Windows 7 ständig Pop-ups mit wernung und Systemfehlerhinweisen sowie Update-Aufforderungen zu Reparatur von Windows

1Stift · 16.06.2014, 10:37

ich habe seit ca. einer Woche dass Problem, dass sich im Iternet ständig pop-up fenster öffnen (Werbung und Meldungen, dass mein Computer bedroht sei und ich diverse updates runter laden soll). Zudem sind auch immer wieder Wörter bunt und unterstrichen. Wenn ich mit der Maus darüber gehe,tauchen ebenso komische update aufforderungen auf.
Ich habe keine Ahnung von Viren und Trojaner und ich möchte es vermeiden, Windows zu deinstallieren, weil ich wichtige Programme nicht verlieren möchte.
Kann mir jemand helfen?

Warlord711 · 16.06.2014, 10:48

Hallo 1Stift

Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir "arbeiten" hier alle freiwillig und in unserer Freizeit *hust*. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.

Wichtig:
Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

1Stift · 16.06.2014, 11:09

zuersteinmal vielen Dank, für deine Hilfe.

wenn ich versuche diese Datei herunterzuladen egal ob 32 oder 64 bit, kommt beim Ausführen der Datei eine Fehlermeldung. Es steht dann da: "Diese Datei verfügt über keine gültige Signitau, die den Herausgeber verifiziert. Sie sollten nur Software ausführen, die von Herausgebern stammt, denen Sie vertrauen."
Gehe ich dann trotzdem auf Ausführen kommt folgende Fehlermeldung: C:\Users\Kerstin\Downloads\FRST(1).exe ist keine zulässige Win32-Anwendung.

Was habe ich denn jetzt falsch gemacht?
Un nur so zur Info: wie gesagt ich bin frph wenn ich HIlfe bekomme. Ich bin selbst berufsdtätig und arbeite im Schichtsystem. diese Woche habe ich Spätdienst und arbeite am Vormittag ev. ab 00:00Uhr am Computer.

Vielen Dank

Warlord711 · 16.06.2014, 12:05

Kannst du bitte nochmal versuchen, die Datei herunterzuladen ? Vielleicht ist der Download fehlerhaft. Speicher die Datei auch bitte auf den Desktop ab oder kopiere Sie nach dem Download dorthin.

1Stift · 17.06.2014, 09:50

Hallo Timo,

ich habe gestern meine guten Manieren vergessen und vergessen mich vorzustellen. Mein Name ist Kerstin.
Mein Probelm von gestern besteht leider immernoch. Ich habe die 64-Bit Version einmal nach dem Download auf dem Desktop gespeichert und einmal direkt über Ziel speichern unter auf dem Desktop gespeichert. Zusätzlich habe ich die gleichen Varianten mit der älteren Version, die dort zum Download angeboten wird, versucht. Es kommt leider immer wieder die gleiche Fehlermeldung wie gestern und ich kann den Scan nicht starten.
Gibt es noch eine andere Seite von der ich das ganze runterladen kann?
Vielleicht hängt das aber auch dem Zeug zusammen, was ich mir da eingefangen habe?

Warlord711 · 17.06.2014, 10:01

Hallo Kerstin !

Dann versuche bitte die Alternativseite:

Farbar Recovery Scan Tool Download

1Stift · 17.06.2014, 11:06

So das ganz hat jetzt ewig gedauert - mit dem Ergebnis der gleichen Fehlermeldung.
Leider hängt google auch immer wieder, sodass ich tw. auch erst mit Verzögerung deine Nachrichten bekomme.
Was nun?

Warlord711 · 17.06.2014, 12:05

Kannst du denn andere Dateien aus dem Internet laden und ausführen ?

1Stift · 18.06.2014, 10:08

Hallo Timo,

so wie es aussieht kann ich auch keine anderen Dateien laden und ausführen. Hab aus SPaß an der Freude versucht Kaspersky zu laden und auszuführen. Beim Ausführen kam wieder die Meldung, dass dies keine zulässige Win32-Anwendung ist. Vorher wird mir wieder erzählt, dass es keine gültige Signatur gibt...

Gibt es noch Hoffnung oder muss ich das System neu installieren?

