Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.03.2014, 15:37   #1
Jokergirl
 
Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Hallo

mein Freund hat mir diese Seite empfohlen und ich hoffe ihr könnt mir helfen. Ich habe folgendes Problem:
Gestern war ich mit meinem Netbook (ASUS Eee Pc Seashell mit Windows 7 Starter) ganz normal im Internet unterwegs, auf einmal hat es dann komplett die Verbindung verloren und es waren auch keine mehr verfügbar. Daraufhin habe ich bei den Windows-Updates geschaut, ob es neue gibt, in der Hoffnung auf ein Treiberupdate. Es gab 30 neue Updates, allerdings nur für Microsoft Office 2007 Enterprise, das ich vor ein paar Tagen mit einem externen Laufwerk auf dem Netbook installiert habe. Nach Installation der Updates wollte ich das Netbook neu starten und da fingen die Probleme an. Es startet nämlich nicht mehr. Nach dem ASUS-Startbildschirm kommt ein blauer Bildschirm mit dem Text "A problem has been detected and windows has been shut down to prevent damage to your computer" und so weiter. Dann startet das Netbook neu und es kommt die Meldung "Windows konnte nicht gestartet werden". Ich habe dann die Möglichkeit zwischen Systemstartreparatur und normalem Starten zu wählen. Systemstartreparatur bringt nichts. Ich habe auch schon versucht, das Netbook zurückzusetzen, es hat aber bei keinem der ausgewählten Punkte geklappt. Im abgesicherten Modus kann ich es starten, jedoch kann ich die Updates damit nicht deinstallieren. Ich weiß wirklich nicht mehr weiter.. Ich habe die erforderlichen Scans ausgeführt, den ersten habe ich aber noch ausgelassen, da mein Netbook kein eigenes Laufwerk hat. Ich würde mich wirklich über Hilfe freuen, vielen Dank schonmal.

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Judith (administrator) on JUDITH-PC on 22-03-2014 15:39:38
Running from D:\Downloads
Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Google Inc.) C:\Users\Judith\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Judith\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Judith\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Judith\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GfxServiceInstall] - C:\windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-13] ()
HKLM\...\Run: [HotkeyMon] - C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe [101800 2011-08-09] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] - C:\Program Files\ASUS\HotkeyService\HotkeyService.exe [1263024 2011-08-09] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] - C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [425400 2011-08-01] (ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] - C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-11-10] (AsusTek Computer Inc.)
HKLM\...\Run: [CapsHook] - C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUS)
HKLM\...\Run: [Eee Docking] - C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [417456 2011-07-14] (ASUSTek Computer Inc.)
HKLM\...\Run: [ASUSWebStorage] - C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM\...\Run: [VAWinAgent] - C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-08-19] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10828392 2011-09-02] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2262312 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-337867050-3941853981-1478884236-1000\...\Run: [Google Update] - C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-23] (Google Inc.)
HKU\S-1-5-21-337867050-3941853981-1478884236-1000\...\Run: [Speech Recognition] - C:\windows\Speech\Common\sapisvr.exe [51712 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-337867050-3941853981-1478884236-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-337867050-3941853981-1478884236-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Judith\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.fanfiktion.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.fanfiktion.de
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\ggqcce0b.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Judith\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Judith\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Judith\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Judith\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Judith\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Judith\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HomePage: www.fanfiktion.de
CHR DefaultSearchKeyword: google
CHR DefaultSearchURL: hxxp://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Users\Judith\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Judith\AppData\Local\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Judith\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Judith\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U6) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.60.24) - C:\windows\system32\npDeployJava1.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Judith\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2013-10-29]
CHR Extension: (Ancient Map) - C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcjaemihddenoopkkhaamlcoliiiain [2013-02-22]
CHR Extension: (AdBlock) - C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-01-13]
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-08-25]
CHR Extension: (Google Wallet) - C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Click&Clean App) - C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2013-10-29]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Judith\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-08-24]

========================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
S2 ASUS InstantOn; C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe [92800 2011-12-01] (ASUS)
S2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-08-09] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-26] ()

