000000 ___SD C:\Users\Multimedia\Documents\Eigene Datenquellen
2015-12-09 14:10 - 2012-07-19 18:39 - 00000000 ____D C:\Users\Multimedia\temp
2015-12-09 14:10 - 2011-12-28 17:05 - 00000000 ___RD C:\Users\Multimedia\Documents\Scanned Documents
2015-12-09 14:10 - 2011-12-28 17:05 - 00000000 ____D C:\Users\Multimedia\Documents\Fax
2015-12-09 14:10 - 2011-12-07 14:03 - 00000000 ____D C:\Users\Multimedia\Downloads\EG-V1_2_17_34_EFI
2015-12-09 14:10 - 2011-12-07 14:01 - 00000000 ____D C:\Users\Multimedia\Downloads\Express_Gate_Cloud_Source_Code
2015-12-09 14:10 - 2011-11-25 22:21 - 00000000 ____D C:\Users\Multimedia\Downloads\avira_registry_cleaner_de
2015-12-09 14:10 - 2011-11-24 20:58 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\yWorks
2015-12-09 14:10 - 2011-11-03 14:10 - 00000000 ____D C:\Users\Multimedia\Documents\DVDVideoSoft
2015-12-09 14:10 - 2011-11-03 14:10 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\DVDVideoSoft
2015-12-09 14:10 - 2011-10-24 12:22 - 00000000 ____D C:\Users\Multimedia\Downloads\Auhip_5098_port
2015-12-09 14:10 - 2011-09-12 11:41 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\InstallShield
2015-12-09 14:10 - 2011-07-22 11:31 - 00000000 ____D C:\Users\Multimedia\Documents\LG PC Suite IV
2015-12-09 14:10 - 2011-07-13 14:27 - 00000000 ____D C:\Users\Multimedia\Downloads\SuperOneClick
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\SuperOneClickv1.9-ShortFuse.Drivers
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Root
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Exploits
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\Dependencies
2015-12-09 14:10 - 2011-07-13 14:16 - 00000000 ____D C:\Users\Multimedia\Downloads\ADB
2015-12-09 14:10 - 2011-07-13 13:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs
2015-12-09 14:10 - 2011-07-13 13:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2015-12-09 14:10 - 2011-07-13 12:33 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2015-12-09 14:10 - 2011-07-08 11:05 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Template
2015-12-09 14:10 - 2011-06-27 14:59 - 00000000 ____D C:\Users\Multimedia\Documents\OneNote-Notizbücher
2015-12-09 14:10 - 2011-06-17 16:56 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\ScanSoft
2015-12-09 14:10 - 2011-06-14 11:46 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Logitech
2015-12-09 14:10 - 2011-06-14 11:46 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Leadertech
2015-12-09 14:10 - 2011-06-14 10:33 - 00000000 ____D C:\Users\Multimedia\Documents\Eigene PaperPort-Dokumente
2015-12-09 14:10 - 2011-06-14 10:33 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Zeon
2015-12-09 14:10 - 2010-10-03 16:07 - 00000000 ____D C:\Users\Multimedia\Downloads\[www.busters.to]...Asterix.bei.den.Olympischen.Spielen.German.AC3.DVDRip.XviD-CRUCiAL
2015-12-09 14:10 - 2010-09-13 14:16 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\uTorrent
2015-12-09 14:10 - 2010-08-20 13:38 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Nero
2015-12-09 14:10 - 2010-06-11 11:47 - 00000000 ____D C:\Users\Multimedia\Documents\iMacros
2015-12-09 14:10 - 2010-05-13 21:23 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\GameConsole
2015-12-09 14:10 - 2010-05-08 05:51 - 00000000 ____D C:\Users\Multimedia\dwhelper
2015-12-09 14:10 - 2010-05-07 12:28 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Win7codecs
2015-12-09 14:10 - 2010-05-07 12:17 - 00000000 ____D C:\Users\Multimedia\Tracing
2015-12-09 14:10 - 2010-05-01 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\DivX
2015-12-09 14:10 - 2010-04-29 15:57 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Mozilla
2015-12-09 14:10 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Google
2015-12-09 14:10 - 2010-04-29 13:46 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Macromedia
2015-12-09 14:10 - 2010-04-29 13:43 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Media Center Programs
2015-12-09 14:10 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-09 14:10 - 2006-10-10 22:34 - 00000000 ____D C:\Users\Public\Documents\Screensaver
2015-12-09 14:09 - 2015-09-17 13:31 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\AVG
2015-12-09 14:09 - 2015-09-15 14:53 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Oracle
2015-12-09 14:09 - 2015-07-24 10:31 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Steam
2015-12-09 14:09 - 2015-06-24 10:04 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Battle.net
2015-12-09 14:09 - 2015-01-12 12:03 - 00000000 __SHD C:\Users\Multimedia\AppData\LocalLow\EmieBrowserModeList
2015-12-09 14:09 - 2015-01-09 19:42 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Opera Software
2015-12-09 14:09 - 2015-01-09 19:37 - 00000000 ____D C:\Users\Multimedia\AppData\Local\TuneUp Software
2015-12-09 14:09 - 2014-10-08 13:09 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\CodeTwo CatMan
2015-12-09 14:09 - 2014-06-11 12:53 - 00000000 __SHD C:\Users\Multimedia\AppData\LocalLow\EmieUserList
2015-12-09 14:09 - 2014-05-14 14:25 - 00000000 __SHD C:\Users\Multimedia\AppData\LocalLow\EmieSiteList
2015-12-09 14:09 - 2014-03-06 10:43 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Skype
2015-12-09 14:09 - 2013-08-27 15:52 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\EPSON
2015-12-09 14:09 - 2013-04-09 08:21 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-12-09 14:09 - 2013-03-25 14:45 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Windows Live
2015-12-09 14:09 - 2012-11-16 14:46 - 00000000 ____D C:\Users\Multimedia\AppData\Local\HP
2015-12-09 14:09 - 2012-08-17 08:32 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\boost_interprocess
2015-12-09 14:09 - 2012-07-26 08:16 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Macromedia
2015-12-09 14:09 - 2012-07-21 11:18 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Unity
2015-12-09 14:09 - 2012-07-21 11:18 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Unity
2015-12-09 14:09 - 2012-03-14 08:29 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Apple Computer
2015-12-09 14:09 - 2012-02-14 18:34 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Apple Computer
2015-12-09 14:09 - 2011-11-30 13:23 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Canneverbe Limited
2015-12-09 14:09 - 2011-07-22 11:31 - 00000000 ____D C:\Users\Multimedia\AppData\Local\LG Electronics
2015-12-09 14:09 - 2011-07-13 11:19 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Sun
2015-12-09 14:09 - 2011-07-06 16:10 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Adobe
2015-12-09 14:09 - 2011-07-01 14:14 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Oberon Games
2015-12-09 14:09 - 2011-06-21 09:19 - 00000000 ___RD C:\Users\Multimedia\AppData\Roaming\Brother
2015-12-09 14:09 - 2010-10-26 19:36 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\TVU Networks
2015-12-09 14:09 - 2010-10-26 19:36 - 00000000 ____D C:\Users\Multimedia\AppData\Local\TVU Networks
2015-12-09 14:09 - 2010-09-13 14:16 - 00000000 ____D C:\Users\Multimedia\AppData\Local\uTorrent
2015-12-09 14:09 - 2010-06-30 12:37 - 00000000 ___SD C:\Users\Multimedia\AppData\LocalLow\Temp
2015-12-09 14:09 - 2010-04-30 10:08 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Microsoft Help
2015-12-09 14:09 - 2010-04-29 20:10 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Microsoft Games
2015-12-09 14:09 - 2010-04-29 15:57 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Mozilla
2015-12-09 14:09 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Adobe
2015-12-09 14:09 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\LocalLow\Google
2015-12-09 14:09 - 2010-04-29 15:53 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Google
2015-12-09 14:09 - 2010-04-29 13:45 - 00000000 ____D C:\Users\Multimedia\AppData\Local\VirtualStore
2015-12-09 14:08 - 2015-09-17 13:26 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Avg
2015-12-09 14:08 - 2015-09-15 14:54 - 00000000 ____D C:\Users\Multimedia\.oracle_jre_usage
2015-12-09 14:08 - 2015-07-24 10:31 - 00000000 ____D C:\Users\Multimedia\AppData\Local\CEF
2015-12-09 14:08 - 2015-07-17 10:50 - 00000000 ____D C:\Users\Multimedia\AppData\Local\elfopatch
2015-12-09 14:08 - 2015-06-24 10:05 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Blizzard Entertainment
2015-12-09 14:08 - 2015-06-24 10:04 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Battle.net
2015-12-09 14:08 - 2015-01-12 12:03 - 00000000 __SHD C:\Users\Multimedia\AppData\Local\EmieBrowserModeList
2015-12-09 14:08 - 2014-12-09 12:59 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Template
2015-12-09 14:08 - 2014-11-12 16:06 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Mozilla
2015-12-09 14:08 - 2014-11-12 16:06 - 00000000 ____D C:\Users\Gast\AppData\Local\Mozilla
2015-12-09 14:08 - 2014-11-12 14:20 - 00000000 ____D C:\Users\Gast\Documents\Sümeye
2015-12-09 14:08 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\LocalLow\EmieUserList
2015-12-09 14:08 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\LocalLow\EmieSiteList
2015-12-09 14:08 - 2014-05-14 14:25 - 00000000 __SHD C:\Users\Multimedia\AppData\Local\EmieUserList
2015-12-09 14:08 - 2014-05-14 14:25 - 00000000 __SHD C:\Users\Multimedia\AppData\Local\EmieSiteList
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Media Center Programs