Warlord711 · 19.06.2014, 15:24

Bitte führe diese Anleitung durch:

http://www.trojaner-board.de/85464-f...usfuehren.html

1Stift · 21.06.2014, 18:00

Hallo Timo,

über Umwege habe ich das ganze jetzt geschafft. Über die Fixexe Datei und die Ausweichvariante hat das auch nicht geklappt. Ich habe die FRST64 Datei auf einem anderen sauberen Rechner auf einen USB-Stick runtergeladen. Die Dateien habe ich vom Stick aus am betroffenen Rechner im abgesicherten Modus ohne Netzwerkverbindungen gestartet. Das hat dann tatsächlich funktioniert. Nun folgen die FRST.txt und Addition.txt Dateien

Danke Kerstin

FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Kerstin (administrator) on HUGO on 21-06-2014 18:47:17
Running from E:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)


==================== Processes (Whitelisted) =================



==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-23] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-29] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-11-12] (Acer Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avast5] => C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2013-12-19] (AVAST Software)
HKLM-x32\...\Run: [CardDetectorICON515] => C:\Program Files (x86)\CardDetector\ICON515\CardDetector.exe [287472 2009-11-12] (France Telecom SA)
HKLM-x32\...\Run: [BEWINTERNET-CHSessionManager] => C:\Program Files (x86)\Internet Everywhere\IEWCH_8.0\SessionManager\SessionManager.exe [140016 2009-11-12] (France Telecom SA)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-19] (AVAST Software)
HKU\S-1-5-21-319184197-2032305868-326389486-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-05] (Google Inc.)
HKU\S-1-5-21-319184197-2032305868-326389486-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-319184197-2032305868-326389486-1000\...\Run: [Amazon Cloud Player] => C:\Users\Kerstin\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3139072 2013-11-24] ()
HKU\S-1-5-21-319184197-2032305868-326389486-1000\...\MountPoints2: {6e471881-5678-11e3-a9de-00262d8630e0} - E:\laucher.exe
HKU\S-1-5-21-319184197-2032305868-326389486-1000\...\MountPoints2: {77a9aa59-bb6f-11df-9b81-00262d8630e0} - E:\MicroLauncher.exe
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [256568 2012-12-14] (Citrix Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()
Startup: C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kerstin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360310l526l0418z155t54m1d66q
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE371
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE371
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Google Toolbar for Firefox - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-08-09]
FF Extension: ICQ Toolbar - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012-08-13]
FF Extension: Adblock Plus - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-12]
FF Extension: Google Toolbar for Firefox - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-08-09]
FF Extension: ICQ Toolbar - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012-08-13]
FF Extension: Adblock Plus - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\qjeq9mrb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-12]
FF Extension: Skype extension for Firefox - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-04-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-07-30]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Wallet) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [ikgojpdbiniccokkgadmdheobjfdbbcg] - C:\Program Files (x86)\WebSparkle\ikgojpdbiniccokkgadmdheobjfdbbcg.crx [2013-09-02]

==================== Services (Whitelisted) =================

S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-19] (AVAST Software)
S2 FTRTSVC; C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [90112 2009-11-12] (France Telecom SA) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
S2 Update WebSparkle; C:\Program Files (x86)\WebSparkle\updateWebSparkle.exe [318240 2014-06-21] ()
S2 Util WebSparkle; C:\Program Files (x86)\WebSparkle\bin\utilWebSparkle.exe [318240 2014-06-21] ()