==================== Drivers (Whitelisted) ====================

S1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] ()
S1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] ()
S2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [90400 2014-02-14] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [135648 2014-02-14] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-14] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
S1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-14] (Avira GmbH)
S3 ProcObsrv; \??\C:\Program Files\Glary Utilities 3\ProcObsrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-22 15:39 - 2014-03-22 15:39 - 00000000 ____D () C:\FRST
2014-03-22 15:21 - 2014-03-22 15:21 - 00142424 _____ () C:\windows\Minidump\032214-36083-01.dmp
2014-03-22 15:20 - 2014-03-22 15:20 - 189066333 _____ () C:\windows\MEMORY.DMP
2014-03-20 20:38 - 2014-03-20 20:38 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Nero
2014-03-20 20:21 - 2014-03-20 20:21 - 00000000 _____ () C:\windows\system32\shoDC4A.tmp
2014-03-20 19:27 - 2014-03-20 19:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-20 19:27 - 2014-03-20 19:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-20 19:03 - 2014-03-20 19:03 - 00278904 _____ () C:\windows\msxml4-KB954430-enu.LOG
2014-03-20 19:01 - 2014-03-20 19:02 - 00286030 _____ () C:\windows\msxml4-KB973688-enu.LOG
2014-03-20 19:01 - 2014-03-20 19:01 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-03-17 23:00 - 2014-03-17 23:00 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-17 22:31 - 2014-03-17 22:31 - 00001861 _____ () C:\Users\Public\Desktop\ANNO 1503 spielen.lnk
2014-03-17 22:21 - 2014-03-17 22:29 - 00000000 ____D () C:\Program Files\ANNO 1503
2014-03-17 21:59 - 2009-02-27 03:42 - 00031640 _____ (Microsoft Corporation) C:\windows\system32\msonpmon.dll
2014-03-17 21:55 - 2014-03-20 19:45 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-03-17 21:55 - 2014-03-17 21:55 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-03-17 21:45 - 2014-03-17 21:45 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-03-17 21:44 - 2014-03-17 21:55 - 00000000 ____D () C:\windows\SHELLNEW
2014-03-17 21:34 - 2014-03-17 21:34 - 00002055 _____ () C:\Users\Public\Desktop\Nero Kwik Media.lnk
2014-03-17 21:33 - 2014-03-17 21:33 - 00002823 _____ () C:\Users\Public\Desktop\Nero Express 12.lnk
2014-03-17 21:29 - 2014-03-17 21:33 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-03-17 21:28 - 2014-03-17 21:35 - 00000000 ____D () C:\Program Files\Nero
2014-03-17 21:27 - 2014-03-17 21:36 - 00000000 ____D () C:\ProgramData\Nero
2014-03-17 21:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2014-03-17 21:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2014-03-17 21:13 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2014-03-17 21:13 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2014-03-14 18:42 - 2014-03-14 18:42 - 00000000 ____D () C:\Users\Judith\AppData\Local\Skype
2014-03-14 18:40 - 2014-03-14 18:40 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-14 18:40 - 2014-03-14 18:40 - 00000000 ___RD () C:\Program Files\Skype
2014-03-14 18:40 - 2014-03-14 18:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-14 18:25 - 2014-03-20 20:21 - 00086200 _____ () C:\windows\PFRO.log
2014-03-13 16:29 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-13 16:29 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-13 16:29 - 2014-03-01 05:10 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-13 16:29 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-13 16:29 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-13 16:29 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-13 16:29 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-13 16:29 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-13 16:29 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-13 16:29 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-13 16:29 - 2014-03-01 04:38 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-13 16:29 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-13 16:29 - 2014-03-01 04:31 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-13 16:29 - 2014-03-01 04:25 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-13 16:29 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-13 16:29 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-13 16:29 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-13 16:29 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-13 16:29 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-13 16:29 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-13 16:29 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-13 16:29 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-13 16:28 - 2014-02-07 02:07 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-13 16:28 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-13 16:28 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-13 16:28 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-13 16:28 - 2014-01-28 03:07 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-05 20:49 - 2014-03-20 20:22 - 00000672 _____ () C:\windows\setupact.log
2014-03-05 20:49 - 2014-03-05 20:49 - 00000000 _____ () C:\windows\setuperr.log
2014-03-04 23:35 - 2014-03-04 23:35 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-03 22:30 - 2014-03-03 22:30 - 00524401 _____ () C:\Users\Judith\Downloads\magicactions_6.7.0.zip
2014-03-03 22:25 - 2014-03-03 22:25 - 00000000 ____D () C:\Users\Judith\AppData\Local\Macromedia
2014-03-03 22:22 - 2014-03-04 23:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-03 22:22 - 2014-03-03 22:22 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-03 22:22 - 2014-03-03 22:22 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-28 23:04 - 2014-02-28 23:04 - 00000000 ____D () C:\Users\Judith\AppData\Local\{18E3C246-D84A-45AA-9500-01E3E99D563D}
2014-02-28 14:26 - 2014-02-28 14:26 - 00011177 _____ () C:\Users\Judith\Documents\Konzept.odt
2014-02-27 16:15 - 2014-02-27 16:15 - 00020269 _____ () C:\Users\Judith\Documents\Zeitungsartikel.odt
2014-02-25 21:19 - 2014-02-25 21:33 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\TIPP10
2014-02-25 21:15 - 2014-02-25 21:15 - 00000937 _____ () C:\Users\Judith\Desktop\TIPP10.lnk
2014-02-25 21:15 - 2014-02-25 21:15 - 00000000 ____D () C:\Program Files\Tipp10
2014-02-25 20:20 - 2014-03-03 22:32 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-25 20:20 - 2014-02-25 20:20 - 00000000 ____D () C:\Users\Judith\AppData\Local\Mozilla
2014-02-25 20:20 - 2014-02-25 20:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-25 20:19 - 2014-03-14 18:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-25 20:19 - 2014-03-14 18:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-25 01:17 - 2014-02-25 01:17 - 00030261 _____ () C:\Users\Judith\Documents\RPG SW.odt
2014-02-20 17:28 - 2014-02-20 17:25 - 00069240 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys

