Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Softwareinstallation blokiert.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.09.2014, 10:46   #1
hellraiser88
 
Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Hallo Forum,

ich habe forgendes Problem:

Seit einiger Zeit ist es nicht mehr möglich Programme auf meinem PC zu installierten (Windows7), wenn ich es versuche kommt immer folgende Fehlermeldung:

Der angegeben Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktiven Geräten verbunden.

Was ich alles versucht habe:
Starten Abgesicherter Modus, Starten ohne Netzwerkverbindung, PC durchsuchen lassen mit AVIRA und ThreatFIRE (waren installiert) und den PC starten lassen mit verschiedenen RESCURE CD's (AVG, AVIRA und Kaspersky) jedoch ohne Fund und Erfolg.

Was ich noch festgestellt habe:
Programme die installiert waren z.b: (Malwarebytes, Avira, ThreatFire und Spybot - Search & Destroy) funktionieren nicht richtig oder garnicht mehr und sie lassen sich auch nicht mehr deinstallieren folgende Fehlermeldung tritt auf (Bei der Deinstallation von ..... ist ein Fehler aufgetreten. Möglicherweise wurde es bereits deinstalliert. Möchten Sie ..... aus der Liste der Programme und Funktionen entfernen?) wenn man bestätigt bleibt es trotzdem in der Liste.

Ansonsten funktioniert die übrigen Programme normal bzw es ist mir noch nichts anderes aufgefallen.

Hat jemand eine Idee was ich noch versuchen oder machen kann?

Vielen Dank im voraus für eure Hilfe

Alt 18.09.2014, 10:52   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 18.09.2014, 11:03   #3
hellraiser88
 
Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Hallo Schrauber,

danke für die schnelle Antwort.

Ich hab das Programm auf meinen Desktop runtergeladen.

Es erscheindt folgende schon bekannte Fehlermeldung wenn ich das Programm ausführen will (Bild im Anhang)
__________________
Miniaturansicht angehängter Grafiken
Softwareinstallation blokiert.-unbenannt.jpg  

Geändert von hellraiser88 (18.09.2014 um 11:24 Uhr)

Alt 18.09.2014, 17:34   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Dann von aussen:

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.09.2014, 11:50   #5
hellraiser88
 
Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Hallo Schrauber,

das hat auf den 2 Versuch funktioniert.
Meine Tastatur via USB ist im Explorer blokiert. Mit einer konventionellen hat es aber geklappt.