==================== Drivers (Whitelisted) ====================

S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-19] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-19] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-19] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-19] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-19] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-12] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-10-31] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-19] ()
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [88576 2009-08-04] (Option N.V.)
S3 GTUHSNDISIPXP; C:\Windows\System32\DRIVERS\gtuhs51.sys [129536 2009-08-04] (Option N.V.)
S3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [10496 2009-08-04] (Option N.V.)
S2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S1 {058899d6-9704-4de3-aae7-17e9fc44c761}Gw64; C:\Windows\System32\drivers\{058899d6-9704-4de3-aae7-17e9fc44c761}Gw64.sys [61120 2014-04-24] (StdLib)
S1 {058899d6-9704-4de3-aae7-17e9fc44c761}w64; C:\Windows\System32\drivers\{058899d6-9704-4de3-aae7-17e9fc44c761}w64.sys [61120 2014-06-09] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-21 18:46 - 2014-06-21 18:47 - 00000000 ____D () C:\FRST
2014-06-21 18:26 - 2014-06-21 18:26 - 02070620 _____ () C:\Users\Kerstin\Downloads\FRST64(5).exe
2014-06-21 18:22 - 2014-06-21 18:22 - 02053676 _____ () C:\Users\Kerstin\Downloads\FRST64(7).exe
2014-06-21 18:21 - 2014-06-21 18:21 - 02067796 _____ () C:\Users\Kerstin\Downloads\FRST64(6).exe
2014-06-21 18:21 - 2014-06-21 18:21 - 02066384 _____ () C:\Users\Kerstin\Desktop\FRST64(5).exe
2014-06-21 18:12 - 2014-06-21 18:12 - 00001205 _____ () C:\Users\Kerstin\Desktop\FixNCR.reg
2014-06-21 18:10 - 2014-06-21 18:11 - 00000335 _____ () C:\Users\Kerstin\Desktop\FixExe.reg
2014-06-18 11:22 - 2014-06-18 11:23 - 00909068 _____ () C:\Users\Kerstin\Downloads\jxpiinstall(1).exe
2014-06-18 11:02 - 2014-06-18 11:03 - 00511516 _____ () C:\Users\Kerstin\Downloads\Kaspersky%20Anti-Virus.exe
2014-06-18 10:57 - 2014-06-18 10:57 - 02075632 _____ () C:\Users\Kerstin\Downloads\FRST64(4).exe
2014-06-17 12:20 - 2014-06-17 12:24 - 02060100 _____ () C:\Users\Kerstin\Downloads\FRST64(3).exe
2014-06-17 12:01 - 2014-06-17 12:01 - 02067160 _____ () C:\Users\Kerstin\Desktop\FRST64(3).exe
2014-06-17 10:40 - 2014-06-17 10:40 - 02065748 _____ () C:\Users\Kerstin\Desktop\FRST64.exe
2014-06-17 10:39 - 2014-06-17 10:39 - 02072808 _____ () C:\Users\Kerstin\Downloads\FRST64(2).exe
2014-06-17 10:38 - 2014-06-17 10:38 - 02057276 _____ () C:\Users\Kerstin\Desktop\FRST64(2).exe
2014-06-16 12:16 - 2014-06-16 12:16 - 02074220 _____ () C:\Users\Kerstin\Downloads\FRST64(1).exe
2014-06-16 12:10 - 2014-06-16 12:10 - 01062756 _____ () C:\Users\Kerstin\Downloads\FRST(3).exe
2014-06-16 12:09 - 2014-06-16 12:09 - 01068404 _____ () C:\Users\Kerstin\Downloads\FRST(2).exe
2014-06-16 12:00 - 2014-06-16 12:00 - 01062756 _____ () C:\Users\Kerstin\Downloads\FRST(1).exe
2014-06-16 11:59 - 2014-06-16 11:59 - 01059932 _____ () C:\Users\Kerstin\Downloads\FRST.exe
2014-06-16 11:58 - 2014-06-16 11:58 - 02065748 _____ () C:\Users\Kerstin\Downloads\FRST64.exe
2014-06-16 11:07 - 2014-06-16 11:16 - 00955712 _____ (Chip Digital GmbH) C:\Users\Kerstin\Downloads\Kaspersky Virus Removal Tool - CHIP-Installer.exe
2014-06-16 10:38 - 2014-06-16 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-16 10:38 - 2014-06-16 10:38 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-16 10:37 - 2014-06-09 11:52 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{058899d6-9704-4de3-aae7-17e9fc44c761}w64.sys
2014-06-10 13:49 - 2014-06-10 13:50 - 00800624 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(7).exe
2014-06-10 13:33 - 2014-06-10 13:33 - 00811920 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(6).exe
2014-06-10 13:15 - 2014-06-10 13:15 - 00000000 ____D () C:\ProgramData\CDB
2014-06-10 13:14 - 2014-06-10 13:14 - 00817568 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(5).exe
2014-06-10 13:12 - 2014-06-10 13:12 - 00802036 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(4).exe
2014-06-10 13:11 - 2014-06-10 13:11 - 00803448 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(3).exe
2014-06-10 13:09 - 2014-06-10 13:35 - 00000136 _____ () C:\Windows\Reimage.ini
2014-06-10 13:09 - 2014-06-10 13:09 - 00817568 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(2).exe
2014-06-10 13:08 - 2014-06-10 13:08 - 00811920 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(1).exe
2014-06-10 13:02 - 2014-06-10 13:02 - 00811436 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair.exe
2014-06-06 11:27 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-06 11:27 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-06 11:27 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-06 11:27 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-06 11:27 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-06 11:27 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-06 11:26 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-06 11:26 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-06 11:26 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-06 11:26 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-06 11:26 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-06 11:26 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-06 11:26 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-06 11:26 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-06 11:26 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-06 11:26 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-06 11:26 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-06 11:26 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-06 11:26 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-06 11:26 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-06 11:26 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-06 11:26 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-06 11:26 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-06 11:26 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-06 11:26 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-06 11:26 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-06 11:26 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-06 11:26 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-06 11:26 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-06 11:26 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-06 11:26 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-06 11:26 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-06 11:26 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-06 11:26 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-06 11:26 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-06 11:26 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-01 19:32 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-01 19:32 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-01 16:13 - 2014-06-01 21:39 - 00000000 ____D () C:\Users\Kerstin\Desktop\Unterlagen.bewerbung
2014-06-01 15:57 - 2014-06-01 19:43 - 00000000 ____D () C:\Users\Kerstin\Desktop\2014_06_01
2014-06-01 15:49 - 2014-06-21 18:18 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\DropboxMaster