==================== One Month Modified Files and Folders =======

2014-03-23 00:17 - 2014-02-19 17:51 - 00000000 ____D () C:\ProgramData\Avira
2014-03-23 00:17 - 2014-02-19 17:51 - 00000000 ____D () C:\Program Files\Avira
2014-03-23 00:17 - 2012-09-16 21:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-23 00:17 - 2012-08-23 18:04 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Skype
2014-03-23 00:17 - 2011-12-30 20:14 - 00000000 ___HD () C:\ExpressGateUtil
2014-03-23 00:17 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\wfp
2014-03-23 00:17 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\NDF
2014-03-23 00:17 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\registration
2014-03-23 00:17 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-22 15:39 - 2014-03-22 15:39 - 00000000 ____D () C:\FRST
2014-03-22 15:21 - 2014-03-22 15:21 - 00142424 _____ () C:\windows\Minidump\032214-36083-01.dmp
2014-03-22 15:21 - 2013-09-10 00:43 - 00000000 ____D () C:\windows\Minidump
2014-03-22 15:21 - 2012-08-23 17:06 - 00000000 ____D () C:\Users\Judith
2014-03-22 15:20 - 2014-03-22 15:20 - 189066333 _____ () C:\windows\MEMORY.DMP
2014-03-22 08:26 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\LogFiles
2014-03-20 20:38 - 2014-03-20 20:38 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Nero
2014-03-20 20:31 - 2012-08-24 08:55 - 01288578 _____ () C:\windows\WindowsUpdate.log
2014-03-20 20:27 - 2009-07-14 05:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 20:27 - 2009-07-14 05:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 20:26 - 2013-08-17 22:33 - 00000000 ___RD () C:\Users\Judith\Dropbox
2014-03-20 20:26 - 2013-08-17 22:26 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Dropbox
2014-03-20 20:25 - 2012-08-23 17:06 - 00113456 _____ () C:\Users\Judith\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-20 20:22 - 2014-03-05 20:49 - 00000672 _____ () C:\windows\setupact.log
2014-03-20 20:22 - 2012-10-21 20:02 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-20 20:22 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-20 20:22 - 2009-07-14 05:33 - 00420648 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-20 20:21 - 2014-03-20 20:21 - 00000000 _____ () C:\windows\system32\shoDC4A.tmp
2014-03-20 20:21 - 2014-03-14 18:25 - 00086200 _____ () C:\windows\PFRO.log
2014-03-20 20:04 - 2012-08-28 11:21 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-20 20:03 - 2012-10-21 20:02 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-20 19:49 - 2012-08-23 20:12 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337867050-3941853981-1478884236-1000UA.job
2014-03-20 19:45 - 2014-03-17 21:55 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-03-20 19:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-20 19:27 - 2014-03-20 19:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-20 19:27 - 2014-03-20 19:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-20 19:25 - 2009-07-14 03:04 - 00000478 _____ () C:\windows\win.ini
2014-03-20 19:22 - 2013-08-08 10:44 - 00000000 ____D () C:\windows\system32\MRT
2014-03-20 19:04 - 2012-09-01 15:27 - 87350280 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-20 19:03 - 2014-03-20 19:03 - 00278904 _____ () C:\windows\msxml4-KB954430-enu.LOG
2014-03-20 19:02 - 2014-03-20 19:01 - 00286030 _____ () C:\windows\msxml4-KB973688-enu.LOG
2014-03-20 19:01 - 2014-03-20 19:01 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-03-19 23:48 - 2012-08-23 20:12 - 00001072 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337867050-3941853981-1478884236-1000Core.job
2014-03-19 15:36 - 2014-02-09 15:44 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Mozilla
2014-03-18 19:59 - 2009-07-27 11:11 - 01652924 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-17 23:00 - 2014-03-17 23:00 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-17 22:31 - 2014-03-17 22:31 - 00001861 _____ () C:\Users\Public\Desktop\ANNO 1503 spielen.lnk
2014-03-17 22:29 - 2014-03-17 22:21 - 00000000 ____D () C:\Program Files\ANNO 1503
2014-03-17 22:21 - 2011-12-30 19:38 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-17 21:55 - 2014-03-17 21:55 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-03-17 21:55 - 2014-03-17 21:44 - 00000000 ____D () C:\windows\SHELLNEW
2014-03-17 21:55 - 2011-12-30 20:06 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-17 21:55 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-17 21:54 - 2011-12-30 19:49 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-03-17 21:45 - 2014-03-17 21:45 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-03-17 21:36 - 2014-03-17 21:27 - 00000000 ____D () C:\ProgramData\Nero
2014-03-17 21:36 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Cursors
2014-03-17 21:35 - 2014-03-17 21:28 - 00000000 ____D () C:\Program Files\Nero
2014-03-17 21:34 - 2014-03-17 21:34 - 00002055 _____ () C:\Users\Public\Desktop\Nero Kwik Media.lnk
2014-03-17 21:33 - 2014-03-17 21:33 - 00002823 _____ () C:\Users\Public\Desktop\Nero Express 12.lnk
2014-03-17 21:33 - 2014-03-17 21:29 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-03-16 23:10 - 2012-08-24 16:07 - 00000000 ___RD () C:\Users\Judith\Desktop\Wüstenwind
2014-03-15 12:42 - 2012-08-23 20:14 - 00002362 _____ () C:\Users\Judith\Desktop\Google Chrome.lnk
2014-03-14 18:42 - 2014-03-14 18:42 - 00000000 ____D () C:\Users\Judith\AppData\Local\Skype
2014-03-14 18:41 - 2012-08-23 18:04 - 00000000 ____D () C:\ProgramData\Skype
2014-03-14 18:40 - 2014-03-14 18:40 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-14 18:40 - 2014-03-14 18:40 - 00000000 ___RD () C:\Program Files\Skype
2014-03-14 18:40 - 2014-03-14 18:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-14 18:25 - 2014-02-25 20:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-14 18:25 - 2014-02-25 20:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-14 18:25 - 2011-12-30 19:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-11 22:04 - 2012-08-28 11:21 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-03-11 22:04 - 2011-12-30 19:55 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-05 20:49 - 2014-03-05 20:49 - 00000000 _____ () C:\windows\setuperr.log
2014-03-04 23:35 - 2014-03-04 23:35 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-04 23:35 - 2014-03-03 22:22 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-03 22:32 - 2014-02-25 20:20 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-03 22:30 - 2014-03-03 22:30 - 00524401 _____ () C:\Users\Judith\Downloads\magicactions_6.7.0.zip
2014-03-03 22:25 - 2014-03-03 22:25 - 00000000 ____D () C:\Users\Judith\AppData\Local\Macromedia
2014-03-03 22:22 - 2014-03-03 22:22 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-03 22:22 - 2014-03-03 22:22 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-03 22:22 - 2012-08-23 17:06 - 00000000 ____D () C:\Users\Judith\AppData\Local\Adobe
2014-03-02 19:03 - 2014-01-30 20:57 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Telegram Win (Unofficial)
2014-03-01 18:29 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-03-01 05:30 - 2014-03-13 16:29 - 17074688 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-01 05:11 - 2014-03-13 16:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-01 05:10 - 2014-03-13 16:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-01 04:52 - 2014-03-13 16:29 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-01 04:51 - 2014-03-13 16:29 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 16:29 - 02168320 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-01 04:43 - 2014-03-13 16:29 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 16:29 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-01 04:40 - 2014-03-13 16:29 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-01 04:38 - 2014-03-13 16:29 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-01 04:38 - 2014-03-13 16:29 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-01 04:37 - 2014-03-13 16:29 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-01 04:31 - 2014-03-13 16:29 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:25 - 2014-03-13 16:29 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-01 04:16 - 2014-03-13 16:29 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-01 04:14 - 2014-03-13 16:29 - 04244480 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-01 04:03 - 2014-03-13 16:29 - 00524288 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 16:29 - 01964032 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 16:29 - 11266048 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-01 03:32 - 2014-03-13 16:29 - 01820160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-01 03:27 - 2014-03-13 16:29 - 01156096 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-01 03:25 - 2014-03-13 16:29 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-28 23:04 - 2014-02-28 23:04 - 00000000 ____D () C:\Users\Judith\AppData\Local\{18E3C246-D84A-45AA-9500-01E3E99D563D}
2014-02-28 14:26 - 2014-02-28 14:26 - 00011177 _____ () C:\Users\Judith\Documents\Konzept.odt
2014-02-27 16:15 - 2014-02-27 16:15 - 00020269 _____ () C:\Users\Judith\Documents\Zeitungsartikel.odt
2014-02-25 21:33 - 2014-02-25 21:19 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\TIPP10
2014-02-25 21:15 - 2014-02-25 21:15 - 00000937 _____ () C:\Users\Judith\Desktop\TIPP10.lnk
2014-02-25 21:15 - 2014-02-25 21:15 - 00000000 ____D () C:\Program Files\Tipp10
2014-02-25 20:20 - 2014-02-25 20:20 - 00000000 ____D () C:\Users\Judith\AppData\Local\Mozilla
2014-02-25 20:20 - 2014-02-25 20:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-25 01:17 - 2014-02-25 01:17 - 00030261 _____ () C:\Users\Judith\Documents\RPG SW.odt
2014-02-20 17:25 - 2014-02-20 17:28 - 00069240 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys