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2015-12-09 14:08 - 2013-12-17 13:46 - 00000000 ____D C:\Users\Gast\AppData\Local\Microsoft Help
2015-12-09 14:08 - 2013-11-09 14:39 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Apps\2.0
2015-12-09 14:08 - 2012-08-17 08:32 - 00000000 ____D C:\Users\Multimedia\AppData\Local\DDMSettings
2015-12-09 14:08 - 2012-02-14 18:35 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Apple
2015-12-09 14:08 - 2010-04-29 19:54 - 00000000 ____D C:\Users\Multimedia\AppData\Local\Adobe
2015-12-09 14:08 - 2010-04-29 13:46 - 00000000 ____D C:\Users\Multimedia\AppData\Local\EgisTec
2015-12-09 14:07 - 2015-09-16 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-09 14:07 - 2015-09-10 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-12-09 14:07 - 2015-09-10 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-12-09 14:07 - 2015-07-17 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-12-09 14:07 - 2015-07-17 10:44 - 00000000 ____D C:\ProgramData\elsterformular
2015-12-09 14:07 - 2015-06-24 10:04 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-12-09 14:07 - 2015-06-24 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-12-09 14:07 - 2015-03-20 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-09 14:07 - 2015-03-06 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-09 14:07 - 2015-03-06 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-12-09 14:07 - 2015-01-09 19:34 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-12-09 14:07 - 2014-11-12 16:09 - 00000000 ____D C:\Users\Gast\AppData\Local\Macromedia
2015-12-09 14:07 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\Local\EmieUserList
2015-12-09 14:07 - 2014-08-20 09:15 - 00000000 __SHD C:\Users\Gast\AppData\Local\EmieSiteList
2015-12-09 14:07 - 2014-06-20 15:10 - 00000000 ____D C:\ProgramData\Oracle
2015-12-09 14:07 - 2014-02-14 13:41 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
2015-12-09 14:07 - 2014-01-24 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-12-09 14:07 - 2014-01-24 16:00 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-12-09 14:07 - 2013-11-09 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-12-09 14:07 - 2013-07-30 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 14:07 - 2013-07-20 15:37 - 00000000 ____D C:\ProgramData\Skype
2015-12-09 14:07 - 2013-06-12 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-12-09 14:07 - 2013-06-12 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-12-09 14:07 - 2013-06-12 12:52 - 00000000 ____D C:\ProgramData\EPSON
2015-12-09 14:07 - 2013-04-09 08:29 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-09 14:07 - 2012-11-16 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-09 14:07 - 2012-11-16 14:47 - 00000000 ____D C:\ProgramData\HP
2015-12-09 14:07 - 2012-10-20 14:27 - 00000000 ____D C:\ProgramData\Sandlot Games
2015-12-09 14:07 - 2012-08-20 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-12-09 14:07 - 2012-07-31 09:36 - 00000000 ____D C:\ProgramData\Mozilla
2015-12-09 14:07 - 2012-07-02 15:27 - 00000000 ____D C:\ProgramData\Friends Games
2015-12-09 14:07 - 2012-06-05 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Stream
2015-12-09 14:07 - 2011-11-30 13:23 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-12-09 14:07 - 2011-11-24 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor
2015-12-09 14:07 - 2011-09-12 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-12-09 14:07 - 2011-08-03 14:16 - 00000000 ____D C:\ProgramData\Sun
2015-12-09 14:07 - 2011-07-22 11:59 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2015-12-09 14:07 - 2011-07-13 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Basic 6.0 Runtime&Steuerelemente
2015-12-09 14:07 - 2011-07-13 11:26 - 00000000 ____D C:\ProgramData\Windows Genuine Advantage
2015-12-09 14:07 - 2011-06-23 14:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-09 14:07 - 2011-06-20 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
2015-12-09 14:07 - 2011-06-20 09:56 - 00000000 ____D C:\ProgramData\Macromedia
2015-12-09 14:07 - 2011-06-17 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 9.0
2015-12-09 14:07 - 2011-06-14 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-09 14:07 - 2011-06-14 11:42 - 00000000 ____D C:\ProgramData\Logitech
2015-12-09 14:07 - 2011-06-14 11:41 - 00000000 ____D C:\ProgramData\LogiShrd
2015-12-09 14:07 - 2011-06-14 10:32 - 00000000 ____D C:\ProgramData\InstallShield
2015-12-09 14:07 - 2011-06-14 10:30 - 00000000 ____D C:\ProgramData\ScanSoft
2015-12-09 14:07 - 2011-06-14 09:31 - 00000000 ____D C:\ProgramData\Brother
2015-12-09 14:07 - 2011-06-13 14:57 - 00000000 ____D C:\ProgramData\ODIR
2015-12-09 14:07 - 2011-05-03 19:27 - 00000000 ____D C:\ProgramData\TEMP
2015-12-09 14:07 - 2010-10-26 19:36 - 00000000 ____D C:\ProgramData\TVU Networks
2015-12-09 14:07 - 2010-08-23 14:18 - 00000000 ____D C:\ProgramData\NortonInstaller
2015-12-09 14:07 - 2010-08-23 14:18 - 00000000 ____D C:\ProgramData\Norton
2015-12-09 14:07 - 2010-05-07 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2015-12-09 14:07 - 2010-05-07 12:23 - 00000000 ____D C:\ProgramData\Win7codecs
2015-12-09 14:07 - 2010-05-01 15:52 - 00000000 ____D C:\ProgramData\DivX
2015-12-09 14:07 - 2009-10-17 03:39 - 00000000 ____D C:\ProgramData\Symantec
2015-12-09 14:07 - 2009-10-17 03:39 - 00000000 ____D C:\ProgramData\OEM
2015-12-09 14:07 - 2009-10-17 03:39 - 00000000 ____D C:\ProgramData\EgisTec
2015-12-09 14:07 - 2009-10-17 03:37 - 00000000 ____D C:\ProgramData\eSobi
2015-12-09 14:07 - 2009-10-17 03:30 - 00000000 ____D C:\ProgramData\Nero
2015-12-09 14:07 - 2009-10-17 03:28 - 00000000 ____D C:\ProgramData\SiteAdvisor
2015-12-09 14:07 - 2009-10-17 03:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-12-09 14:07 - 2009-10-17 03:24 - 00000000 ____D C:\ProgramData\McAfee
2015-12-09 14:07 - 2009-10-17 03:23 - 00000000 ____D C:\ProgramData\Google
2015-12-09 14:07 - 2009-10-17 03:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-09 14:07 - 2009-10-17 03:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-09 14:07 - 2009-10-17 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2015-12-09 14:07 - 2009-10-17 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2015-12-09 14:07 - 2009-10-17 02:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-09 14:07 - 2006-10-10 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-12-09 14:07 - 2006-10-10 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-09 14:07 - 2006-10-10 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-12-09 14:07 - 2006-10-10 22:13 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-09 14:06 - 2015-09-17 08:39 - 00000000 ____D C:\ProgramData\AVG
2015-12-09 14:06 - 2015-06-24 10:01 - 00000000 ____D C:\ProgramData\Battle.net
2015-12-09 14:06 - 2015-03-06 15:27 - 00000000 ____D C:\ProgramData\Apple Computer
2015-12-09 14:06 - 2014-10-18 15:51 - 00000000 ____D C:\ab42784a-c434-4487-a840-d10eaa9a0cf6
2015-12-09 14:06 - 2014-02-16 17:31 - 00000000 ____D C:\bkazan_ablage
2015-12-09 14:06 - 2012-07-20 16:10 - 00000000 ____D C:\0a66a0105cf1a8146a0619
2015-12-09 14:06 - 2012-02-14 18:34 - 00000000 ____D C:\ProgramData\Apple
2015-12-09 14:06 - 2011-07-22 12:06 - 00000000 ____D C:\GD880
2015-12-09 14:06 - 2011-07-20 09:05 - 00000000 ____D C:\Medion
2015-12-09 14:06 - 2011-07-13 14:19 - 00000000 ____D C:\SuperOneClick
2015-12-09 14:06 - 2009-10-17 03:40 - 00000000 ___HD C:\OEM
2015-12-09 14:06 - 2009-10-17 03:36 - 00000000 ____D C:\ProgramData\Adobe
2015-12-09 14:06 - 2009-10-17 03:20 - 00000000 ____D C:\ProgramData\Acer
2015-12-09 14:06 - 2009-10-17 03:12 - 00000000 ____D C:\ProgramData\BackupManager
2015-12-09 14:06 - 2009-07-14 04:20 - 00000000 ____D C:\PerfLogs
2015-12-09 14:06 - 2006-10-10 22:20 - 00000000 ____D C:\book
2015-12-09 10:34 - 2015-10-23 15:29 - 00012142 _____ C:\Users\Multimedia\Downloads\Momox_Gratis-Paketaufkleber_604153717_1.pdf.vvv
2015-12-09 10:34 - 2015-10-13 09:34 - 00012126 _____ C:\Users\Multimedia\Downloads\Ihre Retourenmarke.pdf.vvv
2015-12-09 10:34 - 2015-10-13 09:06 - 00012126 _____ C:\Users\Multimedia\Downloads\Momox_Gratis-Paketaufkleber_876996580_1.pdf.vvv
2015-12-09 10:34 - 2015-05-25 13:41 - 00043966 _____ C:\Users\Multimedia\Downloads\Mustervertrag_15-2013.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:35 - 00250606 _____ C:\Users\Multimedia\Downloads\mdb-elterngeld-antrag.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:35 - 00131662 _____ C:\Users\Multimedia\Downloads\elterngeld_antrag (2).pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:32 - 00065598 _____ C:\Users\Multimedia\Downloads\merkblatt_elterngeld.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:31 - 00131662 _____ C:\Users\Multimedia\Downloads\elterngeld_antrag.pdf.vvv
2015-12-09 10:34 - 2015-05-19 11:31 - 00131662 _____ C:\Users\Multimedia\Downloads\elterngeld_antrag (1).pdf.vvv
2015-12-09 10:34 - 2015-04-23 13:30 - 00068014 _____ C:\Users\Multimedia\Downloads\nachweis_eigenbemuehungen.doc.vvv
2015-12-09 10:34 - 2015-04-23 13:30 - 00016814 _____ C:\Users\Multimedia\Downloads\nachweis_von_eigenbemuehungen.xls.vvv
2015-12-09 10:34 - 2015-03-21 15:33 - 00029070 _____ C:\Users\Multimedia\Downloads\erloeschen_aufenthaltstitel (1).pdf.vvv
2015-12-09 10:34 - 2015-03-21 15:07 - 00029070 _____ C:\Users\Multimedia\Downloads\erloeschen_aufenthaltstitel.pdf.vvv