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by SYSTEM on MININT-VJN11OC on 19-09-2014 11:33:00
Running from I:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monito
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-04-11] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-11-26] (Filefacts.net)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [480648 2014-04-01] (Autodesk Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2011-04-01] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [messenger.exe] => C:\Program Files (x86)\Common Files\Microsoft Shared\Web Components\messenger.exe
HKLM-x32\...\Run: [ThreatFire] => C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\Michaelis Sebastian\...\Run: [Akamai NetSession Interface] => C:\Users\Michaelis Sebastian\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
HKU\Michaelis Sebastian\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-05-28] (Samsung)
HKU\Michaelis Sebastian\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\Michaelis Sebastian\...\Run: [SearchProtection] => "C:\Users\Michaelis Sebastian\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
HKU\Michaelis Sebastian\...\Run: [BitTorrent] => C:\Users\Michaelis Sebastian\AppData\Roaming\BitTorrent\BitTorrent.exe [1417048 2014-09-15] (BitTorrent Inc.)
HKU\Michaelis Sebastian\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\Michaelis Sebastian\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473464 2014-03-17] (TomTom)
HKU\Michaelis Sebastian\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\Michaelis Sebastian\...\Policies\Explorer: [] 
BootExecute: autocheck autochk * sdnclean64.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
S4 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20542408 2014-04-02] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe [70928 2011-02-22] (PC Tools)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [191224 2014-05-14] (HID Global Corporation)
S1 HWiNFO32; C:\windows\system32\drivers\HWiNFO64A.SYS [31648 2014-04-18] (REALiX(tm))
S0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24496 2011-12-19] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [637360 2011-12-19] (Intel Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 PciIsaSerial; C:\Windows\system32\drivers\PciIsaSerial.sys [68608 2008-12-19] (Windows (R) Codename Longhorn DDK provider)
S3 PciPPorts; C:\Windows\system32\drivers\PciPPorts.sys [96768 2009-07-23] ()
S3 PciSPorts; C:\Windows\system32\drivers\PciSPorts.sys [122880 2008-12-19] ()
S0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [65072 2011-02-22] (PC Tools)
S3 TfNetMon; C:\windows\system32\drivers\TfNetMon.sys [41888 2011-02-22] (PC Tools)
S0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [223744 2013-03-19] (VIA Technologies, Inc.)
S3 VUSBSTOR; C:\Windows\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [295424 2013-03-19] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 18:19 - 2014-09-18 18:19 - 00003352 ____N () C:\bootsqm.dat
2014-09-18 18:19 - 2014-09-18 18:19 - 00000000 __SHD () C:\found.000
2014-09-18 12:48 - 2014-09-18 12:48 - 00000293 _____ () C:\Users\Michaelis Sebastian\Desktop\Tickets für Konzerte, Theater & Sport Karten kaufen bei Ticketmaster title script language=JavaScriptfunction querySt(ji) { .URL
2014-09-18 12:11 - 2014-09-18 12:12 - 05578824 _____ (Swearware) C:\Users\Michaelis Sebastian\Downloads\ComboFix.exe
2014-09-18 07:08 - 2014-09-18 09:22 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\mbar
2014-09-18 07:08 - 2014-09-18 07:08 - 13786977 _____ () C:\Users\Michaelis Sebastian\Desktop\mbar-1.01.0.1021.zip
2014-09-18 07:06 - 2014-09-18 07:06 - 02105856 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST64.exe
2014-09-17 14:42 - 2014-09-18 18:14 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-09-17 13:51 - 2014-09-17 13:52 - 149527616 _____ () C:\Users\Michaelis Sebastian\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-16 10:21 - 2014-09-16 10:21 - 00000296 _____ () C:\Users\Michaelis Sebastian\Desktop\Software gegen alles Die 50 besten Anti-Tools - Bilder - CHIP.URL
2014-09-16 10:09 - 2014-09-16 10:09 - 00900949 _____ (Florian Schwarz ) C:\Users\Michaelis Sebastian\Downloads\BetterDesktopTool_1.8.exe
2014-09-16 08:12 - 2014-09-16 08:12 - 01097728 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST.exe
2014-09-16 08:00 - 2014-09-16 08:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-16 07:47 - 2014-09-16 07:47 - 03332652 _____ () C:\Users\Michaelis Sebastian\Downloads\setupLMPC.exe
2014-09-16 07:47 - 2014-09-16 07:47 - 02057027 _____ () C:\Users\Michaelis Sebastian\Downloads\LookInMyPC.zip
2014-09-16 07:47 - 2012-11-24 19:34 - 04241408 _____ (CYBERsitter LLC/Solid Oak Software) C:\Users\Michaelis Sebastian\Downloads\LookInMyPC.exe
2014-09-16 07:47 - 2010-03-02 16:57 - 00006410 _____ () C:\Users\Michaelis Sebastian\Downloads\License.txt
2014-09-16 07:42 - 2014-09-16 07:42 - 05176232 _____ (F-Secure Corporation) C:\Users\Michaelis Sebastian\Downloads\F-SecureOnlineScanner.exe
2014-09-16 07:42 - 2014-09-16 07:42 - 00000000 ____D () C:\ProgramData\F-Secure
2014-09-16 07:41 - 2014-09-16 07:41 - 11534336 _____ () C:\Users\Michaelis Sebastian\Downloads\msert.exe
2014-09-16 07:29 - 2014-09-16 07:29 - 45870584 _____ (Belgian Government) C:\Users\Michaelis Sebastian\Downloads\eID-QuickInstaller-407-7453-signed_tcm444-246722.exe
2014-09-15 11:25 - 2014-09-17 16:06 - 03603098 _____ () C:\Users\Michaelis Sebastian\Desktop\Übung 02.bak
2014-09-15 11:11 - 2014-09-17 16:16 - 04460707 _____ () C:\Users\Michaelis Sebastian\Desktop\Übung 02.dwg
2014-09-12 17:47 - 2014-08-19 19:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-09-12 17:47 - 2014-08-19 18:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 17:47 - 2014-08-19 00:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-09-12 17:47 - 2014-08-18 23:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-09-12 17:47 - 2014-08-18 23:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-09-12 17:47 - 2014-08-18 23:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 17:47 - 2014-08-18 23:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-09-12 17:47 - 2014-08-18 23:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-09-12 17:47 - 2014-08-18 23:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-09-12 17:47 - 2014-08-18 23:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-09-12 17:47 - 2014-08-18 23:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-09-12 17:47 - 2014-08-18 23:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-09-12 17:47 - 2014-08-18 23:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 17:47 - 2014-08-18 23:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-09-12 17:47 - 2014-08-18 23:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-09-12 17:47 - 2014-08-18 23:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-09-12 17:47 - 2014-08-18 23:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-09-12 17:47 - 2014-08-18 23:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-09-12 17:47 - 2014-08-18 23:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-09-12 17:47 - 2014-08-18 22:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 17:47 - 2014-08-18 22:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-12 17:47 - 2014-08-18 22:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-09-12 17:47 - 2014-08-18 22:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 17:47 - 2014-08-18 22:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-09-12 17:47 - 2014-08-18 22:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 17:47 - 2014-08-18 22:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 17:47 - 2014-08-18 22:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 17:47 - 2014-08-18 22:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 17:47 - 2014-08-18 22:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-09-12 17:47 - 2014-08-18 22:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-09-12 17:47 - 2014-08-18 22:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 17:47 - 2014-08-18 22:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 17:47 - 2014-08-18 22:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-09-12 17:47 - 2014-08-18 22:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 17:47 - 2014-08-18 22:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 17:47 - 2014-08-18 22:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 17:47 - 2014-08-18 22:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 17:47 - 2014-08-18 22:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-09-12 17:47 - 2014-08-18 22:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-09-12 17:47 - 2014-08-18 22:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-09-12 17:47 - 2014-08-18 22:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-09-12 17:47 - 2014-08-18 22:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 17:47 - 2014-08-18 22:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 17:47 - 2014-08-18 22:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 17:47 - 2014-08-18 22:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 17:47 - 2014-08-18 22:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-09-12 17:47 - 2014-08-18 22:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 17:47 - 2014-08-18 22:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-09-12 17:47 - 2014-08-18 22:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 17:47 - 2014-08-18 22:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 17:47 - 2014-08-18 22:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 17:47 - 2014-08-18 21:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-09-12 17:47 - 2014-08-18 21:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 17:47 - 2014-08-18 21:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 17:47 - 2014-08-18 21:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-09-12 17:47 - 2014-08-18 21:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 17:45 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-09-12 17:45 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 07:55 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-09-12 07:55 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 07:55 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-09-12 07:55 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 07:54 - 2014-09-05 03:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-12 07:54 - 2014-09-05 03:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-09-12 07:54 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-09-12 07:54 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-09-12 07:54 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 07:54 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 07:54 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 16:27 - 2014-09-11 16:27 - 11840760 _____ () C:\Users\Michaelis Sebastian\Desktop\Mein Film.mp4
2014-09-11 16:17 - 2014-09-11 16:17 - 00411838 _____ () C:\Users\Michaelis Sebastian\Desktop\MSD_Logo Black.psd
2014-09-10 14:37 - 2014-09-15 15:19 - 00057478 _____ () C:\Users\Michaelis Sebastian\Desktop\2011 - 2013.wlmp
2014-09-09 17:53 - 2014-09-09 17:53 - 17945160 _____ (Nike) C:\Users\Michaelis Sebastian\Downloads\Nike+Connect_Installer(1).exe
2014-09-09 17:51 - 2014-09-09 17:51 - 17945160 _____ (Nike) C:\Users\Michaelis Sebastian\Downloads\Nike+Connect_Installer.exe
2014-09-09 06:48 - 2014-09-09 06:48 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-08 15:48 - 2014-09-08 15:48 - 00000242 _____ () C:\Users\Michaelis Sebastian\Desktop\Untitled.URL
2014-09-08 08:45 - 2014-09-08 08:45 - 01032856 _____ () C:\Users\Michaelis Sebastian\Downloads\CAD-Symbole-lnstall.exe
2014-09-08 08:43 - 2014-09-08 08:43 - 00000000 ____D () C:\ProgramData\LISEGA 2D catalog
2014-09-08 08:43 - 2014-09-08 08:43 - 00000000 ____D () C:\Program Files (x86)\LISEGA
2014-09-08 08:41 - 2014-09-08 08:41 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Neuer Ordner (4)
2014-09-05 12:02 - 2014-09-08 16:04 - 00299495 _____ () C:\Users\Michaelis Sebastian\Desktop\Test002.dwg
2014-09-05 12:02 - 2014-09-08 07:42 - 00050548 _____ () C:\Users\Michaelis Sebastian\Desktop\Test002.bak
2014-09-04 12:30 - 2009-11-09 13:51 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\auc2010f_bu
2014-09-04 12:28 - 2014-09-04 12:30 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Neuer Ordner (3)
2014-09-04 12:28 - 2009-09-07 08:34 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\auc2010_bu
2014-09-04 07:41 - 2014-09-04 07:41 - 00000239 _____ () C:\Users\Michaelis Sebastian\Desktop\Krebs ist schon lange heilbar ! - YouTube.URL
2014-09-04 06:37 - 2014-09-04 06:37 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Sicherung USB Sticks
2014-09-04 06:35 - 2014-09-04 06:37 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Bilder
2014-09-03 12:08 - 2014-09-09 07:17 - 00000000 ____D () C:\Program Files (x86)\ThreatFire
2014-09-03 12:08 - 2014-09-03 12:08 - 09876312 _____ (PC Tools ) C:\Users\Michaelis Sebastian\Downloads\tfinstall.exe
2014-09-03 12:08 - 2014-09-03 12:08 - 00000000 ____D () C:\ProgramData\PC Tools
2014-09-03 12:08 - 2011-02-22 12:57 - 00074824 _____ (PC Tools) C:\Windows\System32\Drivers\TfSysMon.sys
2014-09-03 12:08 - 2011-02-22 12:57 - 00065072 _____ (PC Tools) C:\Windows\System32\Drivers\TfFsMon.sys
2014-09-03 12:08 - 2011-02-22 12:57 - 00041888 _____ (PC Tools) C:\Windows\System32\Drivers\TfNetMon.sys
2014-09-03 12:03 - 2014-09-03 12:03 - 01101648 _____ () C:\Users\Michaelis Sebastian\Downloads\Norton AntiBot - CHIP-Installer.exe
2014-09-03 12:03 - 2014-09-03 12:03 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-09-03 11:58 - 2014-09-03 11:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Michaelis Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-28 09:23 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-28 09:23 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 09:23 - 2014-08-23 01:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-08-27 12:15 - 2014-09-11 09:23 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Eminem
2014-08-22 10:43 - 2014-08-22 10:46 - 00000000 __SHD () C:\Users\Michaelis Sebastian\AppData\Roaming\.#