Some content of TEMP:
====================
C:\Users\Judith\AppData\Local\Temp\avgnt.exe
C:\Users\Judith\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Judith\AppData\Local\Temp\SIntf16.dll
C:\Users\Judith\AppData\Local\Temp\SIntf32.dll
C:\Users\Judith\AppData\Local\Temp\SIntfNT.dll


==================== Bamital & volsnap Check =================

C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-21 01:29

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Judith at 2014-03-22 15:40:56
Running from D:\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
ANNO 1503 (HKLM\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version: 1.04.00 - )
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScreensaver (HKLM\...\{99E77016-BCF2-48C8-9119-43ECF5815F65}) (Version: 1.05 - AsusTek Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Broadcom Wireless Network Adapter (HKLM\...\{4FCBCF89-1823-4D97-A6F2-0E8DD66E273A}) (Version: 1.00.0000 - AzureWave)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.7 - AsusTek Computer)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.3.0 - AzureWave)
Eee Docking 3.10.5 (HKLM\...\Eee Docking_is1) (Version: 3.10.5 - ASUSTek Computer Inc.)
ExpressGateCloud (HKLM\...\InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.)
ExpressGateCloud (Version: 2.7.44.279 - VideACE Co.) Hidden
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
Galerie de photos Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.45 - AsusTek Computer Inc.)
InstantOn for EPC (HKLM\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.6 - ASUS)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1064 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.30 - AsusTek Computer Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Media Sharing (HKLM\...\{9042F9FE-43CB-4ACF-9978-F62235127F90}) (Version: 0.65.6 - ASUS)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp (Version: 12.0.3002 - Nero AG) Hidden
Nero BackItUp Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (Version: 12.0.14300 - Nero AG) Hidden
Nero BurnRights (Version: 12.0.5000 - Nero AG) Hidden
Nero BurnRights Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero ControlCenter (Version: 11.0.15300 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (Version: 11.0.18100 - Nero AG) Hidden
Nero CoverDesigner (Version: 12.0.9000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (Version: 12.0.2000 - Nero AG) Hidden
Nero DiscSpeed 11 (Version: 7.0.10400.2.100 - Nero AG) Hidden
Nero DiscSpeed Help (CHM) (Version: 12.0.1000 - Nero AG) Hidden
Nero Express (Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero InfoTool (Version: 12.0.3000 - Nero AG) Hidden
Nero InfoTool Help (CHM) (Version: 12.0.0002 - Nero AG) Hidden
Nero Kwik Media (Version: 1.18.18800 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (Version: 12.0.11500 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero12EssTSST (HKLM\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
OpenOffice.org 3.0 (HKLM\...\{04B45310-A5FE-4425-BFCA-1A6D8920DE74}) (Version: 3.0.9358 - OpenOffice.org)
potc fdk Screen Saver (HKLM\...\potc fdk) (Version:  - )
Prerequisite installer (Version: 12.0.0002 - Nero AG) Hidden
Raccolta foto di Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.19 - AsusTek Computer)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
Telegram Win (Unofficial) version 0.3.9 (HKCU\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.3.9 - Telegram (Unofficial))
TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

==================== Restore Points  =========================

20-03-2014 19:31:09 Windows Update
21-03-2014 21:53:18 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {30AE9083-D3AA-4B45-9C16-F333E7778AF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-21] (Google Inc.)
Task: {30BC452C-9A52-44E9-8F5B-CE9DCE3AF32D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-337867050-3941853981-1478884236-1000UA => C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {32C9566F-00F9-4623-A57C-12E651E52858} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-337867050-3941853981-1478884236-1000Core => C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {608454C6-E1C5-435F-8387-DF76BB0D32D2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {B5CE0995-16A4-4B45-977B-2F57E6F82E00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-21] (Google Inc.)
Task: {B7F64A1C-6124-4A8A-A7C5-B349E5446772} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337867050-3941853981-1478884236-1000Core.job => C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337867050-3941853981-1478884236-1000UA.job => C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-09-02 12:08 - 2010-09-02 12:08 - 00118784 _____ () C:\Program Files\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll
2014-03-15 12:41 - 2014-03-15 01:50 - 00051016 _____ () C:\Users\Judith\AppData\Local\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 12:41 - 2014-03-15 01:50 - 04061000 _____ () C:\Users\Judith\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 12:41 - 2014-03-15 01:50 - 00394568 _____ () C:\Users\Judith\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 12:41 - 2014-03-15 01:50 - 01647432 _____ () C:\Users\Judith\AppData\Local\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/21/2014 10:05:55 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/21/2014 03:31:24 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/21/2014 01:41:25 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/20/2014 08:00:40 PM) (Source: Application Hang) (User: )
Description: Programm avscan.exe, Version 14.0.3.332 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1534

Startzeit: 01cf43ca7ca46ba5

Endzeit: 0

Anwendungspfad: C:\Program Files\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: d9ef55ab-b061-11e3-8d5d-c86000506594

Error: (03/20/2014 07:24:26 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/18/2014 08:21:42 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 27.0.1.5156 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 76c

Startzeit: 01cf42d8daae5a0d

Endzeit: 3190

Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID: 6b95092d-aed2-11e3-8d5d-c86000506594

Error: (03/17/2014 11:50:36 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/17/2014 09:12:09 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {cc0c04cf-ef41-46e0-8be5-927149c2ad52}

Error: (03/17/2014 07:31:32 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/16/2014 11:49:39 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005


System errors:
=============
Error: (03/22/2014 03:40:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/22/2014 03:40:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/22/2014 03:40:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/22/2014 03:40:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/22/2014 03:40:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/22/2014 03:40:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/22/2014 03:38:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/22/2014 03:38:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/22/2014 03:38:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/22/2014 03:38:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 1011.94 MB
Available physical RAM: 397.25 MB
Total Pagefile: 2035.94 MB
Available Pagefile: 1423.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:67.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:183.07 GB) (Free:181.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: A8D6F410)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-22 16:13:17
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST932032 rev.0003 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Judith\AppData\Local\Temp\fwdiqpod.sys


---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                         82258A15 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                           82292212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                          Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                          Wdf01000.sys

Device          \FileSystem\fastfat \Fat                                                                         8A2EA130

AttachedDevice  \FileSystem\fastfat \Fat                                                                         fltmgr.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e                      
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\742f68d61fa9                      
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\742f68d61fa9 (not active ControlSet)  

---- EOF - GMER 2.1 ----
         

Alt 22.03.2014, 16:29   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



hi,

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
LastRegBack: 2014-03-21 01:29
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________

__________________

Alt 22.03.2014, 16:35   #3
Jokergirl
 
Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014  01
Ran by Judith at 2014-03-22 17:34:48 Run:1
Running from D:\Downloads
Boot Mode: Safe Mode (with Networking)

==============================================

Content of fixlist:
*****************
LastRegBack: 2014-03-21 01:29
*****************

Error: The restore operation should be done in the recovery mode.