2015-12-09 10:34 - 2015-03-21 15:06 - 00030094 _____ C:\Users\Multimedia\Downloads\labo_4323_antrag_auf_erteilung_der_ne_2007.pdf.vvv
2015-12-09 10:34 - 2015-02-24 18:24 - 00118814 _____ C:\Users\Multimedia\Downloads\Muell_OT_2007.pdf.vvv
2015-12-09 10:34 - 2015-02-16 10:51 - 00023550 _____ C:\Users\Multimedia\Downloads\tutis (2).odt.vvv
2015-12-09 10:34 - 2015-02-16 10:50 - 00023550 _____ C:\Users\Multimedia\Downloads\tutis (1).odt.vvv
2015-12-09 10:34 - 2015-02-16 10:48 - 00023550 _____ C:\Users\Multimedia\Downloads\tutis.odt.vvv
2015-12-09 10:34 - 2015-02-05 11:14 - 00150462 _____ C:\Users\Multimedia\Downloads\form.doc.vvv
2015-12-09 10:34 - 2015-01-10 08:04 - 00160350 _____ C:\Users\Multimedia\Downloads\mdb-gewa1_online.pdf.vvv
2015-12-09 10:34 - 2014-12-31 12:50 - 02405358 _____ C:\Users\Multimedia\Downloads\Pass_Aufenthalt.pdf.vvv
2015-12-09 10:34 - 2014-11-01 12:21 - 00345294 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000443186.pdf.vvv
2015-12-09 10:34 - 2014-11-01 11:57 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000443155.pdf.vvv
2015-12-09 10:34 - 2014-10-25 10:59 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000432162.pdf.vvv
2015-12-09 10:34 - 2014-10-21 16:21 - 00345854 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000427981.pdf.vvv
2015-12-09 10:34 - 2014-10-21 12:56 - 00345934 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000427713.pdf.vvv
2015-12-09 10:34 - 2014-10-21 11:27 - 00345950 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000427560.pdf.vvv
2015-12-09 10:34 - 2014-10-16 10:06 - 00345774 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000423284.pdf.vvv
2015-12-09 10:34 - 2014-10-16 09:33 - 00345310 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000423234.pdf.vvv
2015-12-09 10:34 - 2014-10-15 16:13 - 00345870 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000422714.pdf.vvv
2015-12-09 10:34 - 2014-10-15 10:29 - 00345454 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000422311.pdf.vvv
2015-12-09 10:34 - 2014-10-15 07:53 - 00005550 _____ C:\Users\Multimedia\Downloads\Export_15_10_2014_06-52-37.xls.vvv
2015-12-09 10:34 - 2014-10-15 07:52 - 00005550 _____ C:\Users\Multimedia\Downloads\Export_15_10_2014_06-52-25.xls.vvv
2015-12-09 10:34 - 2014-10-14 11:42 - 00345358 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000421088.pdf.vvv
2015-12-09 10:34 - 2014-10-13 09:36 - 00345918 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000419580.pdf.vvv
2015-12-09 10:34 - 2014-10-10 15:11 - 00345422 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000418043.pdf.vvv
2015-12-09 10:34 - 2014-10-10 10:52 - 00345086 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000417755.pdf.vvv
2015-12-09 10:34 - 2014-10-09 11:34 - 00345246 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000416737.pdf.vvv
2015-12-09 10:34 - 2014-10-07 16:05 - 00345486 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000414784.pdf.vvv
2015-12-09 10:34 - 2014-10-07 09:48 - 00227854 _____ C:\Users\Multimedia\Downloads\kostenlose Vorlage Untermietvertrag (227 KB).pdf.vvv
2015-12-09 10:34 - 2014-10-07 09:48 - 00227854 _____ C:\Users\Multimedia\Downloads\kostenlose Vorlage Untermietvertrag (227 KB) (1).pdf.vvv
2015-12-09 10:34 - 2014-10-07 09:48 - 00041902 _____ C:\Users\Multimedia\Downloads\untermietervertrag.doc.vvv
2015-12-09 10:34 - 2014-10-06 09:40 - 00344494 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000412401.pdf.vvv
2015-12-09 10:34 - 2014-10-01 19:35 - 00092078 _____ C:\Users\Multimedia\Downloads\Export_01_10_2014_18-35-14.xls.vvv
2015-12-09 10:34 - 2014-10-01 12:48 - 00345294 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000409293.pdf.vvv
2015-12-09 10:34 - 2014-09-30 18:09 - 00346462 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408527.pdf.vvv
2015-12-09 10:34 - 2014-09-30 17:47 - 00346302 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408504.pdf.vvv
2015-12-09 10:34 - 2014-09-30 17:28 - 00345758 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408484.pdf.vvv
2015-12-09 10:34 - 2014-09-30 15:45 - 00345710 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408413.pdf.vvv
2015-12-09 10:34 - 2014-09-30 15:04 - 00346158 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408355.pdf.vvv
2015-12-09 10:34 - 2014-09-30 14:52 - 00345598 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000408344.pdf.vvv
2015-12-09 10:34 - 2014-09-30 10:01 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407881.pdf.vvv
2015-12-09 10:34 - 2014-09-30 09:58 - 00345854 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407870.pdf.vvv
2015-12-09 10:34 - 2014-09-30 09:55 - 00346062 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407859.pdf.vvv
2015-12-09 10:34 - 2014-09-30 09:51 - 00345566 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407847.pdf.vvv
2015-12-09 10:34 - 2014-09-30 08:48 - 00345806 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000407750.pdf.vvv
2015-12-09 10:34 - 2014-09-26 07:28 - 00345374 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000404370.pdf.vvv
2015-12-09 10:34 - 2014-09-25 13:03 - 00345934 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000403653.pdf.vvv
2015-12-09 10:34 - 2014-09-25 08:36 - 00347006 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000403273.pdf.vvv
2015-12-09 10:34 - 2014-09-24 11:52 - 00346302 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000402458.pdf.vvv
2015-12-09 10:34 - 2014-09-24 09:49 - 00005038 _____ C:\Users\Multimedia\Downloads\Export_24_09_2014_08-49-07.xls.vvv
2015-12-09 10:34 - 2014-09-24 08:12 - 00005038 _____ C:\Users\Multimedia\Downloads\Export_24_09_2014_07-12-25.xls.vvv
2015-12-09 10:34 - 2014-09-23 13:49 - 00345518 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000401253.pdf.vvv
2015-12-09 10:34 - 2014-09-23 13:46 - 00345326 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000401246.pdf.vvv
2015-12-09 10:34 - 2014-09-22 14:35 - 00345566 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399902.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:59 - 00346078 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399530.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:21 - 00346206 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399495.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:16 - 00344926 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399491.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:12 - 00346462 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399486.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:07 - 00345998 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399475.pdf.vvv
2015-12-09 10:34 - 2014-09-22 08:07 - 00345998 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399475 (1).pdf.vvv
2015-12-09 10:34 - 2014-09-22 07:28 - 00345278 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000399446.pdf.vvv
2015-12-09 10:34 - 2014-09-16 18:14 - 00345662 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000395542.pdf.vvv
2015-12-09 10:34 - 2014-09-16 17:43 - 00345886 _____ C:\Users\Multimedia\Downloads\GiftVoucher_EU14-0000000395503.pdf.vvv
2015-12-09 10:34 - 2014-09-13 11:08 - 00029630 _____ C:\Users\Multimedia\Downloads\Order.pdf.vvv
2015-12-09 10:34 - 2014-09-12 12:00 - 00007086 _____ C:\Users\Multimedia\Downloads\Export_12_09_2014_11-00-25.xls.vvv
2015-12-09 10:34 - 2014-05-24 11:45 - 00321758 _____ C:\Users\Multimedia\Downloads\l6019022dstbai378191.pdf.vvv
2015-12-09 10:34 - 2014-05-17 11:10 - 07386542 _____ C:\Users\Multimedia\Downloads\FileZilla_3.8.0_win32.zip.vvv
2015-12-09 10:34 - 2014-05-06 12:35 - 00122830 _____ C:\Users\Multimedia\Downloads\Outlook.com.zip.vvv
2015-12-09 10:34 - 2014-03-10 11:39 - 00412286 _____ C:\Users\Multimedia\Downloads\Rapor YENI.pdf.vvv
2015-12-09 10:34 - 2013-12-30 14:36 - 01519518 _____ C:\Users\Multimedia\Downloads\Merkblatt.pdf.vvv
2015-12-09 10:34 - 2013-12-30 14:36 - 01519518 _____ C:\Users\Multimedia\Downloads\Merkblatt(1).pdf.vvv
2015-12-09 10:34 - 2013-12-30 14:34 - 00578126 _____ C:\Users\Multimedia\Downloads\Zulassungskriterien.pdf.vvv
2015-12-09 10:34 - 2013-10-30 11:33 - 00113982 _____ C:\Users\Multimedia\Downloads\TramMetro_0912_2012A3.PDF.vvv
2015-12-09 10:34 - 2013-09-25 14:34 - 00018206 _____ C:\Users\Multimedia\Downloads\SinaiBerg.docx.vvv
2015-12-09 10:34 - 2013-08-13 10:27 - 00036654 _____ C:\Users\Multimedia\Downloads\Weg_zum_Ticket_S_08-2013.pdf.vvv
2015-12-09 10:34 - 2013-08-07 08:27 - 00011470 _____ C:\Users\Multimedia\Stromabschlag.docx-2.docx.vvv
2015-12-09 10:34 - 2013-08-07 08:19 - 00011406 _____ C:\Users\Multimedia\Stromabschlag.docx.vvv
2015-12-09 10:34 - 2013-08-02 10:35 - 00010926 _____ C:\Users\Multimedia\Sajjad Ahmed.docx020813.docx.vvv
2015-12-09 10:34 - 2013-08-01 15:44 - 00048270 _____ C:\Users\Multimedia\Downloads\nutzungsordnung_der_computereinricht.pdf.vvv
2015-12-09 10:34 - 2013-08-01 15:44 - 00040958 _____ C:\Users\Multimedia\Downloads\merkblatt_regelungen_bei_fehlzeiten.pdf.vvv
2015-12-09 10:34 - 2013-07-31 12:20 - 00010894 _____ C:\Users\Multimedia\Sinaiberg e.docx.vvv
2015-12-09 10:34 - 2013-07-31 10:37 - 00012542 _____ C:\Users\Multimedia\Kooperationsvertrag.docx.vvv
2015-12-09 10:34 - 2013-07-23 08:46 - 00011198 _____ C:\Users\Multimedia\Vollmacht.docx230713.docx.vvv
2015-12-09 10:34 - 2013-07-15 11:27 - 00028078 _____ C:\Users\Multimedia\Fatma Bas.doc.vvv