==================== One Month Modified Files and Folders =======

2014-06-21 18:47 - 2014-06-21 18:46 - 00000000 ____D () C:\FRST
2014-06-21 18:47 - 2010-03-16 23:07 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-06-21 18:47 - 2010-03-16 23:07 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-06-21 18:47 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-21 18:42 - 2013-08-17 09:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-21 18:42 - 2010-03-20 19:53 - 01449500 _____ () C:\Windows\WindowsUpdate.log
2014-06-21 18:40 - 2010-05-16 20:59 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-21 18:40 - 2009-11-05 05:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-21 18:39 - 2014-04-01 16:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-21 18:36 - 2010-11-17 17:21 - 00000000 ___RD () C:\Users\Kerstin\Documents\My Dropbox
2014-06-21 18:26 - 2014-06-21 18:26 - 02070620 _____ () C:\Users\Kerstin\Downloads\FRST64(5).exe
2014-06-21 18:25 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-21 18:25 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-21 18:23 - 2012-08-12 14:40 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-21 18:22 - 2014-06-21 18:22 - 02053676 _____ () C:\Users\Kerstin\Downloads\FRST64(7).exe
2014-06-21 18:21 - 2014-06-21 18:21 - 02067796 _____ () C:\Users\Kerstin\Downloads\FRST64(6).exe
2014-06-21 18:21 - 2014-06-21 18:21 - 02066384 _____ () C:\Users\Kerstin\Desktop\FRST64(5).exe
2014-06-21 18:18 - 2014-06-01 15:49 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\DropboxMaster
2014-06-21 18:18 - 2010-11-17 17:19 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Dropbox
2014-06-21 18:16 - 2010-03-21 12:43 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-21 18:16 - 2009-07-14 04:34 - 00000612 _____ () C:\Windows\win.ini
2014-06-21 18:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-21 18:14 - 2009-07-14 06:51 - 00109153 _____ () C:\Windows\setupact.log
2014-06-21 18:12 - 2014-06-21 18:12 - 00001205 _____ () C:\Users\Kerstin\Desktop\FixNCR.reg
2014-06-21 18:11 - 2014-06-21 18:10 - 00000335 _____ () C:\Users\Kerstin\Desktop\FixExe.reg
2014-06-21 17:56 - 2010-03-21 12:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-18 11:23 - 2014-06-18 11:22 - 00909068 _____ () C:\Users\Kerstin\Downloads\jxpiinstall(1).exe
2014-06-18 11:03 - 2014-06-18 11:02 - 00511516 _____ () C:\Users\Kerstin\Downloads\Kaspersky%20Anti-Virus.exe
2014-06-18 10:57 - 2014-06-18 10:57 - 02075632 _____ () C:\Users\Kerstin\Downloads\FRST64(4).exe
2014-06-17 12:24 - 2014-06-17 12:20 - 02060100 _____ () C:\Users\Kerstin\Downloads\FRST64(3).exe
2014-06-17 12:01 - 2014-06-17 12:01 - 02067160 _____ () C:\Users\Kerstin\Desktop\FRST64(3).exe
2014-06-17 10:40 - 2014-06-17 10:40 - 02065748 _____ () C:\Users\Kerstin\Desktop\FRST64.exe
2014-06-17 10:39 - 2014-06-17 10:39 - 02072808 _____ () C:\Users\Kerstin\Downloads\FRST64(2).exe
2014-06-17 10:38 - 2014-06-17 10:38 - 02057276 _____ () C:\Users\Kerstin\Desktop\FRST64(2).exe
2014-06-16 12:16 - 2014-06-16 12:16 - 02074220 _____ () C:\Users\Kerstin\Downloads\FRST64(1).exe
2014-06-16 12:10 - 2014-06-16 12:10 - 01062756 _____ () C:\Users\Kerstin\Downloads\FRST(3).exe
2014-06-16 12:09 - 2014-06-16 12:09 - 01068404 _____ () C:\Users\Kerstin\Downloads\FRST(2).exe
2014-06-16 12:00 - 2014-06-16 12:00 - 01062756 _____ () C:\Users\Kerstin\Downloads\FRST(1).exe
2014-06-16 11:59 - 2014-06-16 11:59 - 01059932 _____ () C:\Users\Kerstin\Downloads\FRST.exe
2014-06-16 11:58 - 2014-06-16 11:58 - 02065748 _____ () C:\Users\Kerstin\Downloads\FRST64.exe
2014-06-16 11:16 - 2014-06-16 11:07 - 00955712 _____ (Chip Digital GmbH) C:\Users\Kerstin\Downloads\Kaspersky Virus Removal Tool - CHIP-Installer.exe
2014-06-16 10:38 - 2014-06-16 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-16 10:38 - 2014-06-16 10:38 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-16 10:38 - 2013-11-08 17:05 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-16 10:36 - 2013-12-15 11:28 - 00000000 ____D () C:\Program Files (x86)\WebSparkle
2014-06-10 15:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-10 15:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-10 13:50 - 2014-06-10 13:49 - 00800624 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(7).exe
2014-06-10 13:35 - 2014-06-10 13:09 - 00000136 _____ () C:\Windows\Reimage.ini
2014-06-10 13:33 - 2014-06-10 13:33 - 00811920 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(6).exe
2014-06-10 13:19 - 2011-11-15 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-06-10 13:15 - 2014-06-10 13:15 - 00000000 ____D () C:\ProgramData\CDB
2014-06-10 13:14 - 2014-06-10 13:14 - 00817568 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(5).exe
2014-06-10 13:12 - 2014-06-10 13:12 - 00802036 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(4).exe
2014-06-10 13:11 - 2014-06-10 13:11 - 00803448 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(3).exe
2014-06-10 13:09 - 2014-06-10 13:09 - 00817568 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(2).exe
2014-06-10 13:08 - 2014-06-10 13:08 - 00811920 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair(1).exe
2014-06-10 13:02 - 2014-06-10 13:02 - 00811436 _____ (Reimage®) C:\Users\Kerstin\Downloads\ReimageRepair.exe
2014-06-09 11:52 - 2014-06-16 10:37 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{058899d6-9704-4de3-aae7-17e9fc44c761}w64.sys
2014-06-06 13:09 - 2014-03-21 18:07 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Paint.NET
2014-06-01 22:01 - 2012-01-03 20:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-01 21:39 - 2014-06-01 16:13 - 00000000 ____D () C:\Users\Kerstin\Desktop\Unterlagen.bewerbung
2014-06-01 19:43 - 2014-06-01 15:57 - 00000000 ____D () C:\Users\Kerstin\Desktop\2014_06_01
2014-06-01 18:14 - 2013-12-15 12:30 - 00000000 ____D () C:\Users\Kerstin\Arbeit
2014-06-01 15:49 - 2011-05-28 19:49 - 00001348 _____ () C:\Windows\wininit.ini
2014-06-01 15:49 - 2010-11-17 17:20 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Users\Kerstin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4ql2vq.dll
C:\Users\Kerstin\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Kerstin\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Kerstin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Kerstin\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Kerstin\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Kerstin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Kerstin\AppData\Local\Temp\Risweb32.exe
C:\Users\Kerstin\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Kerstin\AppData\Local\Temp\setup.exe
C:\Users\Kerstin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kerstin\AppData\Local\Temp\sqlite3.exe
C:\Users\Kerstin\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\Kerstin\AppData\Local\Temp\{8E994A0B-B690-491A-A63E-FFBEAE77DBF3}-35.0.1916.153_35.0.1916.114_chrome_updater.exe
C:\Users\Kerstin\AppData\Local\Temp\{C735D7CC-D3D0-41C5-8B8B-60B831538B53}-GoogleUpdateSetup.exe
C:\Users\Kerstin\AppData\Local\Temp\{C75FA2B7-CDA9-420D-813C-89B3F2E1F860}-GoogleUpdateSetup.exe
C:\Users\Kerstin\AppData\Local\Temp\{D66B12BD-EAC9-475A-9080-7394FB83F2B6}-35.0.1916.114_chrome_installer.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-10 14:44

