BKA Trojaner

kmj7 · 04.06.2013, 14:39

Hallo Trojaner Board Team,

leider habe auch ich mir den BKA Trojaner eigefangen

. Ich habe windows 7 64bit , 3 festplatten partitionen auf der 1. (c) ist windows installiert. Ich habe versucht den Virus zu reparieren wie es hier im Forum schon oft beschrieben wurde, nur habe ich leider diese "Reparier " funktion nicht. Also habe ich mich kurzerhand entschlossen die festplatte C zu formatieren nd windows neu auf zu spielen. Das hat soweit auch gut funktioniert aber ich bekomme keine verbindung zum Internet. Meine Frage : hängt das vielleicht noch mit dem Virus zusammen? Meint ihr die anderen 2 Laufwerke sind auch betroffen??

mfg kmj7

schrauber · 04.06.2013, 14:42

Hi,

möglich ist alles, aber ohne Logfiles wird das schwer. Ich bin gut, aber hellsehen kan nich noch nicht

kmj7 · 04.06.2013, 15:05

Danke für die schnelle Antwort. Was würdest du mir alls nächsten Schritt empfehlen?

schrauber · 04.06.2013, 17:07

Bootet der Rechner noch normal in Windows?

kmj7 · 12.06.2013, 09:56

Nachdem ich windows neu auf gespielt habe JA

schrauber · 12.06.2013, 11:58

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).

Doppelklick auf die OTL.exe
Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

kmj7 · 17.06.2013, 10:00

Habe den Scan wie beschrieben durchgeführt.
Das ist das Ergebnis:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 17.06.2013 10:50:20 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Martin Jost\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,06 Gb Available Physical Memory | 76,44% Memory free
8,00 Gb Paging File | 6,96 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,78 Gb Total Space | 221,24 Gb Free Space | 90,38% Space Free | Partition Type: NTFS
Drive D: | 244,78 Gb Total Space | 219,45 Gb Free Space | 89,65% Space Free | Partition Type: NTFS
Drive E: | 98,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 195,31 Gb Total Space | 112,76 Gb Free Space | 57,73% Space Free | Partition Type: NTFS
 