2015-12-09 10:34 - 2013-06-27 12:16 - 00011518 _____ C:\Users\Multimedia\Widerspruch.docxAvcibas.docx.vvv
2015-12-09 10:34 - 2013-06-27 09:39 - 00011374 _____ C:\Users\Multimedia\Leszek Olszewski.docx.vvv
2015-12-09 10:34 - 2013-06-21 09:42 - 00011374 _____ C:\Users\Multimedia\Sinaiberg e.docxSposito_Lauro.docx.vvv
2015-12-09 10:34 - 2013-06-21 07:05 - 00155230 _____ C:\Users\Multimedia\Downloads\PDF_Rechnung_M211130074064798_06-2013.pdf.vvv
2015-12-09 10:34 - 2013-06-19 11:34 - 00083006 _____ C:\Users\Multimedia\Einkommensbescheinigung.pdfsahin_Ebru.pdf.vvv
2015-12-09 10:34 - 2013-06-19 10:27 - 00443934 _____ C:\Users\Multimedia\Hauptantrag-Arbeitslosengeld-II-1.pdfsahin.pdf.vvv
2015-12-09 10:34 - 2013-05-15 09:54 - 00050334 _____ C:\Users\Multimedia\Downloads\Tagesprogramm_Anmeldeformular_04_06_2013 (2).pdf.vvv
2015-12-09 10:34 - 2013-04-18 08:52 - 00034798 _____ C:\Users\Multimedia\Downloads\gewa1_neutral(1).pdf.vvv
2015-12-09 10:34 - 2013-04-18 08:51 - 00034798 _____ C:\Users\Multimedia\Downloads\gewa1_neutral.pdf.vvv
2015-12-09 10:34 - 2013-04-08 11:24 - 03387118 _____ C:\Users\Multimedia\Downloads\Konzept_Yücel, 15. Februar 2013(1).pdf.vvv
2015-12-09 10:34 - 2013-04-08 11:15 - 05789486 _____ C:\Users\Multimedia\Downloads\Zertifikate, 15. Februar 2013(1).pdf.vvv
2015-12-09 10:34 - 2013-04-03 12:05 - 05789486 _____ C:\Users\Multimedia\Downloads\Zertifikate, 15. Februar 2013.pdf.vvv
2015-12-09 10:34 - 2013-04-03 12:01 - 03387118 _____ C:\Users\Multimedia\Downloads\Konzept_Yücel, 15. Februar 2013.pdf.vvv
2015-12-09 10:34 - 2013-03-21 12:49 - 00154110 _____ C:\Users\Multimedia\Downloads\PDF_Rechnung_M211130067104642_03-2013.pdf.vvv
2015-12-09 10:34 - 2013-02-21 09:44 - 00405598 _____ C:\Users\Multimedia\Downloads\Tragfaehigkeitsbescheinigung (4).pdf.vvv
2015-12-09 10:34 - 2013-02-18 12:16 - 08107214 _____ C:\Users\Multimedia\Downloads\est-12.zip.vvv
2015-12-09 10:34 - 2013-01-16 15:05 - 00355518 _____ C:\Users\Multimedia\Downloads\logo_sicherheit.png.vvv
2015-12-09 10:34 - 2012-01-16 21:03 - 00108590 _____ C:\Users\Multimedia\Downloads\RegionalFolder(7).pdf.vvv
2015-12-09 10:34 - 2012-01-16 19:02 - 00104814 _____ C:\Users\Multimedia\Downloads\RegionalFolder(6).pdf.vvv
2015-12-09 10:34 - 2012-01-15 14:16 - 00109838 _____ C:\Users\Multimedia\Downloads\RegionalFolder(5).pdf.vvv
2015-12-09 10:34 - 2012-01-05 19:54 - 00111310 _____ C:\Users\Multimedia\Downloads\RegionalFolder(4).pdf.vvv
2015-12-09 10:34 - 2012-01-05 19:35 - 00109838 _____ C:\Users\Multimedia\Downloads\RegionalFolder(3).pdf.vvv
2015-12-09 10:34 - 2012-01-05 19:34 - 00106430 _____ C:\Users\Multimedia\Downloads\RegionalFolder(2).pdf.vvv
2015-12-09 10:34 - 2012-01-02 20:45 - 00110078 _____ C:\Users\Multimedia\Downloads\RegionalFolder(1).pdf.vvv
2015-12-09 10:34 - 2011-12-20 22:17 - 00030078 _____ C:\Users\Multimedia\Downloads\RegionalFolder.pdf.vvv
2015-12-09 10:34 - 2011-12-09 15:18 - 00403742 _____ C:\Users\Multimedia\Downloads\Makbuz Lyoness Engin.pdf.vvv
2015-12-09 10:34 - 2011-12-07 12:24 - 296489806 _____ C:\Users\Multimedia\Downloads\EG-V1_2_17_34_EFI.zip.vvv
2015-12-09 10:34 - 2011-11-21 13:39 - 00022062 _____ C:\Users\Multimedia\Downloads\MoDaCo_NoData.rar.vvv
2015-12-09 10:34 - 2011-07-13 12:24 - 04303326 _____ C:\Users\Multimedia\Downloads\SETreiber for Faq4mobiles.rar.vvv
2015-12-09 10:33 - 2015-08-03 13:34 - 00116398 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-07-24-1152657077 (1).pdf.vvv
2015-12-09 10:33 - 2015-08-03 13:34 - 00105630 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-01-05-115149803.pdf.vvv
2015-12-09 10:33 - 2015-08-03 13:32 - 00116398 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-07-24-1152657077.pdf.vvv
2015-12-09 10:33 - 2015-07-22 17:18 - 00144078 _____ C:\Users\Multimedia\Downloads\blau_verbindungen_22.06.2015_bis_22.07.2015.pdf.vvv
2015-12-09 10:33 - 2015-07-22 17:16 - 00244142 _____ C:\Users\Multimedia\Downloads\blau_verbindungen_03.05.2015_bis_22.07.2015.pdf.vvv
2015-12-09 10:33 - 2015-07-22 17:08 - 00111406 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-07-06-1152422097.pdf.vvv
2015-12-09 10:33 - 2015-07-02 07:12 - 00084782 _____ C:\Users\Multimedia\Downloads\antrag_auf_erlaubnis_einer_besch__ftigung.pdf.vvv
2015-12-09 10:33 - 2015-07-02 07:12 - 00084782 _____ C:\Users\Multimedia\Downloads\antrag_auf_erlaubnis_einer_besch__ftigung (1).pdf.vvv
2015-12-09 10:33 - 2015-06-13 05:38 - 00025262 _____ C:\Users\Multimedia\Documents\Dokumentvorlage mit neuem Uni.docx.vvv
2015-12-09 10:33 - 2015-06-11 10:59 - 00668958 _____ C:\Users\Multimedia\Documents\Klicken Sie hier.docx.vvv
2015-12-09 10:33 - 2015-06-07 11:05 - 00000590 ____H C:\Users\Multimedia\Desktop\~$ April 2015.docx.vvv
2015-12-09 10:33 - 2015-06-06 13:43 - 00109534 _____ C:\Users\Multimedia\Downloads\blau-rechnung-2015-05-24-1151890301.pdf.vvv
2015-12-09 10:33 - 2015-05-26 12:54 - 00102334 _____ C:\Users\Multimedia\Downloads\11046331_1000576496649631_658300545086702200_n.jpg.vvv
2015-12-09 10:33 - 2015-04-29 11:15 - 00018238 _____ C:\Users\Multimedia\Documents\Merhabaa.docx.vvv
2015-12-09 10:33 - 2015-04-23 13:26 - 01917134 _____ C:\Users\Multimedia\Downloads\amip_2015.pdf.vvv
2015-12-09 10:33 - 2015-03-17 11:25 - 00021422 _____ C:\Users\Multimedia\Documents\Kundendaten (Entwicklung).xls.vvv
2015-12-09 10:33 - 2015-03-08 09:54 - 00174926 _____ C:\Users\Multimedia\Documents\Dok1.docx.vvv
2015-12-09 10:33 - 2015-02-23 12:49 - 00025214 _____ C:\Users\Multimedia\Downloads\22336434_s.jpg.vvv
2015-12-09 10:33 - 2015-02-11 20:06 - 00111278 _____ C:\Users\Multimedia\Downloads\115398926 (1).pdf.vvv
2015-12-09 10:33 - 2015-02-11 20:06 - 00105662 _____ C:\Users\Multimedia\Downloads\115525705.pdf.vvv
2015-12-09 10:33 - 2015-02-10 09:23 - 00010910 _____ C:\Users\Multimedia\Documents\- EJ-Erkl.docx.vvv
2015-12-09 10:33 - 2015-01-27 14:33 - 00111278 _____ C:\Users\Multimedia\Downloads\115398926.pdf.vvv
2015-12-09 10:33 - 2015-01-16 09:06 - 00039854 _____ C:\Users\Multimedia\Downloads\Bescheinigung_ab_01.07.2013_02 (2).xls.vvv
2015-12-09 10:33 - 2015-01-16 08:59 - 00039854 _____ C:\Users\Multimedia\Downloads\Bescheinigung_ab_01.07.2013_02 (1).xls.vvv
2015-12-09 10:33 - 2015-01-16 08:57 - 00039854 _____ C:\Users\Multimedia\Downloads\Bescheinigung_ab_01.07.2013_02.xls.vvv
2015-12-09 10:33 - 2014-12-17 14:37 - 00028174 _____ C:\Users\Multimedia\Downloads\1081_Muster_Untermietvertrag_Wohnung.docx.vvv
2015-12-09 10:33 - 2014-11-24 14:46 - 00111262 _____ C:\Users\Multimedia\Downloads\1143939404 (1).pdf.vvv
2015-12-09 10:33 - 2014-10-31 11:03 - 00087342 _____ C:\Users\Multimedia\Downloads\112987600.pdf.vvv
2015-12-09 10:33 - 2014-10-31 11:03 - 00053294 _____ C:\Users\Multimedia\Downloads\112529496.pdf.vvv
2015-12-09 10:33 - 2014-10-31 11:02 - 00111262 _____ C:\Users\Multimedia\Downloads\1143939404.pdf.vvv
2015-12-09 10:33 - 2014-10-14 10:12 - 00011774 _____ C:\Users\Multimedia\Documents\Ihre E_abel-rahman.abdel-atti.docx.vvv
2015-12-09 10:33 - 2014-10-01 19:36 - 00145662 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument (3).pdf.vvv
2015-12-09 10:33 - 2014-10-01 19:36 - 00145662 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument (2).pdf.vvv
2015-12-09 10:33 - 2014-09-20 13:07 - 00527278 _____ C:\Users\Multimedia\Downloads\CS_Lohnsteuertabelle-2014.pdf.vvv
2015-12-09 10:33 - 2014-09-20 12:39 - 00011934 _____ C:\Users\Multimedia\Documents\Ihre E93.710.docx.vvv
2015-12-09 10:33 - 2014-09-16 17:49 - 00123470 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument (1).pdf.vvv
2015-12-09 10:33 - 2014-09-08 19:34 - 00011790 _____ C:\Users\Multimedia\Documents\foustok bewerbung 2014.docx.vvv
2015-12-09 10:33 - 2014-08-29 15:10 - 00011438 _____ C:\Users\Multimedia\Documents\bedinung 1.docx.vvv
2015-12-09 10:33 - 2014-08-15 16:33 - 00010782 _____ C:\Users\Multimedia\Documents\kündigung 22.docx.vvv
2015-12-09 10:33 - 2014-07-07 18:59 - 00011918 _____ C:\Users\Multimedia\Documents\Mohamad Jamal Foustok Sybelstr.docx.vvv
2015-12-09 10:33 - 2014-07-07 12:07 - 00135342 _____ C:\Users\Multimedia\Documents\Foto.JPG.vvv
2015-12-09 10:33 - 2014-07-05 12:32 - 00011950 _____ C:\Users\Multimedia\Downloads\DHL-Paketaufkleber_23.942.pdf.vvv
2015-12-09 10:33 - 2014-07-02 13:00 - 00011982 _____ C:\Users\Multimedia\Downloads\DHL-Paketaufkleber_23.807.pdf.vvv
2015-12-09 10:33 - 2014-06-21 10:23 - 00131038 _____ C:\Users\Multimedia\Downloads\com_xmap.zip.vvv
2015-12-09 10:33 - 2014-06-03 10:57 - 02754254 _____ C:\Users\Multimedia\Downloads\141542795640129.pdf.vvv
2015-12-09 10:33 - 2014-05-28 12:28 - 00018046 _____ C:\Users\Multimedia\Downloads\DRP50157795.pdf.vvv
2015-12-09 10:33 - 2014-05-17 14:36 - 00018782 _____ C:\Users\Multimedia\Downloads\1400351786_Old_tv.png.vvv
2015-12-09 10:33 - 2014-05-17 10:42 - 00011054 _____ C:\Users\Multimedia\Downloads\1400337759_iPod Touch.png.vvv
2015-12-09 10:33 - 2014-05-09 09:14 - 00111886 _____ C:\Users\Multimedia\Downloads\1141606977.pdf.vvv
2015-12-09 10:33 - 2014-05-03 12:35 - 00173902 _____ C:\Users\Multimedia\Documents\betholz.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:28 - 00198926 _____ C:\Users\Multimedia\Documents\einze2.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:27 - 00030270 _____ C:\Users\Multimedia\Documents\einzel.jpg.vvv
2015-12-09 10:33 - 2014-05-03 12:22 - 00194526 _____ C:\Users\Multimedia\Documents\bett3.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:20 - 00182286 _____ C:\Users\Multimedia\Documents\bett ho.JPG.vvv