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 11:33 - 2014-05-20 14:24 - 00000000 ____D () C:\FRST
2014-09-19 10:19 - 2014-04-15 18:15 - 00000000 ____D () C:\Users\Michaelis Sebastian\AppData\Roaming\BitTorrent
2014-09-19 10:18 - 2014-04-28 16:23 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 10:18 - 2013-11-08 22:33 - 00071804 _____ () C:\Windows\setupact.log
2014-09-19 10:18 - 2013-11-08 21:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-19 10:18 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 10:11 - 2014-04-12 10:27 - 00000000 ____D () C:\Users\Michaelis Sebastian\AppData\Local\Akamai
2014-09-18 21:15 - 2013-12-04 06:34 - 01611868 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 20:58 - 2013-11-08 17:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-18 20:17 - 2014-04-28 16:23 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-18 18:28 - 2009-07-14 05:45 - 00032336 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-18 18:28 - 2009-07-14 05:45 - 00032336 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-18 18:19 - 2014-09-18 18:19 - 00003352 ____N () C:\bootsqm.dat
2014-09-18 18:19 - 2014-09-18 18:19 - 00000000 __SHD () C:\found.000
2014-09-18 18:14 - 2014-09-17 14:42 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-09-18 16:05 - 2011-04-12 08:43 - 00699092 _____ () C:\Windows\System32\perfh007.dat
2014-09-18 16:05 - 2011-04-12 08:43 - 00149232 _____ () C:\Windows\System32\perfc007.dat
2014-09-18 16:05 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-09-18 12:48 - 2014-09-18 12:48 - 00000293 _____ () C:\Users\Michaelis Sebastian\Desktop\Tickets für Konzerte, Theater & Sport Karten kaufen bei Ticketmaster title script language=JavaScriptfunction querySt(ji) { .URL
2014-09-18 12:12 - 2014-09-18 12:11 - 05578824 _____ (Swearware) C:\Users\Michaelis Sebastian\Downloads\ComboFix.exe
2014-09-18 09:22 - 2014-09-18 07:08 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\mbar
2014-09-18 07:08 - 2014-09-18 07:08 - 13786977 _____ () C:\Users\Michaelis Sebastian\Desktop\mbar-1.01.0.1021.zip
2014-09-18 07:06 - 2014-09-18 07:06 - 02105856 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST64.exe
2014-09-17 16:16 - 2014-09-15 11:11 - 04460707 _____ () C:\Users\Michaelis Sebastian\Desktop\Übung 02.dwg
2014-09-17 16:06 - 2014-09-15 11:25 - 03603098 _____ () C:\Users\Michaelis Sebastian\Desktop\Übung 02.bak
2014-09-17 13:52 - 2014-09-17 13:51 - 149527616 _____ () C:\Users\Michaelis Sebastian\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-17 09:09 - 2014-08-17 18:43 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Raymund
2014-09-16 15:43 - 2014-07-17 12:47 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Autodesk-AutoCAD.2010 [64-bit]
2014-09-16 12:46 - 2014-04-15 19:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-16 10:21 - 2014-09-16 10:21 - 00000296 _____ () C:\Users\Michaelis Sebastian\Desktop\Software gegen alles Die 50 besten Anti-Tools - Bilder - CHIP.URL
2014-09-16 10:09 - 2014-09-16 10:09 - 00900949 _____ (Florian Schwarz ) C:\Users\Michaelis Sebastian\Downloads\BetterDesktopTool_1.8.exe
2014-09-16 08:15 - 2014-06-20 14:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-16 08:12 - 2014-09-16 08:12 - 01097728 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST.exe
2014-09-16 08:00 - 2014-09-16 08:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-16 07:47 - 2014-09-16 07:47 - 03332652 _____ () C:\Users\Michaelis Sebastian\Downloads\setupLMPC.exe
2014-09-16 07:47 - 2014-09-16 07:47 - 02057027 _____ () C:\Users\Michaelis Sebastian\Downloads\LookInMyPC.zip
2014-09-16 07:42 - 2014-09-16 07:42 - 05176232 _____ (F-Secure Corporation) C:\Users\Michaelis Sebastian\Downloads\F-SecureOnlineScanner.exe
2014-09-16 07:42 - 2014-09-16 07:42 - 00000000 ____D () C:\ProgramData\F-Secure
2014-09-16 07:41 - 2014-09-16 07:41 - 11534336 _____ () C:\Users\Michaelis Sebastian\Downloads\msert.exe
2014-09-16 07:29 - 2014-09-16 07:29 - 45870584 _____ (Belgian Government) C:\Users\Michaelis Sebastian\Downloads\eID-QuickInstaller-407-7453-signed_tcm444-246722.exe
2014-09-15 15:19 - 2014-09-10 14:37 - 00057478 _____ () C:\Users\Michaelis Sebastian\Desktop\2011 - 2013.wlmp
2014-09-15 10:15 - 2014-04-17 11:27 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Sebastian
2014-09-13 11:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-09-12 17:50 - 2014-04-14 13:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 17:46 - 2013-11-08 17:24 - 01592628 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 17:45 - 2014-05-06 19:47 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-09-11 16:27 - 2014-09-11 16:27 - 11840760 _____ () C:\Users\Michaelis Sebastian\Desktop\Mein Film.mp4
2014-09-11 16:17 - 2014-09-11 16:17 - 00411838 _____ () C:\Users\Michaelis Sebastian\Desktop\MSD_Logo Black.psd
2014-09-11 09:23 - 2014-08-27 12:15 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Eminem
2014-09-10 09:58 - 2013-11-08 17:25 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 09:58 - 2013-11-08 17:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 09:58 - 2013-11-08 17:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 09:31 - 2014-04-17 08:37 - 00000000 ___RD () C:\Users\Michaelis Sebastian\Desktop\Programme
2014-09-09 17:53 - 2014-09-09 17:53 - 17945160 _____ (Nike) C:\Users\Michaelis Sebastian\Downloads\Nike+Connect_Installer(1).exe
2014-09-09 17:51 - 2014-09-09 17:51 - 17945160 _____ (Nike) C:\Users\Michaelis Sebastian\Downloads\Nike+Connect_Installer.exe
2014-09-09 07:17 - 2014-09-03 12:08 - 00000000 ____D () C:\Program Files (x86)\ThreatFire
2014-09-09 06:49 - 2014-04-12 11:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-09 06:48 - 2014-09-09 06:48 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-09 06:48 - 2014-04-12 11:23 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-08 16:04 - 2014-09-05 12:02 - 00299495 _____ () C:\Users\Michaelis Sebastian\Desktop\Test002.dwg
2014-09-08 15:48 - 2014-09-08 15:48 - 00000242 _____ () C:\Users\Michaelis Sebastian\Desktop\Untitled.URL
2014-09-08 08:45 - 2014-09-08 08:45 - 01032856 _____ () C:\Users\Michaelis Sebastian\Downloads\CAD-Symbole-lnstall.exe
2014-09-08 08:43 - 2014-09-08 08:43 - 00000000 ____D () C:\ProgramData\LISEGA 2D catalog
2014-09-08 08:43 - 2014-09-08 08:43 - 00000000 ____D () C:\Program Files (x86)\LISEGA
2014-09-08 08:41 - 2014-09-08 08:41 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Neuer Ordner (4)
2014-09-08 07:42 - 2014-09-05 12:02 - 00050548 _____ () C:\Users\Michaelis Sebastian\Desktop\Test002.bak
2014-09-05 03:10 - 2014-09-12 07:54 - 00578048 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-05 03:05 - 2014-09-12 07:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-09-04 12:30 - 2014-09-04 12:28 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Neuer Ordner (3)
2014-09-04 08:10 - 2014-04-17 08:37 - 00000000 ___RD () C:\Users\Michaelis Sebastian\Desktop\Sicherheit Überprüfung
2014-09-04 07:41 - 2014-09-04 07:41 - 00000239 _____ () C:\Users\Michaelis Sebastian\Desktop\Krebs ist schon lange heilbar ! - YouTube.URL
2014-09-04 06:44 - 2014-05-22 12:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-04 06:38 - 2014-04-28 09:03 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\MSD
2014-09-04 06:37 - 2014-09-04 06:37 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Sicherung USB Sticks
2014-09-04 06:37 - 2014-09-04 06:35 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Bilder
2014-09-04 06:32 - 2014-04-28 09:03 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Misotrade
2014-09-04 06:28 - 2014-06-05 11:37 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\AutoCAD
2014-09-03 12:08 - 2014-09-03 12:08 - 09876312 _____ (PC Tools ) C:\Users\Michaelis Sebastian\Downloads\tfinstall.exe
2014-09-03 12:08 - 2014-09-03 12:08 - 00000000 ____D () C:\ProgramData\PC Tools
2014-09-03 12:03 - 2014-09-03 12:03 - 01101648 _____ () C:\Users\Michaelis Sebastian\Downloads\Norton AntiBot - CHIP-Installer.exe
2014-09-03 12:03 - 2014-09-03 12:03 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-09-03 11:58 - 2014-09-03 11:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Michaelis Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-29 08:19 - 2009-07-14 05:45 - 00492320 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-08-23 03:07 - 2014-08-28 09:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-23 02:45 - 2014-08-28 09:23 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 01:59 - 2014-08-28 09:23 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-08-22 10:46 - 2014-08-22 10:43 - 00000000 __SHD () C:\Users\Michaelis Sebastian\AppData\Roaming\.#