Computer Name: MJ-PC | User Name: Martin Jost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Martin Jost\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Partner Service) -- C:\ProgramData\Partner\Partner.exe (Google Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.36.2.98 192.168.52.100 192.168.52.110
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03709F4D-2614-40C6-A65A-DCFB799EB539}: DhcpNameServer = 10.36.2.98 192.168.52.100 192.168.52.110
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.27 15:29:14 | 000,000,106 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{8c575da2-c2f5-11e2-87d9-00262d162477}\Shell - "" = AutoRun
O33 - MountPoints2\{8c575da2-c2f5-11e2-87d9-00262d162477}\Shell\AutoRun\command - "" = H:\pushinst.exe
O33 - MountPoints2\{bfd8e5c6-c2ee-11e2-acab-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bfd8e5c6-c2ee-11e2-acab-806e6f6e6963}\Shell\AutoRun\command - "" = E:\fsetup.exe -- [2008.04.03 12:39:44 | 000,562,480 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.17 10:39:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martin Jost\Desktop\OTL.exe
[2013.05.24 11:13:54 | 000,014,848 | ---- | C] (LSI Corporation) -- C:\Windows\SysWow64\agrsco64.dll
[2013.05.24 11:13:52 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2013.05.23 02:45:31 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2013.05.23 02:45:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2013.05.23 02:45:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2013.05.23 02:45:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2013.05.23 02:45:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2013.05.23 02:45:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2013.05.23 02:45:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2013.05.23 02:45:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2013.05.23 02:45:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2013.05.23 02:45:08 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2013.05.23 02:45:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2013.05.23 02:45:00 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2013.05.23 02:45:00 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2013.05.23 02:44:58 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2013.05.23 02:44:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2013.05.23 02:44:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2013.05.23 02:44:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2013.05.23 02:44:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2013.05.23 02:44:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2013.05.23 02:44:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2013.05.23 02:44:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2013.05.23 02:44:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2013.05.23 02:44:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2013.05.23 02:44:58 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2013.05.23 02:44:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2013.05.23 02:44:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2013.05.23 02:44:58 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2013.05.23 02:44:58 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2013.05.23 02:44:58 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2013.05.23 02:44:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2013.05.23 02:44:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2013.05.23 02:44:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2013.05.23 02:44:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2013.05.23 02:44:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2013.05.23 02:44:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2013.05.23 02:44:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2013.05.23 02:44:56 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2013.05.23 02:44:56 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2013.05.23 02:44:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2013.05.23 02:44:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2013.05.23 02:44:56 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2013.05.23 02:44:56 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2013.05.23 02:44:56 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2013.05.23 02:44:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2013.05.23 02:44:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2013.05.23 02:44:56 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui
[2013.05.23 02:44:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2013.05.23 02:44:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2013.05.23 02:44:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2013.05.23 02:44:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2013.05.23 02:44:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2013.05.23 02:44:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2013.05.23 02:44:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2013.05.23 02:44:56 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2013.05.23 02:44:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2013.05.23 02:44:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2013.05.23 02:44:54 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2013.05.23 02:44:53 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2013.05.23 02:44:53 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2013.05.23 02:44:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2013.05.23 02:44:52 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2013.05.23 02:44:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2013.05.23 02:44:50 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2013.05.23 02:44:50 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2013.05.23 02:44:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2013.05.23 02:44:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2013.05.23 02:44:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2013.05.23 02:44:50 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2013.05.23 02:44:50 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2013.05.23 02:44:49 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2013.05.23 02:44:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2013.05.23 02:44:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2013.05.23 02:44:48 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2013.05.23 02:44:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2013.05.23 02:44:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2013.05.23 02:44:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2013.05.23 02:44:46 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2013.05.23 02:44:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2013.05.23 02:44:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2013.05.23 02:44:45 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2013.05.23 02:44:45 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2013.05.23 02:44:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2013.05.23 02:44:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[2013.05.23 02:41:29 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log
[2013.05.22 18:03:38 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Local\Diagnostics
[2013.05.22 18:02:15 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.05.22 17:59:40 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AVM_Driver
[2013.05.22 17:59:39 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Roaming\Google
[2013.05.22 17:59:38 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Local\Google
[2013.05.22 17:26:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Screensaver
[2013.05.22 17:26:25 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Roaming\Macromedia
[2013.05.22 17:24:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2013.05.22 17:22:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013.05.22 17:22:02 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Local\Microsoft Help
[2013.05.22 17:20:37 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013.05.22 17:20:37 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013.05.22 17:20:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013.05.22 17:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013.05.22 17:19:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013.05.22 17:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2013.05.22 17:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2013.05.22 17:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2013.05.22 17:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2013.05.22 17:17:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2013.05.22 17:16:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
[2013.05.22 17:16:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2013.05.22 17:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2013.05.22 17:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013.05.22 17:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013.05.22 17:13:03 | 000,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2013.05.22 17:11:43 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Roaming\ATI
[2013.05.22 17:11:43 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Local\ATI
[2013.05.22 17:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.05.22 17:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
[2013.05.22 17:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\McQcModifier-5c47-a7b0
[2013.05.22 17:11:41 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Local\EgisTec
[2013.05.22 17:11:41 | 000,000,000 | ---D | C] -- C:\book
[2013.05.22 17:11:28 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.05.22 17:11:28 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Searches
[2013.05.22 17:11:28 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.05.22 17:11:21 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Roaming\Identities
[2013.05.22 17:11:19 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Contacts
[2013.05.22 17:11:17 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Local\VirtualStore
[2013.05.22 17:08:35 | 000,000,000 | ---D | C] -- C:\Program Files\Acer Accessory Store
[2013.05.22 17:08:17 | 000,000,000 | --SD | C] -- C:\Users\Martin Jost\AppData\Roaming\Microsoft
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Videos
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Saved Games
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Pictures
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Music
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Links
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Favorites
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Downloads
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Documents
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\Desktop
[2013.05.22 17:08:17 | 000,000,000 | R--D | C] -- C:\Users\Martin Jost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Vorlagen
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\AppData\Local\Verlauf
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\AppData\Local\Temporary Internet Files
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Startmenü
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\SendTo
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Recent
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Netzwerkumgebung
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Lokale Einstellungen
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Documents\Eigene Videos
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Documents\Eigene Musik
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Eigene Dateien
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Documents\Eigene Bilder
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Druckumgebung
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Cookies
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\AppData\Local\Anwendungsdaten
[2013.05.22 17:08:17 | 000,000,000 | -HSD | C] -- C:\Users\Martin Jost\Anwendungsdaten
[2013.05.22 17:08:17 | 000,000,000 | -H-D | C] -- C:\Users\Martin Jost\AppData
[2013.05.22 17:08:17 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Local\Temp
[2013.05.22 17:08:17 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Local\Microsoft
[2013.05.22 17:08:17 | 000,000,000 | ---D | C] -- C:\Users\Martin Jost\AppData\Roaming\Media Center Programs
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2013.05.22 17:08:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.05.22 16:56:29 | 000,540,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2013.05.22 16:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.05.22 16:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.05.22 16:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.05.22 16:51:47 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.05.22 16:49:43 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2009.10.13 05:19:25 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.17 10:45:08 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.17 10:45:08 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.17 10:43:33 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.17 10:43:33 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.17 10:43:33 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.17 10:43:33 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.17 10:43:33 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.17 10:38:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.17 10:37:54 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.17 10:35:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin Jost\Desktop\OTL.exe
[2013.05.23 02:45:23 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2013.05.23 02:45:23 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2013.05.23 02:45:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2013.05.23 02:45:08 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2013.05.23 02:45:05 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WpdMtpDr.dll.mui
[2013.05.23 02:45:01 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2013.05.23 02:45:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2013.05.23 02:45:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2013.05.23 02:44:58 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2013.05.23 02:44:58 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2013.05.23 02:44:58 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2013.05.23 02:44:58 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2013.05.23 02:44:58 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2013.05.23 02:44:58 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2013.05.23 02:44:58 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2013.05.23 02:44:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2013.05.23 02:44:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2013.05.23 02:44:58 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2013.05.23 02:44:58 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2013.05.23 02:44:58 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2013.05.23 02:44:58 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2013.05.23 02:44:58 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2013.05.23 02:44:58 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2013.05.23 02:44:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2013.05.23 02:44:58 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2013.05.23 02:44:58 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2013.05.23 02:44:58 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2013.05.23 02:44:58 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2013.05.23 02:44:58 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2013.05.23 02:44:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2013.05.23 02:44:58 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2013.05.23 02:44:58 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2013.05.23 02:44:58 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2013.05.23 02:44:58 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2013.05.23 02:44:56 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2013.05.23 02:44:56 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2013.05.23 02:44:56 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2013.05.23 02:44:56 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WUDFUsbccidDriver.dll.mui
[2013.05.23 02:44:56 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2013.05.23 02:44:56 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2013.05.23 02:44:56 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2013.05.23 02:44:56 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2013.05.23 02:44:56 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2013.05.23 02:44:56 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2013.05.23 02:44:56 | 000,003,584 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui
[2013.05.23 02:44:56 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2013.05.23 02:44:56 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2013.05.23 02:44:56 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2013.05.23 02:44:56 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2013.05.23 02:44:56 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2013.05.23 02:44:56 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2013.05.23 02:44:56 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2013.05.23 02:44:56 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2013.05.23 02:44:56 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2013.05.23 02:44:56 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2013.05.23 02:44:54 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2013.05.23 02:44:53 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2013.05.23 02:44:53 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2013.05.23 02:44:52 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2013.05.23 02:44:52 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2013.05.23 02:44:52 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2013.05.23 02:44:50 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2013.05.23 02:44:50 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2013.05.23 02:44:50 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2013.05.23 02:44:50 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2013.05.23 02:44:50 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2013.05.23 02:44:50 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2013.05.23 02:44:50 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2013.05.23 02:44:49 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2013.05.23 02:44:49 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2013.05.23 02:44:49 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2013.05.23 02:44:48 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2013.05.23 02:44:48 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2013.05.23 02:44:48 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2013.05.23 02:44:48 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2013.05.23 02:44:46 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2013.05.23 02:44:46 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2013.05.23 02:44:46 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2013.05.23 02:44:45 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2013.05.23 02:44:45 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2013.05.23 02:44:45 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2013.05.23 02:44:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[2013.05.23 02:41:29 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag
[2013.05.22 17:58:23 | 000,000,355 | ---- | M] () -- C:\Users\Martin Jost\Desktop\Computer - Verknüpfung.lnk
[2013.05.22 17:35:17 | 000,343,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.22 17:08:01 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.05.22 17:08:01 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013.05.22 17:00:54 | 000,000,006 | ---- | M] () -- C:\Windows\SysNative\PLD_Framework.cmd
[2013.05.22 16:50:47 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
 