2015-12-09 10:33 - 2014-05-03 12:20 - 00051886 _____ C:\Users\Multimedia\Documents\bett hoh.JPG.vvv
2015-12-09 10:33 - 2014-04-02 08:06 - 00128910 _____ C:\Users\Multimedia\Downloads\ausbildungsstaetten.pdf.vvv
2015-12-09 10:33 - 2014-02-27 17:36 - 00011774 _____ C:\Users\Multimedia\Documents\Abdulhamid Wayaya Berlin den.docx.vvv
2015-12-09 10:33 - 2014-02-14 17:09 - 00019886 _____ C:\Users\Multimedia\Documents\barcli.docx.vvv
2015-12-09 10:33 - 2014-02-06 11:06 - 00603982 _____ C:\Users\Multimedia\Documents\Mietrückstand022.pdf.vvv
2015-12-09 10:33 - 2014-02-04 15:03 - 02873054 _____ C:\Users\Multimedia\Downloads\28-02-2013_003.part3.rar.vvv
2015-12-09 10:33 - 2014-01-07 09:08 - 00005982 _____ C:\Users\Multimedia\Documents\Lebenslauf Berlin den.odt.vvv
2015-12-09 10:33 - 2014-01-07 08:59 - 00006862 _____ C:\Users\Multimedia\Documents\Bewerbung.odt.vvv
2015-12-09 10:33 - 2013-09-30 13:35 - 00059038 _____ C:\Users\Multimedia\Downloads\5416234.pdf.vvv
2015-12-09 10:33 - 2013-08-06 07:50 - 00271470 _____ C:\Users\Multimedia\Downloads\E-ticket0120372337007.pdf.vvv
2015-12-09 10:33 - 2013-07-23 13:34 - 00011422 _____ C:\Users\Multimedia\Documents\Carmen Lischka.docx.vvv
2015-12-09 10:33 - 2013-07-16 09:25 - 00012654 _____ C:\Users\Multimedia\Documents\Irene Hagelganz.docx.vvv
2015-12-09 10:33 - 2013-06-27 08:56 - 00913854 _____ C:\Users\Multimedia\Downloads\131782304160129.pdf.vvv
2015-12-09 10:33 - 2013-06-21 12:01 - 00097790 _____ C:\Users\Multimedia\Downloads\Brau_u_Getraenketechnik_111215_v1_3.pdf.vvv
2015-12-09 10:33 - 2013-06-18 10:09 - 00137374 _____ C:\Users\Multimedia\Downloads\Anlage-WEP-Weitere-Personen-d-Bedarfsgemeinschaft.pdf.vvv
2015-12-09 10:33 - 2013-06-12 11:34 - 00849374 _____ C:\Users\Multimedia\Downloads\131632282060129.pdf.vvv
2015-12-09 10:33 - 2013-05-26 15:21 - 00095598 _____ C:\Users\Multimedia\Downloads\1131288575.pdf.vvv
2015-12-09 10:33 - 2013-05-26 15:21 - 00095598 _____ C:\Users\Multimedia\Downloads\1131288575(1).pdf.vvv
2015-12-09 10:33 - 2013-05-06 09:11 - 01723118 _____ C:\Users\Multimedia\Downloads\6000001663-Schluss-VWN-GCD.pdf.vvv
2015-12-09 10:33 - 2013-04-23 11:37 - 00011230 _____ C:\Users\Multimedia\Documents\Belgin Kisner.docx.vvv
2015-12-09 10:33 - 2013-04-23 11:17 - 00011774 _____ C:\Users\Multimedia\Documents\Olimpia Moldoveanu.docx.vvv
2015-12-09 10:33 - 2013-04-12 13:16 - 00011454 _____ C:\Users\Multimedia\Documents\Melanie.docx.vvv
2015-12-09 10:33 - 2013-04-08 10:19 - 00011342 _____ C:\Users\Multimedia\Documents\Farah Al Nomairy.docx.vvv
2015-12-09 10:33 - 2013-03-26 13:44 - 01112398 _____ C:\Users\Multimedia\Downloads\atlas_release_8_3.pdf.vvv
2015-12-09 10:33 - 2013-03-26 09:00 - 00849294 _____ C:\Users\Multimedia\Downloads\130852166050129(1).pdf.vvv
2015-12-09 10:33 - 2013-03-26 08:48 - 00849294 _____ C:\Users\Multimedia\Downloads\130852166050129.pdf.vvv
2015-12-09 10:33 - 2013-03-22 15:09 - 00011838 _____ C:\Users\Multimedia\Documents\Tburghard.docx.vvv
2015-12-09 10:33 - 2013-03-22 14:32 - 00011534 _____ C:\Users\Multimedia\Documents\Faik Aras.docx.vvv
2015-12-09 10:33 - 2013-02-22 09:19 - 00049838 _____ C:\Users\Multimedia\Downloads\0000267891.pdf.vvv
2015-12-09 10:33 - 2013-01-23 09:37 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(7).zip.vvv
2015-12-09 10:33 - 2012-12-20 08:49 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(6).zip.vvv
2015-12-09 10:33 - 2012-12-06 12:50 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(5).zip.vvv
2015-12-09 10:33 - 2012-11-29 10:43 - 00422270 _____ C:\Users\Multimedia\Documents\BusinessPlan_Stand 12 11 25.docx.vvv
2015-12-09 10:33 - 2012-11-20 12:11 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(4).zip.vvv
2015-12-09 10:33 - 2012-11-12 11:48 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(3).zip.vvv
2015-12-09 10:33 - 2012-11-09 08:49 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(2).zip.vvv
2015-12-09 10:33 - 2012-11-06 09:01 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments(1).zip.vvv
2015-12-09 10:33 - 2012-11-05 13:04 - 00510622 _____ C:\Users\Multimedia\Downloads\Attachments.zip.vvv
2015-12-09 10:33 - 2012-11-02 09:32 - 00000430 _____ C:\Users\Multimedia\Downloads\Conan.der.Barbar.2011.BDRip.AC3.German.XviD-POE.avi.vvv
2015-12-09 10:33 - 2012-09-22 13:10 - 07880014 _____ C:\Users\Multimedia\Downloads\Amazon_Appstore.zip.vvv
2015-12-09 10:33 - 2012-08-29 15:18 - 00062302 _____ C:\Users\Multimedia\Documents\3083.Birsen_Tirtandocx.docx.vvv
2015-12-09 10:33 - 2012-08-29 08:06 - 00010910 _____ C:\Users\Multimedia\Documents\Begünstigter_Eigenanteil.docx.vvv
2015-12-09 10:33 - 2012-08-21 08:34 - 00061678 _____ C:\Users\Multimedia\Documents\3069.docx.vvv
2015-12-09 10:33 - 2012-08-21 08:00 - 00062366 _____ C:\Users\Multimedia\Documents\3068.Makrutzi, Heiner.docx.vvv
2015-12-09 10:33 - 2012-08-11 11:58 - 00002062 _____ C:\Users\Multimedia\Documents\ChatLog TeleSon Grundschulung Energie 2012_08_11 12_58.rtf.vvv
2015-12-09 10:33 - 2012-07-31 09:29 - 00062510 _____ C:\Users\Multimedia\Documents\3055_Capuozzo_Marca.docx.vvv
2015-12-09 10:33 - 2012-07-30 10:24 - 00062542 _____ C:\Users\Multimedia\Documents\3052.Aldinov_Aldindocx.docx.vvv
2015-12-09 10:33 - 2012-07-24 09:24 - 00062126 _____ C:\Users\Multimedia\Documents\3047_Kavun_Violeta.docx.vvv
2015-12-09 10:33 - 2012-07-23 08:41 - 00011278 _____ C:\Users\Multimedia\Documents\Velko Mitkov Yosifov_Ortsabwesentheitsschreiben.docx.vvv
2015-12-09 10:33 - 2012-07-20 11:38 - 00013022 _____ C:\Users\Multimedia\Documents\Amtsgericht München.docx Jasmina Ilic.docx.vvv
2015-12-09 10:33 - 2012-07-13 09:09 - 00031150 _____ C:\Users\Multimedia\Downloads\3-Antrag-Stundung-der-Verfahrenskosten.doc.vvv
2015-12-09 10:33 - 2012-07-10 15:03 - 01303982 _____ C:\Users\Multimedia\Downloads\Antrag auf Eröffnungdes Insolvenzverfahrens(1).doc.vvv
2015-12-09 10:33 - 2012-07-10 14:58 - 01303982 _____ C:\Users\Multimedia\Downloads\Antrag auf Eröffnungdes Insolvenzverfahrens.doc.vvv
2015-12-09 10:33 - 2012-07-10 09:34 - 00080302 _____ C:\Users\Multimedia\Downloads\A305_91_sbpa_7.doc.vvv
2015-12-09 10:33 - 2012-07-10 09:18 - 00117678 _____ C:\Users\Multimedia\Downloads\A305_9_glfvz_6.doc.vvv
2015-12-09 10:33 - 2012-06-27 11:40 - 00062334 _____ C:\Users\Multimedia\Documents\3029_Sposito_Lauro_Eduardo_Jose.docx.vvv
2015-12-09 10:33 - 2012-06-11 08:06 - 00038062 _____ C:\Users\Multimedia\Documents\Kassenbuch-Möbel.xlsx.vvv
2015-12-09 10:33 - 2012-06-07 12:39 - 00011150 _____ C:\Users\Multimedia\Documents\An das Jobcenter Berlin.docx.vvv
2015-12-09 10:33 - 2012-06-06 16:16 - 00009758 _____ C:\Users\Multimedia\Documents\Löhne.xlsx.vvv
2015-12-09 10:33 - 2012-03-07 22:43 - 00113886 _____ C:\Users\Multimedia\Downloads\AllowanceDetailDocument.pdf.vvv
2015-12-09 10:33 - 2011-12-09 15:18 - 00986494 _____ C:\Users\Multimedia\Downloads\Belge Lyoness Engin.pdf.vvv
2015-12-09 10:33 - 2011-12-07 12:05 - 07961790 _____ C:\Users\Multimedia\Documents\G5255_Win7_German.zip.vvv
2015-12-09 10:33 - 2011-11-30 12:59 - 00587374 _____ C:\Users\Multimedia\Downloads\AntiBundestrojaner_Globell_V_1_3_3.zip.vvv
2015-12-09 10:33 - 2011-11-25 22:21 - 00110046 _____ C:\Users\Multimedia\Downloads\avira_registry_cleaner_de.zip.vvv
2015-12-09 10:33 - 2011-11-21 13:46 - 00000878 _____ C:\Users\Multimedia\Downloads\DataConnSettingTool_Readme.txt.vvv
2015-12-09 10:33 - 2011-11-07 08:08 - 00026542 _____ C:\Users\Multimedia\Documents\1Deckblatt Kirilla.doc.vvv
2015-12-09 10:33 - 2011-11-05 14:20 - 00064430 _____ C:\Users\Multimedia\Documents\Text Konzept Kirilla.doc.vvv
2015-12-09 10:33 - 2011-10-24 12:21 - 03444542 _____ C:\Users\Multimedia\Downloads\Auhip_5098_port.rar.vvv
2015-12-09 10:33 - 2011-07-18 14:42 - 00064158 _____ C:\Users\Multimedia\Downloads\AGB.pdf.vvv
2015-12-09 10:33 - 2011-07-13 15:39 - 03070366 _____ C:\Users\Multimedia\Downloads\com.android.vending-1.apk.vvv
2015-12-09 10:33 - 2011-02-27 10:46 - 03909038 _____ C:\Users\Multimedia\Downloads\Bilgilendirme_Brosuru.doc.vvv
2015-12-09 10:33 - 2011-02-16 04:15 - 00044462 _____ C:\Users\Multimedia\Documents\Michael Strogoff.doc.vvv
2015-12-09 10:33 - 2011-02-13 10:07 - 00052654 _____ C:\Users\Multimedia\Documents\KfW-Gründercoaches.xls.vvv
2015-12-09 10:33 - 2011-02-12 22:49 - 00051118 _____ C:\Users\Multimedia\Documents\Die chaotische Klasse.doc.vvv
2015-12-09 10:33 - 2011-01-22 17:25 - 00260014 _____ C:\Users\Multimedia\Documents\I.doc.vvv
2015-12-09 10:33 - 2011-01-19 23:05 - 00103342 _____ C:\Users\Multimedia\Documents\OttomanEmpireIn1683tr.png.vvv
2015-12-09 10:33 - 2011-01-19 22:54 - 00313726 _____ C:\Users\Multimedia\Documents\BustOfAyseHafsaSultan_ManisaTurkey.jpg.vvv
2015-12-09 10:33 - 2011-01-19 22:46 - 00148814 _____ C:\Users\Multimedia\Documents\Europe_map_450.PNG.vvv
2015-12-09 10:33 - 2011-01-19 22:45 - 00071518 _____ C:\Users\Multimedia\Documents\395px-Europe_map_450.PNG.vvv
2015-12-09 10:33 - 2011-01-19 22:43 - 00185630 _____ C:\Users\Multimedia\Documents\450_roman-hunnic-empire_1764x1116.jpg.vvv
2015-12-09 10:33 - 2010-10-19 20:53 - 00018174 _____ C:\Users\Multimedia\Documents\Adriano Celentano.docx.vvv
2015-12-09 10:33 - 2010-10-17 20:27 - 00409102 _____ C:\Users\Multimedia\Documents\1.lig sonucu 1959-2000.xlsx.vvv
2015-12-09 10:33 - 2010-09-25 18:09 - 00173134 _____ C:\Users\Multimedia\Documents\DM1903_1963.xlsb.vvv