==================== End Of Log ============================

--- --- ---

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Kerstin at 2014-06-21 18:48:33
Running from E:\
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7112 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7112 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.9.3 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.5.0715 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}) (Version: 1.4.17.35005 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.4.17.35005 - Alcor Micro Corp.) Hidden
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
ATI Catalyst Install Manager (HKLM\...\{11F38253-8940-FFDA-D131-B14120C357E4}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2011 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.03 - Broadcom Corporation)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version:  - )
Card Detector for Option Icon 515 (HKLM-x32\...\CardDetectorICON515) (Version: 1.1.2.0 - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1209.2335.42329 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help English (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help French (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help German (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1209.2335.42329 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.1209.2335.42329 - ATI) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citrix Authentication Manager (x32 Version: 4.0.0.53726 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.4.0.25 - Citrix Systems, Inc.)
Citrix Receiver (USB) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (x32 Version: 3.4.0.29585 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 3.4.0.29577 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
EndNote X3 (HKLM-x32\...\{86B3F2D6-AC2B-4E88-8AE1-F2F77F781B0C}) (Version: 13.0.0.4094 - Thomson Reuters)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Everywhere deinstallieren (HKLM-x32\...\{BEWINTERNET-CH}.UninstallSuite) (Version:  - )
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
mediscript Hammerexamen (HKLM-x32\...\{1231D46E-3174-4F1F-859E-41DCB0D070D2}) (Version: 5.0.0 - Elsevier GmbH)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.0.162.0 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
Online Plug-in (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF-Viewer (HKLM\...\{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1) (Version: 2.0.50.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - )
Self-Service Plug-in (x32 Version: 3.4.0.33684 - Citrix Systems, Inc.) Hidden
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sophos Windows Shortcut Exploit Protection Tool (HKLM-x32\...\{54171711-61B7-4B0E-A209-12FF5B3BD183}) (Version: 1.0.0.0 - Sophos)
SPSS 15.0 für Windows [Auswertung Version] (HKLM-x32\...\{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}) (Version: 15.0.1 - SPSS Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.0.8421  - TeamViewer GmbH)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ULTIMATER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ULTIMATER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ULTIMATER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 1.1.3 (HKLM-x32\...\VLC media player) (Version: 1.1.3 - VideoLAN)
WebSparkle (HKLM\...\WebSparkle) (Version: 2013.12.07.011955 - WebSparkle) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Wise Registry Cleaner 6.14 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version:  - WiseCleaner.com, Inc.)
WISO Steuer 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Restore Points  =========================