Some content of TEMP:
====================
C:\Users\Michaelis Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Michaelis Sebastian\AppData\Local\Temp\cleanup_tool.exe
C:\Users\Michaelis Sebastian\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Michaelis Sebastian\AppData\Local\Temp\sdapskill.exe
C:\Users\Michaelis Sebastian\AppData\Local\Temp\sdaspwn.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-09-05 08:39:12
Restore point made on: 2014-09-08 08:42:35
Restore point made on: 2014-09-12 17:45:08
Restore point made on: 2014-09-16 07:46:13
Restore point made on: 2014-09-16 07:55:03
Restore point made on: 2014-09-16 07:56:18
Restore point made on: 2014-09-16 07:57:04
Restore point made on: 2014-09-16 07:58:50
Restore point made on: 2014-09-16 07:59:57
Restore point made on: 2014-09-16 08:02:46
Restore point made on: 2014-09-16 08:05:08
Restore point made on: 2014-09-16 08:07:54
Restore point made on: 2014-09-16 08:13:00
Restore point made on: 2014-09-16 09:12:56

==================== Memory info =========================== 

Percentage of memory in use: 7%
Total physical RAM: 16272.35 MB
Available physical RAM: 15007.29 MB
Total Pagefile: 16270.55 MB
Available Pagefile: 14995.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:919.41 GB) (Free:815.57 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:11 GB) (Free:5.17 GB) NTFS
Drive i: (KINGSTON) (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 56E0A8AA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)

========================================================
Disk: 3 (Size: 980 MB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=980 MB) - (Type=0B)


LastRegBack: 2014-09-18 07:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Alt 20.09.2014, 07:18   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



komisch. Versuch mal im abgesicherten Modus Programme zu starten.
__________________
--> Softwareinstallation blokiert.

Alt 20.09.2014, 13:54   #7
hellraiser88
 
Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Guten Tag,

im abgesicherten Modus kann ich Programme ausführen, hatte schon die Befürchtung mir eine neue Festplatte einsetzen zu müssen und alles neu zu installieren. Wie soll oder kann ich den jetzt dem Problem weiter auf den Grund gehen?

Gruß
hellraiser88

Alt 21.09.2014, 10:30   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.09.2014, 12:28   #9
hellraiser88
 
Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Danke für die Hilfe kann jetzt wieder Programme im normalen Modus installieren.

Was war denn jetzt der Grund für das Problem oder kann man das nicht genau sagen?
Was kann ich machen um solche Probleme in Zukunft zu vermeiden?

Gruß Hellraiser88

Alt 22.09.2014, 08:39   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Windows verbogen.

Bitte aus dem normalen Modus:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.09.2014, 14:13   #11
hellraiser88
 
Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Hallo,

anbei die Datei FRST.txt


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Michaelis Sebastian (administrator) on MICHAELISSEBAST on 22-09-2014 14:08:48
Running from C:\Users\Michaelis Sebastian\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Akamai Technologies, Inc.) C:\Users\Michaelis Sebastian\AppData\Local\Akamai\netsession_win.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(BitTorrent Inc.) C:\Users\Michaelis Sebastian\AppData\Roaming\BitTorrent\BitTorrent.exe
(Akamai Technologies, Inc.) C:\Users\Michaelis Sebastian\AppData\Local\Akamai\netsession_win.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Autodesk Inc.) C:\Users\Michaelis Sebastian\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monito
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-04-11] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-11-26] (Filefacts.net)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [480648 2014-04-01] (Autodesk Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2011-04-01] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [ThreatFire] => C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-22] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3476281182-1999910041-1381107984-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Michaelis Sebastian\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3476281182-1999910041-1381107984-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-05-28] (Samsung)
HKU\S-1-5-21-3476281182-1999910041-1381107984-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3476281182-1999910041-1381107984-1001\...\Run: [BitTorrent] => C:\Users\Michaelis Sebastian\AppData\Roaming\BitTorrent\BitTorrent.exe [1417048 2014-09-15] (BitTorrent Inc.)
HKU\S-1-5-21-3476281182-1999910041-1381107984-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3476281182-1999910041-1381107984-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473464 2014-03-17] (TomTom)
HKU\S-1-5-21-3476281182-1999910041-1381107984-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-3476281182-1999910041-1381107984-1001\...\Policies\Explorer: [] 
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM - {F61F6082-B529-4E46-8474-EF8237C22CB2} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {F61F6082-B529-4E46-8474-EF8237C22CB2} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Michaelis Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\fhsidicf.default
FF DefaultSearchEngine: Microsoft (Bing)
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Michaelis Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\fhsidicf.default\searchplugins\bing-avast.xml
FF SearchPlugin: C:\Users\Michaelis Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\fhsidicf.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Michaelis Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\fhsidicf.default\Extensions\abs@avira.com [2014-09-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-22]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-16]