==== End of Fixlog ====
         
__________________

Alt 23.03.2014, 10:14   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Oh Mann

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.03.2014, 11:38   #5
Jokergirl
 
Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Bitteschön:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by SYSTEM on MININT-M4GG99J on 23-03-2014 12:32:22
Running from E:\
Windows 7 Starter (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GfxServiceInstall] - C:\windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-12] ()
HKLM\...\Run: [HotkeyMon] - C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe [101800 2011-08-08] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] - C:\Program Files\ASUS\HotkeyService\HotkeyService.exe [1263024 2011-08-08] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] - C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [425400 2011-08-01] (ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] - C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-11-10] (AsusTek Computer Inc.)
HKLM\...\Run: [CapsHook] - C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUS)
HKLM\...\Run: [Eee Docking] - C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [417456 2011-07-13] (ASUSTek Computer Inc.)
HKLM\...\Run: [ASUSWebStorage] - C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM\...\Run: [VAWinAgent] - C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-08-19] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10828392 2011-09-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2262312 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-01] (Oracle Corporation)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\Default\...\RunOnce: [Reboot] - C:\Windows\Reboot.exe [92096 2010-12-12] (AsusTek Computer Inc.)
HKU\Default\...\RunOnce: [AskScreensaver] - C:\Program Files\Asus\AsusScreensaver\AsusScreensaver.exe [797104 2011-01-26] (AsusTek Computer Inc.)
HKU\Default User\...\RunOnce: [Reboot] - C:\Windows\Reboot.exe [92096 2010-12-12] (AsusTek Computer Inc.)
HKU\Default User\...\RunOnce: [AskScreensaver] - C:\Program Files\Asus\AsusScreensaver\AsusScreensaver.exe [797104 2011-01-26] (AsusTek Computer Inc.)
HKU\Judith\...\Run: [Google Update] - C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-23] (Google Inc.)
HKU\Judith\...\Run: [Speech Recognition] - C:\windows\Speech\Common\sapisvr.exe [51712 2009-07-13] (Microsoft Corporation)
HKU\Judith\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\Judith\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

========================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
S2 ASUS InstantOn; C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe [92800 2011-11-30] (ASUS)
S2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-08-08] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-15] (McAfee, Inc.)
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-25] ()