28-04-2014 19:01:43 Windows Update
28-04-2014 19:32:07 Windows Update
07-05-2014 17:08:07 Windows Update
07-05-2014 17:55:06 Windows Update
11-05-2014 18:23:17 Windows Update
13-05-2014 10:14:48 Windows Update
01-06-2014 18:41:06 Geplanter Prüfpunkt
01-06-2014 20:02:04 Windows Update
06-06-2014 09:09:34 Windows Update
06-06-2014 10:20:28 Windows Update
10-06-2014 10:04:56 Windows Update
21-06-2014 16:16:00 avast! antivirus system restore point
21-06-2014 16:26:14 Windows Update
21-06-2014 16:31:10 avast! antivirus system restore point
21-06-2014 16:36:53 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2011-11-15 20:22 - 00438443 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0666B8B5-0254-4CDC-BDB2-011F21B402B7} - System32\Tasks\{FDCAE0D5-2D0B-4827-9273-490DB752506B} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {07E00FAB-4F5B-40F8-92BE-9D9006C83502} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {109BFCBD-94EE-467D-A8D4-8CB7217CEB13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-01] (Adobe Systems Incorporated)
Task: {1BC7DB76-EBF1-452D-AB55-40CB22D22060} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-10-01] (Acer)
Task: {20C1BE03-F597-4857-AAA5-D061A01238F2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {667540B5-E479-4754-AE77-BB627262EEE1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {B0EA23C9-BA2B-4D12-B808-7A67A9FADFF7} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [2009-08-29] ()
Task: {BADC4FA6-4809-4B9B-ACAA-C2184E1332FD} - System32\Tasks\{230639C5-1C63-4394-8C81-1DC3C6E8591F} => C:\Program Files (x86)\Internet Everywhere\IEWCH_8.0\Launcher\Launcher.exe [2009-11-12] (France Telecom SA)
Task: {BDDBB04A-27AF-44DE-AF38-73CACB10228D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-21] (Google Inc.)
Task: {C1C6488E-BCED-4000-9548-F5F6BA5B0738} - System32\Tasks\{FD274F6B-FE19-4429-9AFD-A18E6FB0950A} => C:\Program Files (x86)\Internet Everywhere\IEWCH_8.0\Launcher\Launcher.exe [2009-11-12] (France Telecom SA)
Task: {E4E5B5DF-2A2E-407F-B5EE-1132B1718E23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-21] (Google Inc.)
Task: {F92A6DBF-3CAF-42D1-871E-BAD07CBB6A91} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-12-19] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/21/2014 06:26:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/21/2014 06:26:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/21/2014 06:23:07 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/21/2014 06:23:06 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/18/2014 10:57:16 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/17/2014 11:53:58 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/16/2014 00:51:16 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/16/2014 11:18:34 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/16/2014 11:18:24 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/10/2014 02:57:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (06/21/2014 06:45:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/21/2014 06:45:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/21/2014 06:45:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/21/2014 06:45:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/21/2014 06:45:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/21/2014 06:45:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/21/2014 06:45:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/21/2014 06:45:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (06/21/2014 06:45:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/21/2014 06:45:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (05/23/2013 02:42:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3418 seconds with 2520 seconds of active time.  This session ended with a crash.

Error: (05/23/2013 01:24:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 851 seconds with 780 seconds of active time.  This session ended with a crash.

Error: (05/23/2013 01:00:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 431 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (05/23/2013 00:52:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8000 seconds with 7620 seconds of active time.  This session ended with a crash.