========== Files Created - No Company Name ==========
 
[2013.05.23 02:48:09 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag
[2013.05.23 02:45:48 | 000,643,628 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.23 02:45:48 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2013.05.23 02:45:48 | 000,126,188 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.23 02:45:48 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2013.05.22 17:58:23 | 000,000,355 | ---- | C] () -- C:\Users\Martin Jost\Desktop\Computer - Verknüpfung.lnk
[2013.05.22 17:24:51 | 000,002,569 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2013.05.22 17:24:42 | 000,001,193 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-Start.lnk
[2013.05.22 17:11:33 | 000,001,409 | ---- | C] () -- C:\Users\Martin Jost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.05.22 17:11:29 | 000,001,443 | ---- | C] () -- C:\Users\Martin Jost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.05.22 16:50:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.05.22 16:49:13 | 3220,574,208 | -HS- | C] () -- C:\hiberfil.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

--- --- ---
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 17.06.2013 10:50:20 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Martin Jost\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,06 Gb Available Physical Memory | 76,44% Memory free
8,00 Gb Paging File | 6,96 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,78 Gb Total Space | 221,24 Gb Free Space | 90,38% Space Free | Partition Type: NTFS
Drive D: | 244,78 Gb Total Space | 219,45 Gb Free Space | 89,65% Space Free | Partition Type: NTFS
Drive E: | 98,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 195,31 Gb Total Space | 112,76 Gb Free Space | 57,73% Space Free | Partition Type: NTFS
 
Computer Name: MJ-PC | User Name: Martin Jost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A63A6C6-B542-4726-AC52-A2A413A46935}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{3D82D27C-7809-406C-A537-DE06A12190B6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{566D3BE4-178B-4534-877E-0CCD488B5FE3}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{649610B6-9B8A-457F-8F72-410530E5896A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{830DCFCD-84FB-4D57-9464-A677C55329CA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{8D77039D-05F6-4C08-A9AE-AFFF0DD6DC8E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{991B02AB-E469-4135-95F5-8D653A8DFA7F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{A75119FE-8F8C-46D9-B066-872D6717B761}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D206DFF5-B481-4130-ABB3-AE2AB7B89DB4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E01C57F1-8FF0-4D60-9789-A993CB8820D4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A6C9287-671B-48D1-AB2C-CCAC13A9EDE8}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe | 
"{3FE296CC-15B4-439E-A3E5-723BFC6EE9EB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{40A6D57A-4A19-4004-961C-BF9E23B79A66}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{4898BC2A-4994-4B81-83CC-60E46D2A62F3}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{8EADAB14-A17C-49F6-B775-6157ED09D2AB}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{A19FD1FA-B134-43BA-9093-C1243D42F5D1}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{AD46F6DE-0423-431B-890C-53494DBEF922}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{BA79B6BC-2FCC-4DED-ACF0-65C55DAC7A9F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe | 
"{ECD05D17-8732-472E-8008-0150F688D413}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{F2781FEF-5AB4-42F5-92F6-F27DF25A6D44}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1F9241E8-87C1-FB9C-5D76-3FF7D0318A87}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{EBAE9144-AF3E-4AF5-B45F-64896D651E27}" = ccc-utility64
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03E830A5-822B-D6FB-3257-E1E6A188CF22}" = Catalyst Control Center Graphics Full Existing
"{0B30D22F-AB4F-9379-CDE1-3019D68D72B7}" = CCC Help Chinese Traditional
"{0E4AD541-61D5-0DF8-44C9-797C3EEBDE2C}" = CCC Help English
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{17B5E42B-670F-BE6A-7CBE-B9DFF74D81DC}" = CCC Help Norwegian
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D359627-1E53-8D9B-46A6-242B1D7A8B9D}" = CCC Help Turkish
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21C205CD-3770-9454-ECC1-88BB0E2AD807}" = Catalyst Control Center Localization All
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{244C6FE3-82BC-D9F0-91F9-D9909E926FCE}" = CCC Help Greek
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28E941CF-3D09-C540-07FF-81FDB66E8BC9}" = CCC Help Swedish
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2C4A0A98-66EA-427A-46B4-FED4A141E4CE}" = Catalyst Control Center Graphics Full New
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{32F898BE-7D45-EBC2-29F3-B0B704CC8FBB}" = ccc-core-static
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41ACCBEB-F6BD-B9DF-8CCE-32A70F14432B}" = Catalyst Control Center Graphics Previews Vista
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A5FF1B1-7C05-19F4-17D7-B1809CDFA0CD}" = CCC Help Polish
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4D6873BC-73C0-487D-A4B4-BA78D9EF465C}" = Catalyst Control Center - Branding
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{67c93cea-627f-4563-86a5-e934a3d248ca}" = Nero 9 Essentials
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{708FC368-197E-1AAB-8018-49AC1BA28B34}" = CCC Help Hungarian
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764182F2-8B5E-5B6B-A439-02D06550F663}" = CCC Help Dutch
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{87CE7117-D736-8108-AD6A-4F0D117E94B6}" = CCC Help Spanish
"{888934B4-09FC-4CB3-2AA4-87C2F5030C79}" = CCC Help Finnish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C617D96-CDAA-9025-AAEA-659B477B4B7C}" = CCC Help Czech
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{92E5F54C-888C-51E5-A388-7B360B174311}" = CCC Help Russian
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{952D22C8-CA9F-65ED-B7C3-7CEDC08121E7}" = Catalyst Control Center Core Implementation
"{A018A4CE-0D6F-BEB5-EDC2-D9386B2BF1B3}" = Catalyst Control Center Graphics Light
"{A04C1E78-8EC0-7A07-FDA7-843920FE9D36}" = CCC Help Japanese
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7A39878-C21D-D6D5-0F34-A01FF3E79B7F}" = CCC Help Korean
"{A7CD6CCE-C2BC-3B61-F0CC-A842F02FB6C0}" = CCC Help Italian
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3576D1B-5763-4E8C-43CE-1B6908D0B22D}" = CCC Help German
"{B672D77A-8BA3-24EF-3421-8FB8E35E2A8D}" = Catalyst Control Center InstallProxy
"{B951569A-7EC8-CF90-74AF-53610BC15097}" = CCC Help Chinese Standard
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C68F1F36-9B04-2CC8-15A4-DC9606E760EB}" = CCC Help Danish
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{E647D018-2209-C4B6-493F-ECB57E6620D1}" = CCC Help French
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EF2E00AB-F454-C823-0408-8F2098F2CDCB}" = CCC Help Portuguese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9EB0701-776E-BF9F-5B57-760A16422520}" = CCC Help Thai
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.05.2013 10:51:57 | Computer Name = WIN-8EE9MN91FQG | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 22.05.2013 10:51:57 | Computer Name = WIN-8EE9MN91FQG | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 22.05.2013 10:51:57 | Computer Name = WIN-8EE9MN91FQG | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 22.05.2013 10:54:56 | Computer Name = WIN-8EE9MN91FQG | Source = MsiInstaller | ID = 11935
Description = 
 