==================== Drivers (Whitelisted) ====================

S1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11456 2010-06-27] ()
S1 AsUpIO; C:\Windows\System32\drivers\AsUpIO.sys [11832 2010-08-02] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2014-02-14] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2014-02-14] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-14] (Avira GmbH)
S3 ProcObsrv; \??\C:\Program Files\Glary Utilities 3\ProcObsrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-22 11:15 - 2014-03-22 11:15 - 00000000 ____D () C:\Windows\Sun
2014-03-22 08:33 - 2014-03-22 08:33 - 00000029 _____ () C:\Users\Judith\Desktop\Fixlist.txt
2014-03-22 07:13 - 2014-03-22 07:13 - 00001780 _____ () C:\Users\Judith\Desktop\GMER.txt
2014-03-22 06:42 - 2014-03-22 06:42 - 00033659 _____ () C:\Users\Judith\Desktop\FRST.txt
2014-03-22 06:42 - 2014-03-22 06:42 - 00025408 _____ () C:\Users\Judith\Desktop\Addition.txt
2014-03-22 06:39 - 2014-03-23 12:32 - 00000000 ____D () C:\FRST
2014-03-22 06:21 - 2014-03-22 06:21 - 00142424 _____ () C:\Windows\Minidump\032214-36083-01.dmp
2014-03-22 06:20 - 2014-03-22 06:20 - 189066333 _____ () C:\Windows\MEMORY.DMP
2014-03-20 11:38 - 2014-03-20 11:38 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Nero
2014-03-20 11:21 - 2014-03-20 11:21 - 00000000 _____ () C:\Windows\System32\shoDC4A.tmp
2014-03-20 10:27 - 2014-03-20 10:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-20 10:27 - 2014-03-20 10:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-20 10:03 - 2014-03-20 10:03 - 00278904 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-03-20 10:01 - 2014-03-20 10:02 - 00286030 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-03-20 10:01 - 2014-03-20 10:01 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-03-17 13:31 - 2014-03-17 13:31 - 00001861 _____ () C:\Users\Public\Desktop\ANNO 1503 spielen.lnk
2014-03-17 13:21 - 2014-03-17 13:29 - 00000000 ____D () C:\Program Files\ANNO 1503
2014-03-17 12:59 - 2009-02-26 18:42 - 00031640 _____ (Microsoft Corporation) C:\Windows\System32\msonpmon.dll
2014-03-17 12:55 - 2014-03-20 10:45 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-03-17 12:55 - 2014-03-17 12:55 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-03-17 12:45 - 2014-03-17 12:45 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-03-17 12:44 - 2014-03-17 12:55 - 00000000 ____D () C:\Windows\SHELLNEW
2014-03-17 12:34 - 2014-03-17 12:34 - 00002055 _____ () C:\Users\Public\Desktop\Nero Kwik Media.lnk
2014-03-17 12:33 - 2014-03-17 12:33 - 00002823 _____ () C:\Users\Public\Desktop\Nero Express 12.lnk
2014-03-17 12:29 - 2014-03-17 12:33 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-03-17 12:28 - 2014-03-17 12:35 - 00000000 ____D () C:\Program Files\Nero
2014-03-17 12:27 - 2014-03-17 12:36 - 00000000 ____D () C:\ProgramData\Nero
2014-03-17 12:14 - 2010-05-26 02:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2014-03-17 12:14 - 2010-05-26 02:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2014-03-17 12:13 - 2010-05-26 02:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2014-03-17 12:13 - 2010-05-26 02:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2014-03-14 09:42 - 2014-03-14 09:42 - 00000000 ____D () C:\Users\Judith\AppData\Local\Skype
2014-03-14 09:40 - 2014-03-14 09:40 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-14 09:40 - 2014-03-14 09:40 - 00000000 ___RD () C:\Program Files\Skype
2014-03-14 09:40 - 2014-03-14 09:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-14 09:25 - 2014-03-20 11:21 - 00086200 _____ () C:\Windows\PFRO.log
2014-03-13 07:29 - 2014-02-28 20:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-03-13 07:29 - 2014-02-28 20:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-03-13 07:29 - 2014-02-28 20:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-03-13 07:29 - 2014-02-28 19:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-03-13 07:29 - 2014-02-28 19:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-03-13 07:29 - 2014-02-28 19:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-03-13 07:29 - 2014-02-28 19:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-03-13 07:29 - 2014-02-28 19:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-03-13 07:29 - 2014-02-28 19:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-03-13 07:29 - 2014-02-28 19:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-03-13 07:29 - 2014-02-28 19:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-03-13 07:29 - 2014-02-28 19:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-03-13 07:29 - 2014-02-28 19:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-13 07:29 - 2014-02-28 19:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-03-13 07:29 - 2014-02-28 19:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-03-13 07:29 - 2014-02-28 19:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-03-13 07:29 - 2014-02-28 19:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-03-13 07:29 - 2014-02-28 19:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-03-13 07:29 - 2014-02-28 18:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-03-13 07:29 - 2014-02-28 18:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-03-13 07:29 - 2014-02-28 18:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-03-13 07:29 - 2014-02-28 18:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-03-13 07:28 - 2014-02-06 17:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-03-13 07:28 - 2014-02-03 18:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-03-13 07:28 - 2014-02-03 18:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-03-13 07:28 - 2014-01-28 18:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-03-13 07:28 - 2014-01-27 18:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2014-03-05 11:49 - 2014-03-20 11:22 - 00000672 _____ () C:\Windows\setupact.log
2014-03-05 11:49 - 2014-03-05 11:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-04 14:35 - 2014-03-04 14:35 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-03 13:30 - 2014-03-03 13:30 - 00524401 _____ () C:\Users\Judith\Downloads\magicactions_6.7.0.zip
2014-03-03 13:25 - 2014-03-03 13:25 - 00000000 ____D () C:\Users\Judith\AppData\Local\Macromedia
2014-03-03 13:22 - 2014-03-04 14:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-03 13:22 - 2014-03-03 13:22 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-03 13:22 - 2014-03-03 13:22 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-28 14:04 - 2014-02-28 14:04 - 00000000 ____D () C:\Users\Judith\AppData\Local\{18E3C246-D84A-45AA-9500-01E3E99D563D}
2014-02-28 05:26 - 2014-02-28 05:26 - 00011177 _____ () C:\Users\Judith\Documents\Konzept.odt
2014-02-27 07:15 - 2014-02-27 07:15 - 00020269 _____ () C:\Users\Judith\Documents\Zeitungsartikel.odt
2014-02-25 12:19 - 2014-02-25 12:33 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\TIPP10
2014-02-25 12:15 - 2014-02-25 12:15 - 00000937 _____ () C:\Users\Judith\Desktop\TIPP10.lnk
2014-02-25 12:15 - 2014-02-25 12:15 - 00000000 ____D () C:\Program Files\Tipp10
2014-02-25 11:20 - 2014-03-03 13:32 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-25 11:20 - 2014-02-25 11:20 - 00000000 ____D () C:\Users\Judith\AppData\Local\Mozilla
2014-02-25 11:20 - 2014-02-25 11:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-25 11:19 - 2014-03-14 09:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-25 11:19 - 2014-03-14 09:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-24 16:17 - 2014-02-24 16:17 - 00030261 _____ () C:\Users\Judith\Documents\RPG SW.odt