Chrome: 
=======
CHR HomePage: Default -> 9460FAA6615FA5947A27A0CFD9D34909A4E524E3023C8FC8EF545EA4604BC250
CHR DefaultSearchKeyword: Default -> 6EB18CCDE3AAA3031DD2BBDC2F8B1B4CA58E04AB919AF9E5811DD8896A87B998
CHR DefaultSearchProvider: Default -> E83DC5F1AB378758E4478A662B40FC40CB9246DF8282B01CBEC6CB6B0F96364C
CHR DefaultSearchURL: Default -> 4CF3685578BEF886674E0CEC80DC01E88565D85F6CA48F3EE8B11768191E9362
CHR Profile: C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-22]
CHR Extension: (Docs) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-22]
CHR Extension: (Google Drive) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-22]
CHR Extension: (YouTube) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-22]
CHR Extension: (Google Search) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-22]
CHR Extension: (Google Sheets) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-22]
CHR Extension: (avast! Online Security) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-22]
CHR Extension: (Google Wallet) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-22]
CHR Extension: (Gmail) - C:\Users\Michaelis Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-22] (AVAST Software)
S4 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-06-26] (Macrovision Europe Ltd.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20542408 2014-04-02] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe [70928 2011-02-22] (PC Tools)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [191224 2014-05-14] (HID Global Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24496 2011-12-19] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [637360 2011-12-19] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 PciIsaSerial; C:\Windows\system32\drivers\PciIsaSerial.sys [68608 2008-12-19] (Windows (R) Codename Longhorn DDK provider)
S3 PciPPorts; C:\Windows\system32\drivers\PciPPorts.sys [96768 2009-07-23] ()
S3 PciSPorts; C:\Windows\system32\drivers\PciSPorts.sys [122880 2008-12-19] ()
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [65072 2011-02-22] (PC Tools)
R3 TfNetMon; C:\windows\system32\drivers\TfNetMon.sys [41888 2011-02-22] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
R3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [223744 2013-03-19] (VIA Technologies, Inc.)
S3 VUSBSTOR; C:\Windows\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [295424 2013-03-19] (VIA Technologies, Inc.)
S1 A2DDA; \??\I:\BIN\a2ddax64.sys [X]
S3 cleanhlp; \??\I:\bin\cleanhlp64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 14:08 - 2014-09-22 14:08 - 02105856 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST64(1).exe
2014-09-22 14:08 - 2014-09-22 14:08 - 00024875 _____ () C:\Users\Michaelis Sebastian\Downloads\FRST.txt
2014-09-22 08:40 - 2014-09-22 08:40 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Neuer Ordner
2014-09-22 08:05 - 2014-09-22 08:05 - 00000000 ____D () C:\Users\Michaelis Sebastian\AppData\Roaming\AVAST Software
2014-09-22 08:04 - 2014-09-22 08:06 - 00002246 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-22 08:04 - 2014-09-22 08:05 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-22 08:04 - 2014-09-22 08:04 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-09-22 08:04 - 2014-09-22 08:04 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-22 08:04 - 2014-09-22 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-22 08:04 - 2014-09-22 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-22 08:04 - 2014-09-22 08:03 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-09-22 08:04 - 2014-09-22 08:03 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-09-22 08:04 - 2014-09-22 08:03 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-09-22 08:04 - 2014-09-22 08:03 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-09-22 08:04 - 2014-09-22 08:03 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-09-22 08:04 - 2014-09-22 08:03 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-09-22 08:04 - 2014-09-22 08:03 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-09-22 08:04 - 2014-09-22 08:03 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-09-22 08:03 - 2014-09-22 08:03 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-09-22 08:03 - 2014-09-22 08:03 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-22 08:03 - 2014-09-22 08:03 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-22 08:00 - 2014-09-22 08:01 - 91906368 _____ (AVAST Software) C:\Users\Michaelis Sebastian\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-09-22 07:53 - 2014-09-22 07:53 - 01101648 _____ () C:\Users\Michaelis Sebastian\Downloads\AVG Anti Virus Free 2015 64 Bit - CHIP-Installer.exe
2014-09-21 12:25 - 2014-09-21 12:25 - 01373475 _____ () C:\Users\Michaelis Sebastian\Downloads\AdwCleaner.exe
2014-09-21 12:22 - 2014-09-21 12:22 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 11:51 - 2014-09-21 11:51 - 00000207 _____ () C:\windows\tweaking.com-regbackup-MICHAELISSEBAST-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-09-21 11:51 - 2014-09-21 11:51 - 00000000 ____D () C:\RegBackup
2014-09-21 10:49 - 2014-09-21 10:49 - 00002170 _____ () C:\Users\Michaelis Sebastian\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-09-21 10:49 - 2014-09-21 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-21 10:49 - 2014-09-21 10:49 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-19 13:52 - 2014-09-19 13:52 - 00000000 ____D () C:\Users\Michaelis Sebastian\Documents\ProcAlyzer Dumps
2014-09-19 13:48 - 2014-09-19 13:48 - 63344904 _____ (PortableApps.com) C:\Users\Michaelis Sebastian\Downloads\SpybotPortable_2.4.paf.exe
2014-09-19 13:19 - 2014-09-19 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 19:19 - 2014-09-18 19:19 - 00000000 __SHD () C:\found.000
2014-09-18 13:48 - 2014-09-18 13:48 - 00000293 _____ () C:\Users\Michaelis Sebastian\Desktop\Tickets für Konzerte, Theater & Sport Karten kaufen bei Ticketmaster title script language=JavaScriptfunction querySt(ji) { .URL
2014-09-18 13:11 - 2014-09-18 13:12 - 05578824 _____ (Swearware) C:\Users\Michaelis Sebastian\Downloads\ComboFix.exe
2014-09-18 08:08 - 2014-09-18 10:22 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\mbar
2014-09-18 08:08 - 2014-09-18 08:08 - 13786977 _____ () C:\Users\Michaelis Sebastian\Desktop\mbar-1.01.0.1021.zip
2014-09-18 08:06 - 2014-09-18 08:06 - 02105856 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST64.exe
2014-09-17 15:42 - 2014-09-18 19:14 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-09-17 14:51 - 2014-09-17 14:52 - 149527616 _____ () C:\Users\Michaelis Sebastian\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-16 11:21 - 2014-09-16 11:21 - 00000296 _____ () C:\Users\Michaelis Sebastian\Desktop\Software gegen alles Die 50 besten Anti-Tools - Bilder - CHIP.URL
2014-09-16 11:09 - 2014-09-16 11:09 - 00900949 _____ (Florian Schwarz ) C:\Users\Michaelis Sebastian\Downloads\BetterDesktopTool_1.8.exe
2014-09-16 09:12 - 2014-09-16 09:12 - 01097728 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST.exe
2014-09-16 08:47 - 2014-09-16 08:47 - 03332652 _____ () C:\Users\Michaelis Sebastian\Downloads\setupLMPC.exe
2014-09-16 08:47 - 2014-09-16 08:47 - 02057027 _____ () C:\Users\Michaelis Sebastian\Downloads\LookInMyPC.zip
2014-09-16 08:47 - 2012-11-24 20:34 - 04241408 _____ (CYBERsitter LLC/Solid Oak Software) C:\Users\Michaelis Sebastian\Downloads\LookInMyPC.exe
2014-09-16 08:47 - 2010-03-02 17:57 - 00006410 _____ () C:\Users\Michaelis Sebastian\Downloads\License.txt
2014-09-16 08:42 - 2014-09-16 08:42 - 05176232 _____ (F-Secure Corporation) C:\Users\Michaelis Sebastian\Downloads\F-SecureOnlineScanner.exe
2014-09-16 08:42 - 2014-09-16 08:42 - 00000000 ____D () C:\ProgramData\F-Secure
2014-09-16 08:41 - 2014-09-16 08:41 - 11534336 _____ () C:\Users\Michaelis Sebastian\Downloads\msert.exe