 
< End of report >

--- --- ---

schrauber · 17.06.2013, 10:57

Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Scan.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Downloade dir bitte

Farbar Service Scanner

Starte das Tool mit Doppelklick auf die FSS.exe
Gehe sicher, dass folgende Optionen angehakt sind.
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Other Services
Klicke auf Scan.
Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

kmj7 · 17.06.2013, 11:48

Hier kommt die Frst
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2013 01
Ran by Martin Jost (administrator) on 17-06-2013 12:44:03
Running from C:\Users\Martin Jost\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Farbar) C:\Users\Martin Jost\Desktop\FRST64(2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-10-13] (Google Inc.)
MountPoints2: {8c575da2-c2f5-11e2-87d9-00262d162477} - H:\pushinst.exe
MountPoints2: {bfd8e5c6-c2ee-11e2-acab-806e6f6e6963} - E:\FSetup.exe
HKLM-x32\...\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [128296 2009-09-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [181480 2009-09-29] (Acer Corp.)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [162336 2009-07-22] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3812&r=17360513ln07973680l45lh8j1jw0n
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3812&r=17360513ln07973680l45lh8j1jw0n
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3812&r=17360513ln07973680l45lh8j1jw0n
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3812&r=17360513ln07973680l45lh8j1jw0n
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3812&r=17360513ln07973680l45lh8j1jw0n
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3812&r=17360513ln07973680l45lh8j1jw0n
BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.36.2.98 192.168.52.100 192.168.52.110

==================== Services (Whitelisted) =================

S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)