2015-12-09 10:33 - 2010-09-02 22:03 - 00062926 _____ C:\Users\Multimedia\Documents\U090615-004a.jpg.vvv
2015-12-09 10:33 - 2010-09-02 22:02 - 00059598 _____ C:\Users\Multimedia\Documents\WMF Modell 2200 Silberbesteck.jpg.vvv
2015-12-09 10:33 - 2010-09-02 22:01 - 00068878 _____ C:\Users\Multimedia\Documents\WMF Modell 2200 Silberbestecka.jpg.vvv
2015-12-09 10:33 - 2010-08-17 21:57 - 00710062 _____ C:\Users\Multimedia\Documents\ZDF-Hitparade von 1969-1990.xls.vvv
2015-12-09 10:33 - 2010-08-01 21:46 - 00275182 _____ C:\Users\Multimedia\Documents\1.lig fikstür sonuclari 1959-1993.xlsx.vvv
2015-12-09 10:33 - 2010-08-01 19:50 - 00014270 _____ C:\Users\Multimedia\Documents\Istanbul Isattikleri Puanlar.xlsx.vvv
2015-12-09 10:32 - 2015-06-15 13:32 - 00000000 ____D C:\Users\Multimedia\Desktop\SINAI BERG e.V._Bilder
2015-12-09 10:25 - 2015-06-17 13:32 - 00000000 ____D C:\Users\Multimedia\Desktop\M.Gropp
2015-12-09 10:18 - 2015-09-18 12:23 - 00000000 ____D C:\Users\Multimedia\Desktop\Gescannt
2015-12-09 10:18 - 2013-07-09 09:40 - 00011054 _____ C:\Users\Multimedia\Cemil Akgün.docx.vvv
2015-12-09 10:18 - 2013-06-18 11:45 - 00011134 _____ C:\Users\Multimedia\Brzezinska Bozena.docx.vvv
2015-12-09 10:13 - 2014-12-09 13:38 - 00010670 _____ C:\Users\Gast\Documents\Fritteuse.wps.vvv
2015-12-09 10:13 - 2014-11-10 11:27 - 00011342 _____ C:\Users\Gast\Documents\Ismet Ars10.docx.vvv
2015-12-09 10:13 - 2013-06-19 11:29 - 00162910 _____ C:\Users\Multimedia\Anlage-MEB-Aerztl-Bescheinigung-Mehrbedarf-Ernaehrung.pdfSahin_Ebru.pdf.vvv
2015-12-09 10:13 - 2013-06-19 11:22 - 00107822 _____ C:\Users\Multimedia\Anlage-HG-Hilfebeduerftigkeit-Haushaltsgemeinschaft-1.pdfsahin_Ebru.pdf.vvv
2015-12-09 10:13 - 2013-06-19 11:08 - 00162238 _____ C:\Users\Multimedia\Anlage-VM-Vermoegen.pdfsahin_ebru.pdf.vvv
2015-12-09 10:13 - 2013-06-19 10:45 - 00229966 _____ C:\Users\Multimedia\Anlage-EK-Einkommenserklaerung.pdfsahin ebru.pdf.vvv
2015-12-09 04:39 - 2012-11-16 15:13 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 06:21 - 2011-01-25 13:03 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-07 14:19 - 2012-07-31 09:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-07 14:19 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-07 08:30 - 2010-05-07 20:26 - 00121344 _____ C:\Users\Multimedia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-05 07:39 - 2015-05-16 08:40 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 07:39 - 2015-05-16 08:40 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-27 18:14 - 2015-09-17 13:30 - 00000000 ____D C:\Program Files (x86)\AVG
2015-11-27 07:35 - 2014-12-15 07:31 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-27 07:35 - 2014-05-06 18:23 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-11-27 07:04 - 2011-07-13 11:27 - 01695762 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-27 07:01 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2009-10-17 03:04 - 2009-02-10 20:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\Multimedia\AppData\Roaming\cbg4Eg1uzl8hVhbOVeC8
2015-12-09 10:13 - 2015-12-09 10:18 - 0009620 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:18 - 0002787 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+amx.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 0009620 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 0002787 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 0009620 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 0002787 _____ () C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.txt
2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\Multimedia\AppData\Roaming\jnQmSMuT6xN
2015-03-31 09:14 - 2015-03-31 09:14 - 0005655 _____ () C:\Users\Multimedia\AppData\Roaming\sGHU6xI5w8em8aXqgPl1
2011-07-08 11:05 - 2013-07-31 14:33 - 0000238 _____ () C:\Users\Multimedia\AppData\Roaming\wklnhst.dat
2010-05-07 20:26 - 2015-12-07 08:30 - 0121344 _____ () C:\Users\Multimedia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-09 10:13 - 2015-12-09 10:34 - 0009620 _____ () C:\Users\Multimedia\AppData\Local\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:34 - 0002787 _____ () C:\Users\Multimedia\AppData\Local\how_recover+amx.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 0009620 _____ () C:\Users\Multimedia\AppData\Local\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 0002787 _____ () C:\Users\Multimedia\AppData\Local\how_recover+bhm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 0009620 _____ () C:\Users\Multimedia\AppData\Local\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 0002787 _____ () C:\Users\Multimedia\AppData\Local\how_recover+vrm.txt
2014-07-14 15:26 - 2015-03-18 12:35 - 0004096 ____H () C:\Users\Multimedia\AppData\Local\keyfile3.drm
2013-12-15 20:07 - 2013-12-15 20:07 - 0014370 _____ () C:\Users\Multimedia\AppData\Local\MyWinLockerInstaller.txt-20131215.log
2015-05-11 12:26 - 2015-09-16 21:44 - 0007606 _____ () C:\Users\Multimedia\AppData\Local\Resmon.ResmonCfg
2012-11-16 14:47 - 2012-11-16 14:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-10-17 03:04 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-12-09 10:10 - 2015-12-09 10:11 - 0009620 _____ () C:\ProgramData\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:11 - 0002787 _____ () C:\ProgramData\how_recover+amx.txt
2015-12-09 12:25 - 2015-12-09 12:26 - 0009620 _____ () C:\ProgramData\how_recover+bhm.html
2015-12-09 12:25 - 2015-12-09 12:26 - 0002787 _____ () C:\ProgramData\how_recover+bhm.txt
2015-12-09 14:06 - 2015-12-09 14:07 - 0009620 _____ () C:\ProgramData\how_recover+vrm.html
2015-12-09 14:06 - 2015-12-09 14:07 - 0002787 _____ () C:\ProgramData\how_recover+vrm.txt
Einige Dateien in TEMP:
====================
C:\Users\Multimedia\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-10 08:09
==================== Ende von FRST.txt ============================
|
|
11.12.2015, 20:13
| #13 | ||
| | Windows 7: RSA-2048 Trojaner seit gestern So nebenbei... Hier ein alternativer Lösungsvorschlag... HTML-Code: hxxp://sensorstechforum.com/de/remove-cryptesla-2-2-0-and-restore-vvv-encrypted-files/ Eine Experten-Antwort wäre mal schön.Zitat:
Hat sich erledigt... sind kostenpflichtige Programme... erst gefühlte 2 Stunden gescannt, nur damit da steht "Ja - registrieren und zahlen, sonst bleiben die Viren da!"  |
|
11.12.2015, 22:20
| #14 | |
| /// Malwareteam | Windows 7: RSA-2048 Trojaner seit gestern Deshalb hab ich dir ja auch das geschrieben: Zitat:
|
|
12.12.2015, 15:03
| #15 |
| | Windows 7: RSA-2048 Trojaner seit gestern Ich hab SPYHUNTER 4 deinstalliert. FRST1.txt Logfile Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015
durchgeführt von Multimedia (Administrator) auf SINAI-BKAZAN (12-12-2015 14:56:20)
Gestartet von F:\
Geladene Profile: Multimedia (Verfügbare Profile: Multimedia & UpdatusUser & Bülent & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\MountPoints2: {9beaa6cd-4364-11e0-9c68-00262d216fb1} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\...\MountPoints2: {e19d9f92-b2a8-11e0-ad46-00262d216fb1} - F:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => Keine Datei
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => Keine Datei
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.html [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.txt [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.html [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.txt [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.html [2015-12-09] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.txt [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.html [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+amx.txt [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.html [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+bhm.txt [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.html [2015-12-09] ()
Startup: C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+vrm.txt [2015-12-09] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5A4F0A5F-8EA0-44EA-AF9A-AB6E3FBD2D6E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60705F6F-02B6-478A-8328-509DFE8E8627}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{93C72F3C-2101-442B-AF59-DE2394A5DAD8}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3445553229-585193536-3719774176-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130943160094602000&GUID=04F08B28-FEF9-4CE5-9A45-0466020F4D70
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321902&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP624C4886-2FC0-431C-8A53-0B5325F4DBC7&q={searchTerms}&SSPV=
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-15] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-15] (Oracle Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-3445553229-585193536-3719774176-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-20] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-20] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-03] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-03] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3445553229-585193536-3719774176-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Multimedia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-07-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-11-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-11-19] (Apple Inc.)