==================== One Month Modified Files and Folders =======

2014-03-23 12:32 - 2014-03-22 06:39 - 00000000 ____D () C:\FRST
2014-03-23 03:24 - 2009-07-27 02:11 - 01652924 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-23 03:17 - 2009-07-13 20:33 - 00420736 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-03-22 15:17 - 2014-02-19 08:51 - 00000000 ____D () C:\ProgramData\Avira
2014-03-22 15:17 - 2014-02-19 08:51 - 00000000 ____D () C:\Program Files\Avira
2014-03-22 15:17 - 2012-09-16 12:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-22 15:17 - 2012-08-23 09:04 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Skype
2014-03-22 15:17 - 2011-12-30 11:14 - 00000000 ___HD () C:\ExpressGateUtil
2014-03-22 15:17 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\wfp
2014-03-22 15:17 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\NDF
2014-03-22 15:17 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
2014-03-22 15:17 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-22 11:15 - 2014-03-22 11:15 - 00000000 ____D () C:\Windows\Sun
2014-03-22 08:44 - 2014-01-30 11:57 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Telegram Win (Unofficial)
2014-03-22 08:33 - 2014-03-22 08:33 - 00000029 _____ () C:\Users\Judith\Desktop\Fixlist.txt
2014-03-22 07:13 - 2014-03-22 07:13 - 00001780 _____ () C:\Users\Judith\Desktop\GMER.txt
2014-03-22 06:42 - 2014-03-22 06:42 - 00033659 _____ () C:\Users\Judith\Desktop\FRST.txt
2014-03-22 06:42 - 2014-03-22 06:42 - 00025408 _____ () C:\Users\Judith\Desktop\Addition.txt
2014-03-22 06:21 - 2014-03-22 06:21 - 00142424 _____ () C:\Windows\Minidump\032214-36083-01.dmp
2014-03-22 06:21 - 2013-09-09 15:43 - 00000000 ____D () C:\Windows\Minidump
2014-03-22 06:21 - 2012-08-23 08:06 - 00000000 ____D () C:\users\Judith
2014-03-22 06:20 - 2014-03-22 06:20 - 189066333 _____ () C:\Windows\MEMORY.DMP
2014-03-21 23:26 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\LogFiles
2014-03-20 11:38 - 2014-03-20 11:38 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Nero
2014-03-20 11:31 - 2012-08-23 23:55 - 01288578 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 11:27 - 2009-07-13 20:34 - 00009696 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 11:27 - 2009-07-13 20:34 - 00009696 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 11:26 - 2013-08-17 13:33 - 00000000 ___RD () C:\Users\Judith\Dropbox
2014-03-20 11:26 - 2013-08-17 13:26 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Dropbox
2014-03-20 11:25 - 2012-08-23 08:06 - 00113456 _____ () C:\Users\Judith\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-20 11:22 - 2014-03-05 11:49 - 00000672 _____ () C:\Windows\setupact.log
2014-03-20 11:21 - 2014-03-20 11:21 - 00000000 _____ () C:\Windows\System32\shoDC4A.tmp
2014-03-20 11:21 - 2014-03-14 09:25 - 00086200 _____ () C:\Windows\PFRO.log
2014-03-20 10:45 - 2014-03-17 12:55 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-03-20 10:45 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-20 10:27 - 2014-03-20 10:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-20 10:27 - 2014-03-20 10:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-20 10:25 - 2009-07-13 18:04 - 00000478 _____ () C:\Windows\win.ini
2014-03-20 10:22 - 2013-08-08 01:44 - 00000000 ____D () C:\Windows\System32\MRT
2014-03-20 10:04 - 2012-09-01 06:27 - 87350280 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-03-20 10:03 - 2014-03-20 10:03 - 00278904 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-03-20 10:02 - 2014-03-20 10:01 - 00286030 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-03-20 10:01 - 2014-03-20 10:01 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-03-19 06:36 - 2014-02-09 06:44 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\Mozilla
2014-03-17 13:31 - 2014-03-17 13:31 - 00001861 _____ () C:\Users\Public\Desktop\ANNO 1503 spielen.lnk
2014-03-17 13:29 - 2014-03-17 13:21 - 00000000 ____D () C:\Program Files\ANNO 1503
2014-03-17 13:21 - 2011-12-30 10:38 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-17 12:55 - 2014-03-17 12:55 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-03-17 12:55 - 2014-03-17 12:44 - 00000000 ____D () C:\Windows\SHELLNEW
2014-03-17 12:55 - 2011-12-30 11:06 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-17 12:55 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-17 12:54 - 2011-12-30 10:49 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-03-17 12:45 - 2014-03-17 12:45 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-03-17 12:36 - 2014-03-17 12:27 - 00000000 ____D () C:\ProgramData\Nero
2014-03-17 12:36 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Cursors
2014-03-17 12:35 - 2014-03-17 12:28 - 00000000 ____D () C:\Program Files\Nero
2014-03-17 12:34 - 2014-03-17 12:34 - 00002055 _____ () C:\Users\Public\Desktop\Nero Kwik Media.lnk
2014-03-17 12:33 - 2014-03-17 12:33 - 00002823 _____ () C:\Users\Public\Desktop\Nero Express 12.lnk
2014-03-17 12:33 - 2014-03-17 12:29 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-03-16 14:10 - 2012-08-24 07:07 - 00000000 ___RD () C:\Users\Judith\Desktop\Wüstenwind
2014-03-15 03:42 - 2012-08-23 11:14 - 00002362 _____ () C:\Users\Judith\Desktop\Google Chrome.lnk
2014-03-14 09:42 - 2014-03-14 09:42 - 00000000 ____D () C:\Users\Judith\AppData\Local\Skype
2014-03-14 09:41 - 2012-08-23 09:04 - 00000000 ____D () C:\ProgramData\Skype
2014-03-14 09:40 - 2014-03-14 09:40 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-14 09:40 - 2014-03-14 09:40 - 00000000 ___RD () C:\Program Files\Skype
2014-03-14 09:40 - 2014-03-14 09:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-14 09:25 - 2014-02-25 11:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-14 09:25 - 2014-02-25 11:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-14 09:25 - 2011-12-30 10:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-11 13:04 - 2012-08-28 02:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-03-11 13:04 - 2011-12-30 10:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-03-05 11:49 - 2014-03-05 11:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-04 14:35 - 2014-03-04 14:35 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-04 14:35 - 2014-03-03 13:22 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-03 13:32 - 2014-02-25 11:20 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-03 13:30 - 2014-03-03 13:30 - 00524401 _____ () C:\Users\Judith\Downloads\magicactions_6.7.0.zip
2014-03-03 13:25 - 2014-03-03 13:25 - 00000000 ____D () C:\Users\Judith\AppData\Local\Macromedia
2014-03-03 13:22 - 2014-03-03 13:22 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-03 13:22 - 2014-03-03 13:22 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-03 13:22 - 2012-08-23 08:06 - 00000000 ____D () C:\Users\Judith\AppData\Local\Adobe
2014-03-01 09:29 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-28 20:30 - 2014-03-13 07:29 - 17074688 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-02-28 20:11 - 2014-03-13 07:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-02-28 20:10 - 2014-03-13 07:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-02-28 19:52 - 2014-03-13 07:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-02-28 19:51 - 2014-03-13 07:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-02-28 19:47 - 2014-03-13 07:29 - 02168320 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-02-28 19:43 - 2014-03-13 07:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-02-28 19:43 - 2014-03-13 07:29 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-02-28 19:40 - 2014-03-13 07:29 - 00440832 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-02-28 19:38 - 2014-03-13 07:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-02-28 19:38 - 2014-03-13 07:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-02-28 19:37 - 2014-03-13 07:29 - 00553472 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-02-28 19:31 - 2014-03-13 07:29 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-02-28 19:25 - 2014-03-13 07:29 - 00208896 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-02-28 19:16 - 2014-03-13 07:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-02-28 19:14 - 2014-03-13 07:29 - 04244480 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-02-28 19:03 - 2014-03-13 07:29 - 00524288 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-02-28 19:00 - 2014-03-13 07:29 - 01964032 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-02-28 18:57 - 2014-03-13 07:29 - 11266048 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-02-28 18:32 - 2014-03-13 07:29 - 01820160 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-02-28 18:27 - 2014-03-13 07:29 - 01156096 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-02-28 18:25 - 2014-03-13 07:29 - 00703488 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-02-28 14:04 - 2014-02-28 14:04 - 00000000 ____D () C:\Users\Judith\AppData\Local\{18E3C246-D84A-45AA-9500-01E3E99D563D}
2014-02-28 05:26 - 2014-02-28 05:26 - 00011177 _____ () C:\Users\Judith\Documents\Konzept.odt
2014-02-27 07:15 - 2014-02-27 07:15 - 00020269 _____ () C:\Users\Judith\Documents\Zeitungsartikel.odt
2014-02-25 12:33 - 2014-02-25 12:19 - 00000000 ____D () C:\Users\Judith\AppData\Roaming\TIPP10
2014-02-25 12:15 - 2014-02-25 12:15 - 00000937 _____ () C:\Users\Judith\Desktop\TIPP10.lnk
2014-02-25 12:15 - 2014-02-25 12:15 - 00000000 ____D () C:\Program Files\Tipp10
2014-02-25 11:20 - 2014-02-25 11:20 - 00000000 ____D () C:\Users\Judith\AppData\Local\Mozilla
2014-02-25 11:20 - 2014-02-25 11:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-24 16:17 - 2014-02-24 16:17 - 00030261 _____ () C:\Users\Judith\Documents\RPG SW.odt