==================== Drivers (Whitelisted) ====================


==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-17 12:43 - 2013-06-17 12:43 - 00000000 ____D C:\FRST
2013-06-17 12:43 - 2013-06-17 12:42 - 01926844 ____A (Farbar) C:\Users\Martin Jost\Desktop\FRST64(2).exe
2013-06-17 11:07 - 2013-06-17 11:07 - 00000000 ____D C:\Users\Martin Jost\AppData\Roaming\Adobe
2013-06-17 10:52 - 2013-06-17 10:52 - 00110408 ____A C:\Users\Martin Jost\Desktop\OTL.Txt
2013-06-17 10:52 - 2013-06-17 10:52 - 00045134 ____A C:\Users\Martin Jost\Desktop\Extras.Txt
2013-06-17 10:39 - 2013-06-17 10:35 - 00602112 ____A (OldTimer Tools) C:\Users\Martin Jost\Desktop\OTL.exe
2013-05-24 11:13 - 2013-05-24 11:13 - 00000000 ____D C:\Windows\Options
2013-05-24 11:13 - 2009-03-27 12:12 - 00014848 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsco64.dll
2013-05-23 02:45 - 2013-06-17 10:58 - 00643628 ____A C:\Windows\System32\perfh007.dat
2013-05-23 02:45 - 2013-06-17 10:58 - 00126188 ____A C:\Windows\System32\perfc007.dat
2013-05-23 02:45 - 2013-05-23 02:45 - 00295922 ____A C:\Windows\System32\perfi007.dat
2013-05-23 02:45 - 2013-05-23 02:45 - 00038104 ____A C:\Windows\System32\perfd007.dat
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\SysWOW64\de
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\SysWOW64\0407
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\System32\de
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\System32\0407
2013-05-23 02:41 - 2013-05-23 02:41 - 00000000 ____D C:\Windows\NAPP_Dism_Log
2013-05-22 18:02 - 2013-05-22 18:02 - 00000000 ____D C:\Program Files\ATI Technologies
2013-05-22 17:59 - 2013-05-22 17:59 - 00000000 ____D C:\Users\Martin Jost\AVM_Driver
2013-05-22 17:59 - 2013-05-22 17:59 - 00000000 ____D C:\Users\Martin Jost\AppData\Roaming\Google
2013-05-22 17:59 - 2013-05-22 17:59 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\Google
2013-05-22 17:58 - 2013-05-22 17:58 - 00000355 ____A C:\Users\Martin Jost\Desktop\Computer - Verknüpfung.lnk
2013-05-22 17:26 - 2013-05-22 17:26 - 00000000 ____D C:\Users\Public\Documents\Screensaver
2013-05-22 17:26 - 2013-05-22 17:26 - 00000000 ____D C:\Users\Martin Jost\AppData\Roaming\Macromedia
2013-05-22 17:22 - 2013-05-22 17:22 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\Microsoft Help
2013-05-22 17:22 - 2013-05-22 17:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-05-22 17:20 - 2013-05-22 17:20 - 00031419 ____A C:\Windows\DirectX.log
2013-05-22 17:20 - 2013-05-22 17:20 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-05-22 17:20 - 2006-11-29 13:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2013-05-22 17:20 - 2006-11-29 13:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-05-22 17:19 - 2013-05-22 17:21 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-05-22 17:19 - 2013-05-22 17:19 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-05-22 17:17 - 2009-09-25 10:48 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2013-05-22 17:16 - 2013-05-22 17:16 - 00000000 ____D C:\Program Files (x86)\Cyberlink
2013-05-22 17:15 - 2013-05-22 17:18 - 00000000 ____D C:\Program Files (x86)\Acer Arcade Deluxe
2013-05-22 17:15 - 2013-05-22 17:16 - 00000000 ____D C:\ProgramData\CyberLink
2013-05-22 17:14 - 2013-05-22 17:18 - 00008414 ____A C:\ProgramData\ArcadeDeluxe3.log
2013-05-22 17:13 - 2013-05-22 17:13 - 00000000 ____D C:\Windows\Driver Cache
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ___AD C:\book
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\Users\Martin Jost\AppData\Roaming\ATI
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\VirtualStore
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\EgisTec
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\ATI
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\ProgramData\McQcModifier-5c47-a7b0
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\ProgramData\ATI
2013-05-22 17:08 - 2013-05-22 17:59 - 00000000 ____D C:\users\Martin Jost
2013-05-22 17:08 - 2013-05-22 17:35 - 00079152 ____A C:\Users\Martin Jost\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-22 17:08 - 2013-05-22 17:08 - 00000020 ___SH C:\Users\Martin Jost\ntuser.ini
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Public\Documents\Eigene Musik
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Public\Documents\Eigene Bilder
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Vorlagen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Startmenü
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Netzwerkumgebung
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Lokale Einstellungen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Eigene Dateien
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Druckumgebung
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Documents\Eigene Musik
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Documents\Eigene Bilder
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\AppData\Local\Verlauf
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\AppData\Local\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Vorlagen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Startmenü
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Netzwerkumgebung
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Lokale Einstellungen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Eigene Dateien
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Druckumgebung
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Documents\Eigene Musik
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Documents\Eigene Bilder
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\AppData\Local\Verlauf
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\AppData\Local\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default User\Documents\Eigene Musik
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default User\Documents\Eigene Bilder
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default User\AppData\Local\Verlauf
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Recovery
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Programme
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Vorlagen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Startmenü
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Favoriten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Dokumente
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Program Files\Gemeinsame Dateien
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Dokumente und Einstellungen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 ____D C:\Program Files\Acer Accessory Store
2013-05-22 16:56 - 2009-08-03 04:51 - 00540192 ____A (NVIDIA Corporation) C:\Windows\System32\NVUNINST.EXE
2013-05-22 16:54 - 2013-05-22 16:55 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-05-22 16:54 - 2013-05-22 16:54 - 00035282 ____A C:\Windows\ATIDetect.txt
2013-05-22 16:54 - 2013-05-22 16:54 - 00000000 ____D C:\Program Files\ATI
2013-05-22 16:53 - 2013-06-17 12:41 - 00129718 ____A C:\Windows\WindowsUpdate.log
2013-05-22 16:50 - 2013-05-22 16:50 - 00000000 ____A C:\Windows\ativpsrm.bin