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+amx.html [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+amx.txt [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+bhm.html [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+bhm.txt [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+vrm.html [2015-12-09]
FF SearchPlugin: C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\searchplugins\how_recover+vrm.txt [2015-12-09]
FF Extension: NoScript - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-12-09]
FF Extension: HTTPS-Everywhere - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\extensions\https-everywhere@eff.org [2015-12-09]
FF Extension: Snap Links Plus - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2015-06-07]
FF Extension: iMacros for Firefox - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-12-09]
FF Extension: Video DownloadHelper - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-28]
FF Extension: Adblock Plus - C:\Users\Multimedia\AppData\Roaming\Mozilla\Firefox\Profiles\lfjk4mjb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-28]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-06-12] [ist nicht signiert]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.google.de/
CHR StartupUrls: Profile 2 -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09]
CHR Extension: (Google Docs) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Google Drive) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09]
CHR Extension: (YouTube) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (Adblock Plus) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-09]
CHR Extension: (Adblock für Youtube™) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-12-09]
CHR Extension: (Google-Suche) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (Google Tabellen) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09]
CHR Extension: (Google Docs Offline) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-09]
CHR Extension: (Lyoness Cashback Bar) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ibocncflemnoggjhchgnakpnhdiajnjl [2015-12-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-09]
CHR Extension: (Google Mail) - C:\Users\Multimedia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S4 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [20752 2012-05-11] (Mobile Stream)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-11] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2011-07-13] (Sony Ericsson Mobile Communications) [Datei ist nicht signiert]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-11 19:09 - 2015-12-11 19:09 - 00000000 _____ C:\autoexec.bat
2015-12-11 19:08 - 2015-12-11 19:08 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-12-11 19:05 - 2015-12-11 19:05 - 00100047 _____ C:\Users\Multimedia\Downloads\Remove Cryptesla 2.2.0 and Restore .vvv Encrypted Files _.html
2015-12-11 19:05 - 2015-12-11 19:05 - 00000109 _____ C:\Users\Multimedia\Desktop\Remove Cryptesla 2.2.0 and Restore .vvv Encrypted Files -.url
2015-12-11 19:05 - 2015-12-11 19:05 - 00000000 ____D C:\Users\Multimedia\Downloads\Remove Cryptesla 2.2.0 and Restore .vvv Encrypted Files __files
2015-12-11 19:03 - 2015-12-11 19:03 - 22908888 _____ (Malwarebytes ) C:\Users\Multimedia\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-11 19:03 - 2015-12-11 19:03 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Multimedia\Downloads\SpyHunter-Installer.exe
2015-12-11 18:46 - 2015-12-11 18:46 - 00669876 _____ C:\Users\Multimedia\Downloads\TeslaDecoder.zip
2015-12-11 18:46 - 2015-12-11 18:46 - 00000000 ____D C:\Users\Multimedia\Desktop\Tesla
2015-12-11 16:13 - 2015-12-11 16:21 - 00076363 _____ C:\Users\Multimedia\Desktop\FRST2.txt
2015-12-11 16:13 - 2015-12-11 16:16 - 00077807 _____ C:\Users\Multimedia\Desktop\FRST1.txt
2015-12-11 16:05 - 2015-12-11 16:05 - 00001176 _____ C:\Users\Multimedia\Desktop\JRT.txt
2015-12-11 15:55 - 2015-12-11 15:55 - 00017822 _____ C:\Users\Multimedia\Desktop\AdwCleaner[C1].txt
2015-12-11 15:47 - 2015-12-11 16:01 - 00000000 ____D C:\AdwCleaner
2015-12-11 15:46 - 2015-12-11 15:46 - 00001215 _____ C:\Users\Multimedia\Desktop\mbam.txt
2015-12-11 15:25 - 2015-12-11 15:25 - 00001215 _____ C:\mbam.txt
2015-12-11 14:56 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-11 14:56 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-11 14:56 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-11 14:56 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-11 14:56 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-11 14:56 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-11 14:56 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-11 14:56 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-11 14:56 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-11 14:56 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-11 14:56 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-11 14:56 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-11 14:56 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-11 14:56 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-11 14:56 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-11 14:56 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-11 14:56 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-11 14:56 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-11 14:56 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-11 14:56 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-11 14:56 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-11 14:56 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-11 14:54 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-11 14:54 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-11 14:54 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-11 14:54 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-11 14:54 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-11 14:54 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-11 14:54 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-11 14:54 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-11 14:54 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-11 14:54 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-11 14:54 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-11 14:54 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-11 14:54 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-11 14:54 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-11 14:54 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-11 14:54 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-11 14:54 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-11 14:54 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-11 14:54 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-11 14:54 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-11 14:54 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-11 14:54 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-11 14:54 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-11 14:54 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-11 14:54 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-11 14:54 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-11 14:54 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-11 14:54 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-11 14:54 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-11 14:54 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-11 14:54 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-11 14:54 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-11 14:54 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-11 14:54 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-11 14:54 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-11 14:54 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-11 14:54 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-11 14:54 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-11 14:54 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-11 14:54 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-11 14:54 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-11 14:54 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-11 14:54 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-11 14:54 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-11 14:54 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-11 14:54 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-11 14:54 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-11 14:54 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-11 14:54 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-11 14:54 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-11 14:54 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-11 14:54 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-11 14:54 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-11 14:54 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-11 14:54 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-11 14:54 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-11 14:54 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-11 14:54 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-11 14:54 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-11 14:54 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-11 14:54 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-11 14:54 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-11 14:54 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-11 14:54 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-11 14:54 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-11 14:53 - 2015-12-11 20:05 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-11 14:53 - 2015-12-11 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-11 14:53 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-11 14:53 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-11 14:53 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-11 14:52 - 2015-12-11 20:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-12-11 14:52 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-11 14:52 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-11 14:52 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-11 14:52 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-11 14:51 - 2015-12-11 14:51 - 01738240 _____ C:\Users\Multimedia\Desktop\AdwCleaner_5.024.exe
2015-12-11 14:51 - 2015-12-11 14:51 - 01599336 _____ (Malwarebytes) C:\Users\Multimedia\Desktop\JRT.exe
2015-12-11 14:50 - 2015-12-11 14:50 - 22908888 _____ (Malwarebytes ) C:\Users\Multimedia\Desktop\mbam-setup-2.2.0.1024.exe
2015-12-10 16:29 - 2015-12-10 16:29 - 00083510 _____ C:\Users\Bülent\Downloads\FRST1.txt
2015-12-10 16:08 - 2015-12-10 16:08 - 00039597 _____ C:\Users\Bülent\Downloads\Addition (1).txt
2015-12-10 16:08 - 2015-12-10 16:08 - 00007015 _____ C:\Users\Bülent\Downloads\Gmer.txt
2015-12-10 16:08 - 2015-12-10 16:08 - 00000474 _____ C:\Users\Bülent\Downloads\defogger_disable (1).txt
2015-12-10 16:07 - 2015-12-10 16:07 - 00039597 _____ C:\Users\Bülent\Downloads\Addition.txt
2015-12-10 16:05 - 2015-12-10 16:05 - 00065154 _____ C:\Users\Bülent\Desktop\FRST2.txt
2015-12-10 15:59 - 2015-12-10 15:59 - 00000474 _____ C:\Users\Bülent\Downloads\defogger_disable.txt
2015-12-10 15:52 - 2015-12-10 15:52 - 477469582 _____ C:\Windows\MEMORY.DMP
2015-12-10 15:52 - 2015-12-10 15:52 - 00475928 _____ C:\Windows\Minidump\121015-16910-01.dmp
2015-12-10 15:38 - 2015-12-10 15:38 - 00000000 ____D C:\Users\Multimedia\AppData\Local\ElevatedDiagnostics
2015-12-10 15:23 - 2015-12-10 16:05 - 00083510 _____ C:\Users\Bülent\Desktop\FRST1.txt
2015-12-10 15:23 - 2015-12-10 14:23 - 00039597 _____ C:\Users\Bülent\Desktop\Addition.txt
2015-12-10 15:21 - 2015-12-10 15:21 - 00007015 _____ C:\Users\Bülent\Desktop\Gmer.txt
2015-12-10 15:04 - 2015-12-10 15:04 - 00380416 _____ C:\Users\Bülent\Desktop\ztts6src.exe
2015-12-10 15:02 - 2015-12-10 15:02 - 00000474 _____ C:\Users\Bülent\Desktop\defogger_disable.txt
2015-12-10 15:02 - 2015-12-10 15:02 - 00000000 _____ C:\Users\Bülent\defogger_reenable
2015-12-10 15:00 - 2015-12-10 15:00 - 00050477 _____ C:\Users\Bülent\Desktop\Defogger.exe
2015-12-10 14:32 - 2015-12-10 16:36 - 00000000 ____D C:\Users\Bülent\AppData\Local\Google
2015-12-10 14:32 - 2015-12-10 14:32 - 00002251 _____ C:\Users\Bülent\Desktop\Google Chrome.lnk
2015-12-10 14:32 - 2015-12-10 14:32 - 00001425 _____ C:\Users\Bülent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-10 14:32 - 2015-12-10 14:32 - 00000000 ____D C:\Users\Bülent\AppData\Roaming\Adobe
2015-12-10 14:31 - 2015-12-10 14:31 - 00000000 ____D C:\Users\Bülent\AppData\Local\VirtualStore
2015-12-10 14:29 - 2015-12-10 15:02 - 00000000 ____D C:\Users\Bülent
2015-12-10 14:29 - 2015-12-10 14:29 - 00000020 ___SH C:\Users\Bülent\ntuser.ini
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Vorlagen
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Startmenü
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Netzwerkumgebung
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Lokale Einstellungen
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Eigene Dateien
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Druckumgebung
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Documents\Eigene Videos
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Documents\Eigene Musik
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Documents\Eigene Bilder
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\AppData\Local\Verlauf
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\AppData\Local\Anwendungsdaten
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 _SHDL C:\Users\Bülent\Anwendungsdaten
2015-12-10 14:29 - 2013-04-09 08:20 - 00000000 ____D C:\Users\Bülent\AppData\Roaming\Macromedia
2015-12-10 14:29 - 2010-05-26 02:03 - 00000000 ____D C:\Users\Bülent\AppData\Local\Microsoft Help
2015-12-10 14:29 - 2009-07-14 08:44 - 00000000 ____D C:\Users\Bülent\AppData\Roaming\Media Center Programs
2015-12-10 13:22 - 2015-12-10 13:23 - 00039083 _____ C:\Users\Multimedia\Downloads\Addition.txt
2015-12-10 13:20 - 2015-12-10 13:23 - 00151787 _____ C:\Users\Multimedia\Downloads\FRST.txt
2015-12-10 13:19 - 2015-12-12 14:56 - 00000000 ____D C:\FRST
2015-12-09 19:12 - 2015-12-11 20:06 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 19:12 - 2015-12-11 14:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-09 19:12 - 2015-12-09 19:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-09 19:11 - 2015-12-09 19:11 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Multimedia\Downloads\mbar-1.09.3.1001.exe
2015-12-09 19:11 - 2015-12-09 19:11 - 00000000 ____D C:\Users\Multimedia\Desktop\mbar