2014-09-16 08:29 - 2014-09-16 08:29 - 45870584 _____ (Belgian Government) C:\Users\Michaelis Sebastian\Downloads\eID-QuickInstaller-407-7453-signed_tcm444-246722.exe
2014-09-15 12:25 - 2014-09-17 17:16 - 04460707 _____ () C:\Users\Michaelis Sebastian\Desktop\Übung 02.bak
2014-09-15 12:11 - 2014-09-22 08:22 - 03758832 _____ () C:\Users\Michaelis Sebastian\Desktop\Übung 02.dwg
2014-09-12 18:47 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-12 18:47 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-12 18:47 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-12 18:47 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-12 18:47 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-12 18:47 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-12 18:47 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-12 18:47 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-12 18:47 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-12 18:47 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-12 18:47 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-12 18:47 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-12 18:47 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-12 18:47 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-12 18:47 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-12 18:47 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-12 18:47 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-12 18:47 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-12 18:47 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-12 18:47 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-12 18:47 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-12 18:47 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-12 18:47 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-12 18:47 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 18:47 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-12 18:47 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-12 18:47 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-12 18:47 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-12 18:47 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-12 18:47 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-12 18:47 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-12 18:47 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-12 18:47 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-12 18:47 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-12 18:47 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-12 18:47 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-12 18:47 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-12 18:47 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-12 18:47 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-12 18:47 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-12 18:47 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-12 18:47 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 18:47 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-12 18:47 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-12 18:47 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-12 18:47 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-12 18:47 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-12 18:47 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-12 18:47 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-12 18:47 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-12 18:47 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-12 18:47 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-12 18:47 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-12 18:47 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-12 18:47 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-12 18:47 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-12 18:45 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-12 18:45 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 08:55 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-12 08:55 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-09-12 08:55 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-12 08:55 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-12 08:54 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-12 08:54 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-12 08:54 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-12 08:54 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-12 08:54 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-12 08:54 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-12 08:54 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-11 17:27 - 2014-09-11 17:27 - 11840760 _____ () C:\Users\Michaelis Sebastian\Desktop\Mein Film.mp4
2014-09-11 17:17 - 2014-09-11 17:17 - 00411838 _____ () C:\Users\Michaelis Sebastian\Desktop\MSD_Logo Black.psd
2014-09-10 15:37 - 2014-09-15 16:19 - 00057478 _____ () C:\Users\Michaelis Sebastian\Desktop\2011 - 2013.wlmp
2014-09-09 18:53 - 2014-09-09 18:53 - 17945160 _____ (Nike) C:\Users\Michaelis Sebastian\Downloads\Nike+Connect_Installer(1).exe
2014-09-09 18:51 - 2014-09-09 18:51 - 17945160 _____ (Nike) C:\Users\Michaelis Sebastian\Downloads\Nike+Connect_Installer.exe
2014-09-09 07:48 - 2014-09-09 07:48 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-08 16:48 - 2014-09-08 16:48 - 00000242 _____ () C:\Users\Michaelis Sebastian\Desktop\Untitled.URL
2014-09-08 09:43 - 2014-09-08 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LISEGA
2014-09-08 09:43 - 2014-09-08 09:43 - 00000000 ____D () C:\ProgramData\LISEGA 2D catalog
2014-09-08 09:43 - 2014-09-08 09:43 - 00000000 ____D () C:\Program Files (x86)\LISEGA
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Neuer Ordner (4)
2014-09-05 13:02 - 2014-09-08 17:04 - 00299495 _____ () C:\Users\Michaelis Sebastian\Desktop\Test002.dwg
2014-09-05 13:02 - 2014-09-08 08:42 - 00050548 _____ () C:\Users\Michaelis Sebastian\Desktop\Test002.bak
2014-09-04 13:30 - 2009-11-09 14:51 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\auc2010f_bu
2014-09-04 13:28 - 2014-09-04 13:30 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Neuer Ordner (3)
2014-09-04 13:28 - 2009-09-07 09:34 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\auc2010_bu
2014-09-04 08:41 - 2014-09-04 08:41 - 00000239 _____ () C:\Users\Michaelis Sebastian\Desktop\Krebs ist schon lange heilbar ! - YouTube.URL
2014-09-04 07:37 - 2014-09-04 07:37 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Sicherung USB Sticks
2014-09-04 07:35 - 2014-09-04 07:37 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Bilder
2014-09-03 13:08 - 2014-09-22 13:55 - 00000000 ____D () C:\Program Files (x86)\ThreatFire
2014-09-03 13:08 - 2014-09-03 13:08 - 09876312 _____ (PC Tools ) C:\Users\Michaelis Sebastian\Downloads\tfinstall.exe
2014-09-03 13:08 - 2014-09-03 13:08 - 00000000 ____D () C:\ProgramData\PC Tools
2014-09-03 13:08 - 2014-09-03 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThreatFire
2014-09-03 13:08 - 2011-02-22 13:57 - 00074824 _____ (PC Tools) C:\windows\system32\Drivers\TfSysMon.sys
2014-09-03 13:08 - 2011-02-22 13:57 - 00065072 _____ (PC Tools) C:\windows\system32\Drivers\TfFsMon.sys
2014-09-03 13:08 - 2011-02-22 13:57 - 00041888 _____ (PC Tools) C:\windows\system32\Drivers\TfNetMon.sys
2014-09-03 13:03 - 2014-09-03 13:03 - 01101648 _____ () C:\Users\Michaelis Sebastian\Downloads\Norton AntiBot - CHIP-Installer.exe
2014-09-03 13:03 - 2014-09-03 13:03 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-09-03 12:58 - 2014-09-03 12:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Michaelis Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-28 10:23 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-28 10:23 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-28 10:23 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-27 13:15 - 2014-09-11 10:23 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Eminem