==================== One Month Modified Files and Folders =======

2013-06-17 12:43 - 2013-06-17 12:43 - 00000000 ____D C:\FRST
2013-06-17 12:42 - 2013-06-17 12:43 - 01926844 ____A (Farbar) C:\Users\Martin Jost\Desktop\FRST64(2).exe
2013-06-17 12:41 - 2013-05-22 16:53 - 00129718 ____A C:\Windows\WindowsUpdate.log
2013-06-17 12:41 - 2009-07-14 06:51 - 00044477 ____A C:\Windows\setupact.log
2013-06-17 11:07 - 2013-06-17 11:07 - 00000000 ____D C:\Users\Martin Jost\AppData\Roaming\Adobe
2013-06-17 10:58 - 2013-05-23 02:45 - 00643628 ____A C:\Windows\System32\perfh007.dat
2013-06-17 10:58 - 2013-05-23 02:45 - 00126188 ____A C:\Windows\System32\perfc007.dat
2013-06-17 10:58 - 2009-07-14 07:13 - 01472002 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-17 10:52 - 2013-06-17 10:52 - 00110408 ____A C:\Users\Martin Jost\Desktop\OTL.Txt
2013-06-17 10:52 - 2013-06-17 10:52 - 00045134 ____A C:\Users\Martin Jost\Desktop\Extras.Txt
2013-06-17 10:45 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-17 10:45 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-17 10:38 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-17 10:35 - 2013-06-17 10:39 - 00602112 ____A (OldTimer Tools) C:\Users\Martin Jost\Desktop\OTL.exe
2013-05-24 11:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-05-24 11:13 - 2013-05-24 11:13 - 00000000 ____D C:\Windows\Options
2013-05-23 02:47 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-05-23 02:47 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-05-23 02:47 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-05-23 02:47 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-05-23 02:47 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\System32\winrm
2013-05-23 02:47 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\System32\WCN
2013-05-23 02:47 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\System32\slmgr
2013-05-23 02:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-05-23 02:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-05-23 02:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\sysprep
2013-05-23 02:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\MUI
2013-05-23 02:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\Dism
2013-05-23 02:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2013-05-23 02:45 - 2013-05-23 02:45 - 00295922 ____A C:\Windows\System32\perfi007.dat
2013-05-23 02:45 - 2013-05-23 02:45 - 00038104 ____A C:\Windows\System32\perfd007.dat
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\SysWOW64\de
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\SysWOW64\0407
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\System32\de
2013-05-23 02:45 - 2013-05-23 02:45 - 00000000 ____D C:\Windows\System32\0407
2013-05-23 02:45 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-05-23 02:45 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-05-23 02:45 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2013-05-23 02:45 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2013-05-23 02:45 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2013-05-23 02:45 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-05-23 02:45 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-05-23 02:45 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-05-23 02:45 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2013-05-23 02:45 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-05-23 02:45 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-05-23 02:45 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\Setup
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\oobe
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\migwiz
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\com
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2013-05-23 02:45 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-05-23 02:41 - 2013-05-23 02:41 - 00000000 ____D C:\Windows\NAPP_Dism_Log
2013-05-23 02:37 - 2009-07-14 07:38 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2013-05-23 02:37 - 2009-07-14 07:32 - 00028672 ____A C:\Windows\System32\config\BCD-Template
2013-05-22 18:02 - 2013-05-22 18:02 - 00000000 ____D C:\Program Files\ATI Technologies
2013-05-22 17:59 - 2013-05-22 17:59 - 00000000 ____D C:\Users\Martin Jost\AVM_Driver
2013-05-22 17:59 - 2013-05-22 17:59 - 00000000 ____D C:\Users\Martin Jost\AppData\Roaming\Google
2013-05-22 17:59 - 2013-05-22 17:59 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\Google
2013-05-22 17:59 - 2013-05-22 17:08 - 00000000 ____D C:\users\Martin Jost
2013-05-22 17:58 - 2013-05-22 17:58 - 00000355 ____A C:\Users\Martin Jost\Desktop\Computer - Verknüpfung.lnk
2013-05-22 17:38 - 2009-10-13 05:35 - 00000000 ____D C:\ProgramData\McAfee
2013-05-22 17:37 - 2009-10-13 05:44 - 00746072 ____A C:\Windows\PFRO.log
2013-05-22 17:36 - 2009-10-13 05:19 - 00000000 ____D C:\Program Files (x86)\Acer GameZone
2013-05-22 17:35 - 2013-05-22 17:08 - 00079152 ____A C:\Users\Martin Jost\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-22 17:35 - 2009-07-14 06:45 - 00343008 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-22 17:34 - 2009-10-13 06:01 - 00000000 ___HD C:\OEM
2013-05-22 17:33 - 2009-10-13 05:45 - 00006102 ____A C:\Windows\Patch.log
2013-05-22 17:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-05-22 17:26 - 2013-05-22 17:26 - 00000000 ____D C:\Users\Public\Documents\Screensaver
2013-05-22 17:26 - 2013-05-22 17:26 - 00000000 ____D C:\Users\Martin Jost\AppData\Roaming\Macromedia
2013-05-22 17:26 - 2009-10-13 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2013-05-22 17:25 - 2009-10-13 05:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-05-22 17:23 - 2009-10-13 05:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-22 17:22 - 2013-05-22 17:22 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\Microsoft Help
2013-05-22 17:22 - 2013-05-22 17:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-05-22 17:22 - 2009-10-13 05:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-05-22 17:22 - 2009-07-14 09:45 - 00000000 ____D C:\Windows\ShellNew
2013-05-22 17:22 - 2009-07-14 04:34 - 00000510 ____A C:\Windows\win.ini
2013-05-22 17:21 - 2013-05-22 17:19 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-05-22 17:20 - 2013-05-22 17:20 - 00031419 ____A C:\Windows\DirectX.log
2013-05-22 17:20 - 2013-05-22 17:20 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-05-22 17:19 - 2013-05-22 17:19 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-05-22 17:19 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-05-22 17:18 - 2013-05-22 17:15 - 00000000 ____D C:\Program Files (x86)\Acer Arcade Deluxe
2013-05-22 17:18 - 2013-05-22 17:14 - 00008414 ____A C:\ProgramData\ArcadeDeluxe3.log
2013-05-22 17:18 - 2009-10-13 05:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-05-22 17:16 - 2013-05-22 17:16 - 00000000 ____D C:\Program Files (x86)\Cyberlink
2013-05-22 17:16 - 2013-05-22 17:15 - 00000000 ____D C:\ProgramData\CyberLink
2013-05-22 17:14 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\restore
2013-05-22 17:13 - 2013-05-22 17:13 - 00000000 ____D C:\Windows\Driver Cache
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ___AD C:\book
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\Users\Martin Jost\AppData\Roaming\ATI
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\VirtualStore
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\EgisTec
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\Users\Martin Jost\AppData\Local\ATI
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\ProgramData\McQcModifier-5c47-a7b0
2013-05-22 17:11 - 2013-05-22 17:11 - 00000000 ____D C:\ProgramData\ATI
2013-05-22 17:11 - 2009-10-05 23:35 - 00000000 ___AD C:\Windows\DeployWinRE2
2013-05-22 17:08 - 2013-05-22 17:08 - 00000020 ___SH C:\Users\Martin Jost\ntuser.ini
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Public\Documents\Eigene Musik
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Public\Documents\Eigene Bilder
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Vorlagen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Startmenü
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Netzwerkumgebung
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Lokale Einstellungen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Eigene Dateien
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Druckumgebung
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Documents\Eigene Musik
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Documents\Eigene Bilder
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\AppData\Local\Verlauf
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\AppData\Local\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Martin Jost\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Vorlagen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Startmenü
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Netzwerkumgebung
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Lokale Einstellungen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Eigene Dateien
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Druckumgebung
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Documents\Eigene Musik
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Documents\Eigene Bilder
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\AppData\Local\Verlauf
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\AppData\Local\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default User\Documents\Eigene Musik
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default User\Documents\Eigene Bilder
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default User\AppData\Local\Verlauf
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Recovery
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Programme
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Vorlagen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Startmenü
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Favoriten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Dokumente
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\ProgramData\Anwendungsdaten
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Program Files\Gemeinsame Dateien
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 __SHD C:\Dokumente und Einstellungen
2013-05-22 17:08 - 2013-05-22 17:08 - 00000000 ____D C:\Program Files\Acer Accessory Store
2013-05-22 17:08 - 2009-10-13 06:03 - 00000000 ____D C:\Windows\Panther
2013-05-22 17:08 - 2009-10-13 05:45 - 00000000 ____D C:\ProgramData\OEM
2013-05-22 17:08 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-05-22 17:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\Recovery
2013-05-22 17:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-05-22 17:08 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-05-22 17:01 - 2009-07-14 06:51 - 00000801 ____A C:\Windows\setuperr.log
2013-05-22 17:00 - 2009-10-13 05:25 - 00000006 ____A C:\Windows\System32\PLD_Framework.cmd
2013-05-22 16:55 - 2013-05-22 16:54 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-05-22 16:54 - 2013-05-22 16:54 - 00035282 ____A C:\Windows\ATIDetect.txt
2013-05-22 16:54 - 2013-05-22 16:54 - 00000000 ____D C:\Program Files\ATI
2013-05-22 16:50 - 2013-05-22 16:50 - 00000000 ____A C:\Windows\ativpsrm.bin
2013-05-22 16:50 - 2009-10-13 05:05 - 00003540 ____A C:\Windows\TSSysprep.log
2013-05-22 16:50 - 2009-07-14 06:46 - 00002790 ____A C:\Windows\DtcInstall.log