2015-12-09 19:11 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 18:48 - 2015-12-09 18:48 - 00000000 ____D C:\.Trash-999
2015-12-09 18:00 - 2015-12-09 18:00 - 00001638 _____ C:\Windows\system32\Benim senden bir isteğim olacak bildiğim kadarıyla senin telefonun da samsung ve bir telefoncuya git ve onlara Viber diye bir program var onu yüklet bunu yapmayı ama unutma ve benim telefon n.txt.lnk
2015-12-09 17:37 - 2015-12-10 22:42 - 00000000 ____D C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-12-09 17:37 - 2015-12-09 17:38 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2015-12-09 17:37 - 2015-12-09 17:37 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Multimedia\Downloads\LinuxLive_USB_Creator_2.9.4.exe
2015-12-09 17:30 - 2015-12-10 15:58 - 00257520 _____ C:\Windows\ntbtlog.txt
2015-12-09 17:18 - 2015-12-10 12:57 - 00000000 ____D C:\Users\Multimedia\Desktop\vvv Files
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\Downloads\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\Documents\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\UpdatusUser\AppData\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\Downloads\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\Documents\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\how_recover+vrm.html
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\Downloads\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\Documents\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\UpdatusUser\AppData\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\Downloads\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\Documents\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.txt
2015-12-09 14:10 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\how_recover+vrm.txt
2015-12-09 14:09 - 2015-12-09 14:09 - 00009620 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+vrm.html
2015-12-09 14:09 - 2015-12-09 14:09 - 00002787 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Multimedia\AppData\Local\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Multimedia\AppData\Local\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\Downloads\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\Documents\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\LocalLow\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\how_recover+vrm.html
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\Downloads\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\Documents\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\LocalLow\how_recover+vrm.txt
2015-12-09 14:08 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:10 - 00009620 _____ C:\Users\Public\Documents\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:10 - 00002787 _____ C:\Users\Public\Documents\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Roaming\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:08 - 00009620 _____ C:\Users\Gast\AppData\Local\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Roaming\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:08 - 00002787 _____ C:\Users\Gast\AppData\Local\how_recover+vrm.txt
2015-12-09 14:07 - 2015-12-09 14:07 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.html
2015-12-09 14:07 - 2015-12-09 14:07 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+vrm.txt
2015-12-09 14:06 - 2015-12-09 14:07 - 00009620 _____ C:\ProgramData\how_recover+vrm.html
2015-12-09 14:06 - 2015-12-09 14:07 - 00002787 _____ C:\ProgramData\how_recover+vrm.txt
2015-12-09 14:06 - 2015-12-09 14:06 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_owpbkiaym.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\Downloads\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\Documents\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\UpdatusUser\AppData\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\Downloads\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\Documents\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\how_recover+bhm.html
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\Downloads\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\Documents\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\UpdatusUser\AppData\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\Downloads\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\Documents\how_recover+bhm.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\how_recover+bhm.txt
2015-12-09 12:29 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.html
2015-12-09 12:29 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.txt
2015-12-09 12:29 - 2015-12-09 12:29 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:29 - 2015-12-09 12:29 - 00009620 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+bhm.html
2015-12-09 12:29 - 2015-12-09 12:29 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:29 - 2015-12-09 12:29 - 00002787 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Multimedia\AppData\Local\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Multimedia\AppData\Local\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\Downloads\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\Documents\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\LocalLow\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\how_recover+bhm.html
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\Downloads\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\Documents\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\LocalLow\how_recover+bhm.txt
2015-12-09 12:27 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\how_recover+bhm.txt
2015-12-09 12:26 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Roaming\how_recover+bhm.html
2015-12-09 12:26 - 2015-12-09 12:27 - 00009620 _____ C:\Users\Gast\AppData\Local\how_recover+bhm.html
2015-12-09 12:26 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Roaming\how_recover+bhm.txt
2015-12-09 12:26 - 2015-12-09 12:27 - 00002787 _____ C:\Users\Gast\AppData\Local\how_recover+bhm.txt
2015-12-09 12:26 - 2015-12-09 12:26 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.html
2015-12-09 12:26 - 2015-12-09 12:26 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+bhm.txt
2015-12-09 12:25 - 2015-12-09 12:30 - 00009620 _____ C:\Users\Public\Documents\how_recover+bhm.html
2015-12-09 12:25 - 2015-12-09 12:30 - 00002787 _____ C:\Users\Public\Documents\how_recover+bhm.txt
2015-12-09 12:25 - 2015-12-09 12:26 - 00009620 _____ C:\ProgramData\how_recover+bhm.html
2015-12-09 12:25 - 2015-12-09 12:26 - 00002787 _____ C:\ProgramData\how_recover+bhm.txt
2015-12-09 12:24 - 2015-12-09 12:24 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_ljfgqgthi.txt
2015-12-09 12:22 - 2015-12-09 12:22 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_vjcfxqcof.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\Downloads\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\Documents\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\UpdatusUser\AppData\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\Downloads\how_recover+amx.html
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\Downloads\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\Documents\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Roaming\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\LocalLow\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\Local\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\UpdatusUser\AppData\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\how_recover+amx.txt
2015-12-09 10:34 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\Downloads\how_recover+amx.txt
2015-12-09 10:33 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\Documents\how_recover+amx.html
2015-12-09 10:33 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\Documents\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\how_recover+amx.html
2015-12-09 10:18 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\LocalLow\how_recover+amx.txt
2015-12-09 10:18 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Multimedia\AppData\Local\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Multimedia\AppData\Local\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:18 - 00009620 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:18 - 00002787 _____ C:\Users\Multimedia\AppData\Roaming\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\Downloads\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\Documents\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\LocalLow\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\how_recover+amx.html
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Multimedia\AppData\Local\Apps\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\Downloads\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\Documents\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\LocalLow\how_recover+amx.txt
2015-12-09 10:13 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\how_recover+amx.txt
2015-12-09 10:11 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Roaming\how_recover+amx.html
2015-12-09 10:11 - 2015-12-09 10:13 - 00009620 _____ C:\Users\Gast\AppData\Local\how_recover+amx.html
2015-12-09 10:11 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Roaming\how_recover+amx.txt
2015-12-09 10:11 - 2015-12-09 10:13 - 00002787 _____ C:\Users\Gast\AppData\Local\how_recover+amx.txt
2015-12-09 10:10 - 2015-12-09 10:34 - 00009620 _____ C:\Users\Public\Documents\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:34 - 00002787 _____ C:\Users\Public\Documents\how_recover+amx.txt
2015-12-09 10:10 - 2015-12-09 10:11 - 00009620 _____ C:\ProgramData\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:11 - 00002787 _____ C:\ProgramData\how_recover+amx.txt
2015-12-09 10:10 - 2015-12-09 10:10 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+amx.html
2015-12-09 10:10 - 2015-12-09 10:10 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+amx.txt
2015-12-09 10:08 - 2015-12-09 10:08 - 00000254 _____ C:\Users\Multimedia\Documents\recover_file_yldyrxihj.txt
2015-12-07 08:29 - 2015-12-09 10:30 - 00000000 ____D C:\Users\Multimedia\Desktop\Neuer Ordner (3)
2015-12-03 11:27 - 2015-12-09 10:33 - 00183470 _____ C:\Users\Multimedia\Documents\Ghana-Project.pdf.vvv
2015-12-03 09:13 - 2015-12-09 12:30 - 00000000 ____D C:\Users\Multimedia\Desktop\Ghana Projekt Dateien
2015-11-30 18:26 - 2015-11-30 18:26 - 00001958 _____ C:\Windows\system32\Benim senden bir isteğim olacak bildiğim kadarıyla senin telefonun da samsung ve bir telefoncuya git ve onlara Viber diye bir program var onu yüklet bunu yapmayı ama unutma ve benim telefon numar.lnk
2015-11-28 10:14 - 2015-12-09 10:25 - 00000000 ____D C:\Users\Multimedia\Desktop\Ghana Video
2015-11-28 09:51 - 2015-12-09 10:29 - 00000000 ____D C:\Users\Multimedia\Desktop\Neuer Ordner
2015-11-28 07:58 - 2015-12-11 15:41 - 00428704 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-27 21:12 - 2015-11-27 21:12 - 00111288 _____ C:\Users\Multimedia\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-27 19:46 - 2015-11-27 19:46 - 00216184 _____ C:\Users\Multimedia\Documents\cc_20151127_194603.reg
2015-11-27 19:46 - 2015-11-27 19:46 - 00209792 _____ C:\Users\Multimedia\Documents\cc_20151127_194623.reg
2015-11-27 19:38 - 2015-12-11 15:26 - 00000864 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-27 19:38 - 2015-12-09 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-27 19:38 - 2015-11-27 19:38 - 00002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-27 19:38 - 2015-11-27 19:38 - 00000000 ____D C:\Program Files\CCleaner
2015-11-27 19:37 - 2015-11-27 19:37 - 05524624 _____ (Piriform Ltd) C:\Users\Multimedia\Downloads\ccsetup511_slim.exe
2015-11-27 09:08 - 2015-12-09 10:34 - 00145310 _____ C:\Users\Multimedia\Downloads\rechnung-2015-11-01-1153839255.pdf.vvv
2015-11-26 16:12 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-26 16:12 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-26 16:12 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-26 16:12 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-26 16:12 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-26 16:12 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-26 16:12 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-26 16:12 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-26 16:12 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-26 16:12 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-26 16:12 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-26 16:12 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-26 16:12 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-26 16:12 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-26 16:12 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-26 16:12 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-26 16:12 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-26 16:12 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-26 16:12 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-26 16:12 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-26 16:12 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-26 16:11 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-26 16:11 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-26 16:11 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-26 16:11 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-26 16:11 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-26 16:11 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-26 16:11 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-26 16:11 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-26 16:11 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-26 16:11 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-26 16:11 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-26 16:11 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-26 16:11 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-26 16:11 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-26 16:11 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-26 16:11 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-26 16:11 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-26 16:11 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-26 16:11 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-26 16:11 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-26 16:11 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-26 16:11 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-26 16:11 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
|
|
| Themen zu Windows 7: RSA-2048 Trojaner seit gestern |
| danke, datei, frst.txt, gestern, rsa-2048, troja, trojaner, windows, windows 7 |
Linear-Darstellung