Error: (05/23/2013 10:38:38 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 121 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (05/23/2013 10:36:09 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1877 seconds with 1500 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 3956.5 MB
Available physical RAM: 3222.68 MB
Total Pagefile: 7911.18 MB
Available Pagefile: 7212.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:136.34 GB) NTFS
Drive e: () (Removable) (Total:7.45 GB) (Free:5.68 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 1B5F1B5F)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 001DE8BD)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================

Warlord711 · 23.06.2014, 11:51

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Reg: reg query "HKCU\Software\Classes\.exe" /S
Reg: reg query "HKCU\Software\Classes\exefile" /S
Reg: reg query "HKCU\Software\Classes\secfile" /S
Reg: reg query "HKCU\Software\Classes\ah" /S
Reg: reg query "HKCR\.exe" /S
Reg: reg query "HKCR\secfile" /S
Reg: reg query "HKCR\exefile" /S
Reg: reg query "HKCR\pezfile" /S
Reg: reg query "HKCR\sezfile" /S
Reg: reg query "HKCR\ah" /S

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

1Stift · 23.06.2014, 18:39

Hallo Timo,

hier die Fixlog.txt

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-06-2014 01
Ran by Kerstin at 2014-06-23 19:27:37 Run:1
Running from E:\
Boot Mode: Safe Mode (minimal)
==============================================

Content of fixlist:
*****************
Reg: reg query "HKCU\Software\Classes\.exe" /S
Reg: reg query "HKCU\Software\Classes\exefile" /S
Reg: reg query "HKCU\Software\Classes\secfile" /S
Reg: reg query "HKCU\Software\Classes\ah" /S
Reg: reg query "HKCR\.exe" /S
Reg: reg query "HKCR\secfile" /S
Reg: reg query "HKCR\exefile" /S
Reg: reg query "HKCR\pezfile" /S
Reg: reg query "HKCR\sezfile" /S
Reg: reg query "HKCR\ah" /S
         
*****************


========= reg query "HKCU\Software\Classes\.exe" /S =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg query "HKCU\Software\Classes\exefile" /S =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg query "HKCU\Software\Classes\secfile" /S =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg query "HKCU\Software\Classes\ah" /S =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg query "HKCR\.exe" /S =========


HKEY_CLASSES_ROOT\.exe
    (Standard)    REG_SZ    exefile
    Content Type    REG_SZ    application/x-msdownload

HKEY_CLASSES_ROOT\.exe\PersistentHandler
    (Standard)    REG_SZ    {098f2470-bae0-11cd-b579-08002b30bfeb}



========= End of Reg: =========


========= reg query "HKCR\secfile" /S =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg query "HKCR\exefile" /S =========


HKEY_CLASSES_ROOT\exefile
    (Standard)    REG_SZ    Application
    EditFlags    REG_BINARY    38070000
    FriendlyTypeName    REG_EXPAND_SZ    @%SystemRoot%\System32\shell32.dll,-10156

HKEY_CLASSES_ROOT\exefile\DefaultIcon
    (Standard)    REG_SZ    %1

HKEY_CLASSES_ROOT\exefile\shell

HKEY_CLASSES_ROOT\exefile\shell\open
    EditFlags    REG_BINARY    00000000

HKEY_CLASSES_ROOT\exefile\shell\open\command
    (Standard)    REG_SZ    "%1" %*

HKEY_CLASSES_ROOT\exefile\shell\runas
    HasLUAShield    REG_SZ    

HKEY_CLASSES_ROOT\exefile\shell\runas\command
    (Standard)    REG_SZ    "%1" %*

HKEY_CLASSES_ROOT\exefile\shell\runasuser
    (Standard)    REG_SZ    @shell32.dll,-50944
    Extended    REG_SZ    
    SuppressionPolicyEx    REG_SZ    {F211AA05-D4DF-4370-A2A0-9F19C09756A7}

HKEY_CLASSES_ROOT\exefile\shell\runasuser\command
    DelegateExecute    REG_SZ    {ea72d00e-4960-42fa-ba92-7792a7944c1d}

HKEY_CLASSES_ROOT\exefile\shellex

HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers
    (Standard)    REG_SZ    Compatibility

HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility
    (Standard)    REG_SZ    {1d27f844-3a1f-4410-85ac-14651078412d}

HKEY_CLASSES_ROOT\exefile\shellex\DropHandler
    (Standard)    REG_SZ    {86C86720-42A0-1069-A2E8-08002B30309D}

HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers

HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page
    (Standard)    REG_SZ    {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}

HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\{B41DB860-64E4-11D2-9906-E49FADC173CA}
    (Standard)    REG_SZ    

HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
    (Standard)    REG_SZ    



========= End of Reg: =========


========= reg query "HKCR\pezfile" /S =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg query "HKCR\sezfile" /S =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg query "HKCR\ah" /S =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


==== End of Fixlog ====

Warlord711 · 23.06.2014, 20:06

Ok, versuchen wir erst einmal, die Fehlermeldung beim Starten von Programmen in den Griff zu bekommen.