Files to move or delete:
====================
C:\ProgramData\FullRemove.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2009-10-13 05:03

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2013 01
Ran by Martin Jost at 2013-06-17 12:44:19 Run:
Running from C:\Users\Martin Jost\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

2007 Microsoft Office Suite Service Pack 2 (SP2)
Acer Arcade Deluxe (Version: 3.2.6929)
Acer Backup Manager (Version: 2.0.2.19)
Acer eRecovery Management (Version: 4.05.3005)
Acer Registration (Version: 1.02.3006)
Acer ScreenSaver (Version: 1.2.0812)
Acer Updater (Version: 1.01.3017)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Advertising Center (Version: 0.0.0.2)
Alice Greenfingers
Amazonia
ATI Catalyst Install Manager (Version: 3.0.732.0)
Backup Manager Advance (Version: 2.0.2.19)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full Existing (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full New (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Light (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0702.1239.20840)
Catalyst Control Center InstallProxy (Version: 2009.0702.1239.20840)
Catalyst Control Center Localization All (Version: 2009.0702.1239.20840)
CCC Help Chinese Standard (Version: 2009.0702.1238.20840)
CCC Help Chinese Traditional (Version: 2009.0702.1238.20840)
CCC Help Czech (Version: 2009.0702.1238.20840)
CCC Help Danish (Version: 2009.0702.1238.20840)
CCC Help Dutch (Version: 2009.0702.1238.20840)
CCC Help English (Version: 2009.0702.1238.20840)
CCC Help Finnish (Version: 2009.0702.1238.20840)
CCC Help French (Version: 2009.0702.1238.20840)
CCC Help German (Version: 2009.0702.1238.20840)
CCC Help Greek (Version: 2009.0702.1238.20840)
CCC Help Hungarian (Version: 2009.0702.1238.20840)
CCC Help Italian (Version: 2009.0702.1238.20840)
CCC Help Japanese (Version: 2009.0702.1238.20840)
CCC Help Korean (Version: 2009.0702.1238.20840)
CCC Help Norwegian (Version: 2009.0702.1238.20840)
CCC Help Polish (Version: 2009.0702.1238.20840)
CCC Help Portuguese (Version: 2009.0702.1238.20840)
CCC Help Russian (Version: 2009.0702.1238.20840)
CCC Help Spanish (Version: 2009.0702.1238.20840)
CCC Help Swedish (Version: 2009.0702.1238.20840)
CCC Help Thai (Version: 2009.0702.1238.20840)
CCC Help Turkish (Version: 2009.0702.1238.20840)
ccc-core-static (Version: 2009.0702.1239.20840)
ccc-utility64 (Version: 2009.0702.1239.20840)
Chicken Invaders 2
Compatibility Pack für 2007 Office System (Version: 12.0.4518.1014)
Dairy Dash
Dream Day First Home
eSobi v2 (Version: 2.0.4.000274)
Farm Frenzy 2
First Class Flurry
Google Toolbar for Internet Explorer (Version: 1.0.0)
Granny In Paradise
Heroes of Hellas
Hotkey Utility (Version: 1.00.3004)
Identity Card (Version: 1.00.3002)
ImagXpress (Version: 7.0.74.0)
Intel® Matrix Storage Manager
Junk Mail filter update (Version: 14.0.8089.726)
Merriam Websters Spell Jam
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Language Pack 2007 - German/Deutsch (Version: 12.0.4518.1014)
Microsoft Office O MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office SharePoint Designer MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office X MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 3.0.40624.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MyWinLocker (Version: 3.1.76.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.7.201)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.7.201)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.9.100)
Nero InfoTool (Version: 6.4.7.201)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.8.1)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.11.209)
Nero StartSmart Help (Version: 9.4.11.208)
Nero StartSmart OEM (Version: 9.16.0.100)
NeroExpress (Version: 9.4.10.505)
neroxml (Version: 1.0.0)
NVIDIA Drivers (Version: 1.7)
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
Update for 2007 Microsoft Office System (KB967642)
Welcome Center (Version: 1.00.3008)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Fotogalerie (Version: 14.0.8081.709)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Live-Uploadtool (Version: 14.0.8014.1029)

==================== Restore Points  =========================

22-05-2013 15:14:49 Installiert Suite
22-05-2013 15:20:25 DirectX wurde installiert
22-05-2013 15:21:32 Installed Microsoft Office Language Pack 2007 - German/Deutsch
22-05-2013 15:57:38 eBay Worldwide wird entfernt
22-05-2013 15:57:57 Removed Norton Online Backup

==================== Scheduled Tasks (whitelisted) =============

Task: {4E70DA77-01A3-4DA6-81F2-B726BDE2DAE8} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {79CED958-9D5F-4042-9898-CC6588AF56C0} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-10-01] (Acer)
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [2009-06-10] ()
Task: {AC954558-5C02-452B-8A9F-7CCFA4390194} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [2009-08-29] ()