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 14:09 - 2014-09-22 14:08 - 00024875 _____ () C:\Users\Michaelis Sebastian\Downloads\FRST.txt
2014-09-22 14:08 - 2014-09-22 14:08 - 02105856 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST64(1).exe
2014-09-22 14:08 - 2014-05-20 15:24 - 00000000 ____D () C:\FRST
2014-09-22 14:04 - 2014-04-15 19:15 - 00000000 ____D () C:\Users\Michaelis Sebastian\AppData\Roaming\BitTorrent
2014-09-22 13:58 - 2013-11-08 18:25 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-22 13:55 - 2014-09-03 13:08 - 00000000 ____D () C:\Program Files (x86)\ThreatFire
2014-09-22 13:50 - 2009-07-14 06:45 - 00032336 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 13:50 - 2009-07-14 06:45 - 00032336 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 13:49 - 2011-04-12 09:43 - 00685230 _____ () C:\windows\system32\perfh007.dat
2014-09-22 13:49 - 2011-04-12 09:43 - 00145062 _____ () C:\windows\system32\perfc007.dat
2014-09-22 13:49 - 2009-07-14 07:13 - 01619284 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-22 13:44 - 2013-11-08 23:33 - 00074324 _____ () C:\windows\setupact.log
2014-09-22 13:43 - 2014-04-28 17:23 - 00001132 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 13:43 - 2013-11-08 22:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-22 13:43 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-22 13:42 - 2010-11-21 05:47 - 00432888 _____ () C:\windows\PFRO.log
2014-09-22 12:31 - 2013-12-04 07:34 - 01874899 _____ () C:\windows\WindowsUpdate.log
2014-09-22 12:17 - 2014-04-28 17:23 - 00001136 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-22 12:00 - 2014-04-12 11:27 - 00000000 ____D () C:\Users\Michaelis Sebastian\AppData\Local\Akamai
2014-09-22 08:40 - 2014-09-22 08:40 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Neuer Ordner
2014-09-22 08:22 - 2014-09-15 12:11 - 03758832 _____ () C:\Users\Michaelis Sebastian\Desktop\Übung 02.dwg
2014-09-22 08:06 - 2014-09-22 08:04 - 00002246 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-22 08:06 - 2014-04-15 20:15 - 00001146 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-22 08:06 - 2014-04-15 20:15 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-22 08:05 - 2014-09-22 08:05 - 00000000 ____D () C:\Users\Michaelis Sebastian\AppData\Roaming\AVAST Software
2014-09-22 08:05 - 2014-09-22 08:04 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-22 08:05 - 2014-04-19 15:38 - 00000000 ____D () C:\Users\Michaelis Sebastian\AppData\Local\Google
2014-09-22 08:04 - 2014-09-22 08:04 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-09-22 08:04 - 2014-09-22 08:04 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-22 08:04 - 2014-09-22 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-22 08:04 - 2014-09-22 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-22 08:04 - 2014-04-19 15:37 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-22 08:03 - 2014-09-22 08:04 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-09-22 08:03 - 2014-09-22 08:04 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-09-22 08:03 - 2014-09-22 08:04 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-09-22 08:03 - 2014-09-22 08:04 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-09-22 08:03 - 2014-09-22 08:04 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-09-22 08:03 - 2014-09-22 08:04 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-09-22 08:03 - 2014-09-22 08:04 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-09-22 08:03 - 2014-09-22 08:04 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-09-22 08:03 - 2014-09-22 08:03 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-09-22 08:03 - 2014-09-22 08:03 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-22 08:03 - 2014-09-22 08:03 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-22 08:01 - 2014-09-22 08:00 - 91906368 _____ (AVAST Software) C:\Users\Michaelis Sebastian\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-09-22 07:53 - 2014-09-22 07:53 - 01101648 _____ () C:\Users\Michaelis Sebastian\Downloads\AVG Anti Virus Free 2015 64 Bit - CHIP-Installer.exe
2014-09-22 07:48 - 2014-05-15 09:04 - 00000000 ____D () C:\AdwCleaner
2014-09-21 12:25 - 2014-09-21 12:25 - 01373475 _____ () C:\Users\Michaelis Sebastian\Downloads\AdwCleaner.exe
2014-09-21 12:22 - 2014-09-21 12:22 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 12:22 - 2014-05-22 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-21 12:22 - 2014-05-22 13:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-21 12:16 - 2014-04-12 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-21 12:04 - 2014-04-12 11:17 - 00143712 _____ () C:\Users\Michaelis Sebastian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-21 12:04 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-21 12:03 - 2009-07-14 06:45 - 00492320 _____ () C:\windows\system32\FNTCACHE.DAT
2014-09-21 11:59 - 2009-07-14 04:34 - 00000514 _____ () C:\windows\win.ini
2014-09-21 11:51 - 2014-09-21 11:51 - 00000207 _____ () C:\windows\tweaking.com-regbackup-MICHAELISSEBAST-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-09-21 11:51 - 2014-09-21 11:51 - 00000000 ____D () C:\RegBackup
2014-09-21 10:49 - 2014-09-21 10:49 - 00002170 _____ () C:\Users\Michaelis Sebastian\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-09-21 10:49 - 2014-09-21 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-21 10:49 - 2014-09-21 10:49 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-19 19:14 - 2014-04-15 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 13:52 - 2014-09-19 13:52 - 00000000 ____D () C:\Users\Michaelis Sebastian\Documents\ProcAlyzer Dumps
2014-09-19 13:48 - 2014-09-19 13:48 - 63344904 _____ (PortableApps.com) C:\Users\Michaelis Sebastian\Downloads\SpybotPortable_2.4.paf.exe
2014-09-19 13:19 - 2014-09-19 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 13:01 - 2014-04-17 12:27 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Sebastian
2014-09-18 19:19 - 2014-09-18 19:19 - 00000000 __SHD () C:\found.000
2014-09-18 19:14 - 2014-09-17 15:42 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-09-18 13:48 - 2014-09-18 13:48 - 00000293 _____ () C:\Users\Michaelis Sebastian\Desktop\Tickets für Konzerte, Theater & Sport Karten kaufen bei Ticketmaster title script language=JavaScriptfunction querySt(ji) { .URL
2014-09-18 13:12 - 2014-09-18 13:11 - 05578824 _____ (Swearware) C:\Users\Michaelis Sebastian\Downloads\ComboFix.exe
2014-09-18 10:22 - 2014-09-18 08:08 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\mbar
2014-09-18 08:20 - 2014-04-24 16:37 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-18 08:08 - 2014-09-18 08:08 - 13786977 _____ () C:\Users\Michaelis Sebastian\Desktop\mbar-1.01.0.1021.zip
2014-09-18 08:06 - 2014-09-18 08:06 - 02105856 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST64.exe
2014-09-17 17:16 - 2014-09-15 12:25 - 04460707 _____ () C:\Users\Michaelis Sebastian\Desktop\Übung 02.bak
2014-09-17 14:52 - 2014-09-17 14:51 - 149527616 _____ () C:\Users\Michaelis Sebastian\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-17 10:09 - 2014-08-17 19:43 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Raymund
2014-09-16 16:43 - 2014-07-17 13:47 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Autodesk-AutoCAD.2010 [64-bit]
2014-09-16 11:21 - 2014-09-16 11:21 - 00000296 _____ () C:\Users\Michaelis Sebastian\Desktop\Software gegen alles Die 50 besten Anti-Tools - Bilder - CHIP.URL
2014-09-16 11:09 - 2014-09-16 11:09 - 00900949 _____ (Florian Schwarz ) C:\Users\Michaelis Sebastian\Downloads\BetterDesktopTool_1.8.exe
2014-09-16 09:15 - 2014-06-20 15:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-16 09:12 - 2014-09-16 09:12 - 01097728 _____ (Farbar) C:\Users\Michaelis Sebastian\Downloads\FRST.exe
2014-09-16 08:47 - 2014-09-16 08:47 - 03332652 _____ () C:\Users\Michaelis Sebastian\Downloads\setupLMPC.exe
2014-09-16 08:47 - 2014-09-16 08:47 - 02057027 _____ () C:\Users\Michaelis Sebastian\Downloads\LookInMyPC.zip
2014-09-16 08:42 - 2014-09-16 08:42 - 05176232 _____ (F-Secure Corporation) C:\Users\Michaelis Sebastian\Downloads\F-SecureOnlineScanner.exe
2014-09-16 08:42 - 2014-09-16 08:42 - 00000000 ____D () C:\ProgramData\F-Secure
2014-09-16 08:41 - 2014-09-16 08:41 - 11534336 _____ () C:\Users\Michaelis Sebastian\Downloads\msert.exe
2014-09-16 08:29 - 2014-09-16 08:29 - 45870584 _____ (Belgian Government) C:\Users\Michaelis Sebastian\Downloads\eID-QuickInstaller-407-7453-signed_tcm444-246722.exe
2014-09-15 16:19 - 2014-09-10 15:37 - 00057478 _____ () C:\Users\Michaelis Sebastian\Desktop\2011 - 2013.wlmp
2014-09-13 12:06 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-09-12 18:50 - 2014-04-14 14:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 18:46 - 2013-11-08 18:24 - 01592628 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-12 18:45 - 2014-05-06 20:47 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-11 17:27 - 2014-09-11 17:27 - 11840760 _____ () C:\Users\Michaelis Sebastian\Desktop\Mein Film.mp4
2014-09-11 17:17 - 2014-09-11 17:17 - 00411838 _____ () C:\Users\Michaelis Sebastian\Desktop\MSD_Logo Black.psd
2014-09-11 10:23 - 2014-08-27 13:15 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Eminem
2014-09-10 10:58 - 2013-11-08 18:25 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 10:58 - 2013-11-08 18:25 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 10:58 - 2013-11-08 18:25 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 10:31 - 2014-04-17 09:37 - 00000000 ___RD () C:\Users\Michaelis Sebastian\Desktop\Programme
2014-09-09 18:53 - 2014-09-09 18:53 - 17945160 _____ (Nike) C:\Users\Michaelis Sebastian\Downloads\Nike+Connect_Installer(1).exe
2014-09-09 18:51 - 2014-09-09 18:51 - 17945160 _____ (Nike) C:\Users\Michaelis Sebastian\Downloads\Nike+Connect_Installer.exe
2014-09-09 07:49 - 2014-04-12 12:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-09 07:48 - 2014-09-09 07:48 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-09 07:48 - 2014-04-12 12:23 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-08 17:04 - 2014-09-05 13:02 - 00299495 _____ () C:\Users\Michaelis Sebastian\Desktop\Test002.dwg
2014-09-08 16:48 - 2014-09-08 16:48 - 00000242 _____ () C:\Users\Michaelis Sebastian\Desktop\Untitled.URL
2014-09-08 09:43 - 2014-09-08 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LISEGA
2014-09-08 09:43 - 2014-09-08 09:43 - 00000000 ____D () C:\ProgramData\LISEGA 2D catalog
2014-09-08 09:43 - 2014-09-08 09:43 - 00000000 ____D () C:\Program Files (x86)\LISEGA
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Neuer Ordner (4)
2014-09-08 08:42 - 2014-09-05 13:02 - 00050548 _____ () C:\Users\Michaelis Sebastian\Desktop\Test002.bak
2014-09-05 04:10 - 2014-09-12 08:54 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-12 08:54 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-04 13:30 - 2014-09-04 13:28 - 00000000 ____D () C:\Users\Michaelis Sebastian\Downloads\Neuer Ordner (3)
2014-09-04 09:10 - 2014-04-17 09:37 - 00000000 ___RD () C:\Users\Michaelis Sebastian\Desktop\Sicherheit Überprüfung
2014-09-04 08:41 - 2014-09-04 08:41 - 00000239 _____ () C:\Users\Michaelis Sebastian\Desktop\Krebs ist schon lange heilbar ! - YouTube.URL
2014-09-04 07:38 - 2014-04-28 10:03 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\MSD
2014-09-04 07:37 - 2014-09-04 07:37 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Sicherung USB Sticks
2014-09-04 07:37 - 2014-09-04 07:35 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Bilder
2014-09-04 07:32 - 2014-04-28 10:03 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\Misotrade
2014-09-04 07:28 - 2014-06-05 12:37 - 00000000 ____D () C:\Users\Michaelis Sebastian\Desktop\AutoCAD
2014-09-03 13:08 - 2014-09-03 13:08 - 09876312 _____ (PC Tools ) C:\Users\Michaelis Sebastian\Downloads\tfinstall.exe
2014-09-03 13:08 - 2014-09-03 13:08 - 00000000 ____D () C:\ProgramData\PC Tools
2014-09-03 13:08 - 2014-09-03 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThreatFire
2014-09-03 13:03 - 2014-09-03 13:03 - 01101648 _____ () C:\Users\Michaelis Sebastian\Downloads\Norton AntiBot - CHIP-Installer.exe
2014-09-03 13:03 - 2014-09-03 13:03 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-09-03 12:58 - 2014-09-03 12:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Michaelis Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-23 04:07 - 2014-08-28 10:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 10:23 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 10:23 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\Michaelis Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Michaelis Sebastian\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-18 08:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Gruß hellraiser88