Start--> ausführen--> notepad (reinschreiben)--> ok Kopiere nun bitte folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Windows Registry Editor Version 5.00

[-HKEY_CLASSES_ROOT\.exe]

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

[HKEY_CLASSES_ROOT\.exe\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00

[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"

[HKEY_CLASSES_ROOT\exefile\shell]

[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"

[HKEY_CLASSES_ROOT\exefile\shellex]

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"

[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[-HKEY_CLASSES_ROOT\SystemFileAssociations\.exe]

[HKEY_CLASSES_ROOT\SystemFileAssociations\.exe]
"FullDetails"="prop:System.PropGroup.Description;System.FileDescription;System.ItemTypeText;System.FileVersion;System.Software.ProductName;System.Software.ProductVersion;System.Copyright;*System.Category;*System.Comment;System.Size;System.DateModified;System.Language;*System.Trademarks;*System.OriginalFileName"
"InfoTip"="prop:System.FileDescription;System.Company;System.FileVersion;System.DateCreated;System.Size"
"TileInfo"="prop:System.FileDescription;System.Company;System.FileVersion;System.DateCreated;System.Size"

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids]
"exefile"=hex(0):

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

Speichere es nun unter regfix.reg
achte darauf, dass bei Datei-Typ "Alle Dateien" angegeben ist
nun sollte auf Deinem Desktop erscheinen
Mache nun einen Doppelklick auf die Datei regfix.reg
Bestätige mit Ja, dann drücke OK
Starte den Rechner neu auf

Hier findest Du eine bebilderte Anleitung

Danach bitte den Rechner im Normalmodus starten und eine Datei die vorher nicht funktionierte, ausführen.

1Stift · 24.06.2014, 18:28

Hallo Timo,

dieser Versuch ist leider fehlgeschalgen. Ich habe alles nach Anweisung befolgt. Nach dem Speichern unter Desktop erschien auch das beschriebene Symbol auf dem Dektop - nur hieß die Datei dann nicht regfix.reg sondern nur "regfix" . Ich habe dann trotzdem die Anweisungen weiter befolgt und am Ende kam auch die Mitteilung: "Die Schlüssel und Werte von C:user\Kerstin\Desktop\regfix.reg wurden erfolgreich in die Registrierung eingetragen." Ich habe den Laptop neu gestartet und ich habe versucht die FRST-Datei zu starten (die war noch auf dem Desktop) - das hat dann nicht funktioniert. Ich habe diese erneut aus dem Internet runtergeladen, was dann auch nicht funktioniert hat. Zudem habe ich die regfix - Datei auch mal auf dem USB-Stick gespreichert und es darüber versucht - hat leidern auch nicht funktioniert...

16.06.2014, 12:05	#4
Warlord711 /// TB-Ausbilder	Windows 7 ständig Pop-ups mit wernung und Systemfehlerhinweisen sowie Update-Aufforderungen zu Reparatur von Windows Kannst du bitte nochmal versuchen, die Datei herunterzuladen ? Vielleicht ist der Download fehlerhaft. Speicher die Datei auch bitte auf den Desktop ab oder kopiere Sie nach dem Download dorthin.

17.06.2014, 10:01	#6
Warlord711 /// TB-Ausbilder	Windows 7 ständig Pop-ups mit wernung und Systemfehlerhinweisen sowie Update-Aufforderungen zu Reparatur von Windows Hallo Kerstin ! Dann versuche bitte die Alternativseite: Farbar Recovery Scan Tool Download

17.06.2014, 12:05	#8
Warlord711 /// TB-Ausbilder	Windows 7 ständig Pop-ups mit wernung und Systemfehlerhinweisen sowie Update-Aufforderungen zu Reparatur von Windows Kannst du denn andere Dateien aus dem Internet laden und ausführen ?

19.06.2014, 15:24	#10
Warlord711 /// TB-Ausbilder	Windows 7 ständig Pop-ups mit wernung und Systemfehlerhinweisen sowie Update-Aufforderungen zu Reparatur von Windows Bitte führe diese Anleitung durch: http://www.trojaner-board.de/85464-f...usfuehren.html

Windows 7 ständig Pop-ups mit wernung und Systemfehlerhinweisen sowie Update-Aufforderungen zu Reparatur von Windows

Log-Analyse und Auswertung: Windows 7 ständig Pop-ups mit wernung und Systemfehlerhinweisen sowie Update-Aufforderungen zu Reparatur von Windows