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2013 11:38:03 AM) (Source: RasClient) (User: )
Description: CoID={1014F1FC-9845-4B26-A354-8DEB0D721D0C}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "JostWLAN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (05/24/2013 11:36:06 AM) (Source: RasClient) (User: )
Description: CoID={34143840-CAE6-495F-BA5F-4705EE7D1B69}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "JostWLAN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (05/24/2013 11:35:45 AM) (Source: RasClient) (User: )
Description: CoID={6ACAFF70-AAAF-4CB9-A4B9-33B16F93F6DC}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "JostWLAN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (05/24/2013 11:35:09 AM) (Source: RasClient) (User: )
Description: CoID={6127EE60-32BB-447E-94CE-F1C6DFF0C8A8}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "JostWLAN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (05/24/2013 11:33:48 AM) (Source: RasClient) (User: )
Description: CoID={D35772F8-36DB-40BE-9578-561F87F4410C}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "JostWLAN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (05/24/2013 11:31:57 AM) (Source: RasClient) (User: )
Description: CoID={47B23876-2A5A-4833-AD6B-4FA2D236501A}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "JostWLAN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (05/24/2013 11:31:21 AM) (Source: RasClient) (User: )
Description: CoID={64A39606-B47F-4728-8A97-2913F7ED84FC}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "JostWLAN" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (05/22/2013 06:14:26 PM) (Source: RasClient) (User: )
Description: CoID={D3819B02-6EAC-4657-B41B-D4C54CCF93F3}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (05/22/2013 06:14:03 PM) (Source: RasClient) (User: )
Description: CoID={6A0693CD-BF99-4E34-BB7C-9442ACF02A7D}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (05/22/2013 06:13:43 PM) (Source: RasClient) (User: )
Description: CoID={4F6A097A-B49A-4E61-A0B3-29422966C117}: Der Benutzer "MJ-PC\Martin Jost" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.


System errors:
=============
Error: (05/22/2013 04:53:47 PM) (Source: DCOM) (User: )
Description: {9E175B68-F52A-11D8-B9A5-505054503030}

Error: (05/22/2013 04:51:01 PM) (Source: Microsoft-Windows-Application-Experience) (User: NT-AUTORITÄT)
Description: Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht initialisieren.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 4095.18 MB
Available physical RAM: 3337.71 MB
Total Pagefile: 8188.5 MB
Available Pagefile: 7084.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:244.78 GB) (Free:220.82 GB) NTFS
Drive d: (DATA) (Fixed) (Total:244.78 GB) (Free:219.45 GB) NTFS
Drive e: (FRITZ!Box.7270) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
Drive h: (SWB) (Removable) (Total:0.02 GB) (Free:0.02 GB) FAT (Disk=3 Partition=1)
Drive i: () (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT (Disk=4 Partition=1)
Drive k: (Volume) (Fixed) (Total:195.31 GB) (Free:112.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: DDE76C48)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Not Active) - (Size=14 GB) - (Type=27)
Partition 3: (Active) - (Size=100 MB) - (Type=42)
Partition 4: (Not Active) - (Size=245 GB) - (Type=42)

========================================================
Disk: 3 (Size: 23 MB) (Disk ID: 009B9856)
Partition 1: (Active) - (Size=23 MB) - (Type=06)

========================================================
Disk: 4 (Size: 977 MB) (Disk ID: 009B9671)
Partition 1: (Active) - (Size=977 MB) - (Type=06)

==================== End Of Log ============================

schrauber · 17.06.2013, 11:58

Fehlt noch FSS

kmj7 · 20.06.2013, 10:41

So hier noch das fehlende FSS

Code:

ATTFilter

Farbar Service Scanner Version: 16-06-2013
Ran by Martin Jost (administrator) on 20-06-2013 at 11:40:07
Running from "C:\Users\Martin Jost\Desktop"
Windows 7 Home Premium  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2009-07-14 01:25] - [2009-07-14 03:45] - 1898576 ____A (Microsoft Corporation) 912107716BAB424C7870E8E6AF5E07E1

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Code:

ATTFilter

Farbar Service Scanner Version: 16-06-2013
Ran by Martin Jost (administrator) on 20-06-2013 at 11:40:07
Running from "C:\Users\Martin Jost\Desktop"
Windows 7 Home Premium  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2009-07-14 01:25] - [2009-07-14 03:45] - 1898576 ____A (Microsoft Corporation) 912107716BAB424C7870E8E6AF5E07E1

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

schrauber · 20.06.2013, 12:13

Das sieht soweit sauber aus. Definier mal die Probleme mit dem Internet.

kmj7 · 20.06.2013, 13:13

Das hört sich ja schon mal gut an! Ich habe eine fritzbox und den dazu gehörigen Stick den ich nur in die box stecken muss und dann anschliesend in den Pc. Nach dem der Stick sich versucht zu installieren kommt eine Fehlermeldung. Unter ander das er nicht richtig installiert ist. Egal ob ich es auf diesem wege versuche oder mit hilfe der install cd bekomme ich keine verbindung mehr hin

schrauber · 20.06.2013, 14:26

Mal alles von Fritz deinstallieren. Also Du hast kein integriertes WLAN sonder brauchst den Stick oder?

Stick einfach wieder reinstecken, der sollte eigentlich direkt funktionieren, dann verfügbare Netze anzeigen lassen > Deine SSID > Verbinden > WPA2 Schlüssel steht auf der FritzBox Unterseite.

04.06.2013, 14:42	#2
schrauber /// the machine /// TB-Ausbilder	BKA Trojaner Hi, möglich ist alles, aber ohne Logfiles wird das schwer. Ich bin gut, aber hellsehen kan nich noch nicht __________________ __________________

04.06.2013, 17:07	#4
schrauber /// the machine /// TB-Ausbilder	BKA Trojaner Bootet der Rechner noch normal in Windows? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

17.06.2013, 11:58	#10
schrauber /// the machine /// TB-Ausbilder	BKA Trojaner Fehlt noch FSS __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

20.06.2013, 12:13	#12
schrauber /// the machine /// TB-Ausbilder	BKA Trojaner Das sieht soweit sauber aus. Definier mal die Probleme mit dem Internet. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

04.06.2013, 15:05	#3
kmj7	BKA Trojaner Danke für die schnelle Antwort. Was würdest du mir alls nächsten Schritt empfehlen? __________________

12.06.2013, 09:56	#5
kmj7	BKA Trojaner Nachdem ich windows neu auf gespielt habe JA

BKA Trojaner

Log-Analyse und Auswertung: BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner

BKA Trojaner