Some content of TEMP:
====================
C:\Users\Judith\AppData\Local\Temp\avgnt.exe
C:\Users\Judith\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Judith\AppData\Local\Temp\SIntf16.dll
C:\Users\Judith\AppData\Local\Temp\SIntf32.dll
C:\Users\Judith\AppData\Local\Temp\SIntfNT.dll


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-03-20 11:31:40
Restore point made on: 2014-03-21 13:53:51

==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 1011.94 MB
Available physical RAM: 638.3 MB
Total Pagefile: 1011.94 MB
Available Pagefile: 630.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:66.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:183.07 GB) (Free:181.46 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:0.93 GB) (Free:0.74 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: A8D6F410)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 954 MB) (Disk ID: 2F5164D1)
Partition 1: (Not Active) - (Size=954 MB) - (Type=06)


LastRegBack: 2014-03-20 16:29

==================== End Of Log ============================
         
--- --- ---


Alt 24.03.2014, 09:29   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
LastRegBack: 2014-03-20 16:29
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________
--> Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)

Alt 24.03.2014, 17:01   #7
Jokergirl
 
Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Ich habe jetzt gerade das Netbook angemacht und es startet, als wäre nichts gewesen..
soll ich den Scan trotzdem durchführen?

Alt 25.03.2014, 11:11   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Nö, lass

teste mal ob alles läuft.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.03.2014, 17:04   #9
Jokergirl
 
Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Also soweit ich das sehe läuft alles. Allerdings sind die Updates jetzt wieder verfügbar. Was soll ich damit machen?

Alt 26.03.2014, 10:22   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



welche genau? KB Nummer?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.03.2014, 17:42   #11
Jokergirl
 
Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



optionale Updates:
Microsoft.NET Framework 4.5.1 Sprachpakete KB:2858725
Atheros Communications Inc Network Software (keine KB)
Updates für Windows 7
KBs: 2574819
2592687
2709981
2830477
Bing-Desktop (keine KB)

wichtige Updates:
Office-Live add-in 1.5
Microsoft Office File Valiation Add-in

Das sind jetzt allerdings andere als vor ein paar Tagen

Alt 27.03.2014, 11:21   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Kannste machen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.03.2014, 17:13   #13
Jokergirl
 
Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Ist erledigt. Aber was soll ich tun, wenn die anderen Updates wieder verfügbar sind?

Alt 28.03.2014, 09:34   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Naja, ich würd allgemein umstellen auf "downloaden, aber nicht manuell installieren". Wenn Du dann siehst Updates sind da, Rechner neu starten, am besten in den abgesicherten Modus, Systemwiderherstellungspunkt anlegen, dann die Updates installieren.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.03.2014, 22:30   #15
Jokergirl
 
Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Standard

Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)



Werd ich so machen. Vielen Dank für die schnelle Hilfe

Antwort

Themen zu Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)
antivir, avira, bildschirm, browser, computer, converter, desktop, device driver, down, dvdvideosoft ltd., email, error, excel, flash player, google, helper, homepage, minidump, mp3, problem, programm, realtek, security, software, starten, svchost.exe, updates, windows



Ähnliche Themen: Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)


  1. Win7 Updates nach Crash nicht mehr möglich.
    Antiviren-, Firewall- und andere Schutzprogramme - 23.08.2015 (25)
  2. PC startet nach Windows Updates nicht mehr
    Alles rund um Windows - 17.03.2015 (10)
  3. Trojaner-Verdacht: Microsoft Office Starter Update
    Log-Analyse und Auswertung - 23.08.2014 (7)
  4. Microsoft: Keine Updates mehr für ältere Internet Explorer
    Nachrichten - 08.08.2014 (0)
  5. Windows 8.1 macht nach Vierenbefall/Trojaner keine Updates mehr
    Log-Analyse und Auswertung - 06.08.2014 (11)
  6. Avast funktioniert nach Win-Updates nicht mehr ?
    Antiviren-, Firewall- und andere Schutzprogramme - 17.02.2014 (2)
  7. Fragen zu Windows/Microsoft Updates etc.
    Alles rund um Windows - 17.09.2013 (4)
  8. Win7 lässt sich nach automatischen Updates nicht mehr starten
    Log-Analyse und Auswertung - 16.08.2013 (5)
  9. Windows XP Updates nicht mehr möglich /Windows Firewall ist immer beim Start deaktiviert
    Antiviren-, Firewall- und andere Schutzprogramme - 26.05.2013 (82)
  10. Automatische Windows Updates funktionieren nicht mehr!
    Log-Analyse und Auswertung - 27.09.2012 (7)
  11. Probleme mit Opera und Microsoft-Windows-Updates
    Log-Analyse und Auswertung - 21.04.2012 (12)
  12. Windows XP startet nach aut. Updates nicht mehr
    Alles rund um Windows - 05.08.2010 (11)
  13. Windows Updates Funktionieren nicht und andere Updates.
    Log-Analyse und Auswertung - 10.04.2009 (21)
  14. keine Windows Updates mehr möglich / statt update.microsoft.com öffnet sich google
    Log-Analyse und Auswertung - 17.02.2009 (5)
  15. Antivir und Windows Defender updates nicht mehr möglich nach Trojaner
    Log-Analyse und Auswertung - 31.01.2009 (0)
  16. Windows updates funzen nicht mehr!
    Antiviren-, Firewall- und andere Schutzprogramme - 11.04.2007 (5)

Zum Thema Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) - Hallo mein Freund hat mir diese Seite empfohlen und ich hoffe ihr könnt mir helfen. Ich habe folgendes Problem: Gestern war ich mit meinem Netbook (ASUS Eee Pc Seashell mit - Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)...
Archiv
Du betrachtest: Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.