Alt 22.09.2014, 18:05   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Addition.txt fehlt noch. Bitte FRST öffnen, Haken setzen bei Addition und scannen, dann die Addition.txt posten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.09.2014, 21:58   #13
hellraiser88
 
Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Hallo Schrauber,

anbei additional.txt

hatte es vorher übersehen

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by Michaelis Sebastian at 2014-09-22 21:36:51
Running from C:\Users\Michaelis Sebastian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AutoCAD 2010 - English (HKLM\...\AutoCAD 2010 - English) (Version: 18.0.55.0 - Autodesk)
AutoCAD 2010 - English (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD 2010 Language Pack - English (Version: 18.0.55.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 2.2.12.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Design Review 2010 (HKLM-x32\...\Autodesk Design Review 2010) (Version: 10.0.0.108 - Autodesk, Inc.)
Autodesk Design Review 2010 (x32 Version: 10.0.0.108 - Autodesk, Inc.) Hidden
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
BetterDesktopTool Version 1.8 (HKLM-x32\...\{D51FADF8-48F9-4234-8BB5-9D99A973AC65}_is1) (Version: 1.8 - Florian Schwarz)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.33498 - BitTorrent Inc.)
Brother MFL-Pro Suite MFC-9120CN (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free DWG Viewer 7.2 (HKLM-x32\...\{90751489-B709-4D2F-8634-FEE00BFEC41A}) (Version: 7.2.0.69 - IGC)
Free YouTube Download version 3.2.39.604 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.39.604 - DVDVideoSoft Ltd.)
FreeCAD 0.13 (HKLM-x32\...\{2B2B5D2B-0F01-410B-843B-8F437FD75FBF}) (Version: 0.13.1828 - Juergen Riegel (FreeCAD@juergen-riegel.net))
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPS Tracker (HKLM-x32\...\{E887A789-E407-4387-8EFF-55D38E5AB8A8}) (Version: 1.0.0 - Coban)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
Hotspot Shield Toolbar for IE (HKLM-x32\...\IECT1561552) (Version: 6.20.0.10 - Hotspot Shield) <==== ATTENTION
HWiNFO64 Version 4.36 (HKLM\...\HWiNFO64_is1) (Version: 4.36 - Martin Malík - REALiX)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LISEGA 2D Library for AutoCAD (HKLM-x32\...\{219E76B8-5AAC-4FF6-858B-7E37A3711D1C}) (Version: 4.1.0.0 - LISEGA SE)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.40 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Smart File Advisor 1.2.0 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.2.0 - Filefacts.net)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
ThreatFire (HKLM-x32\...\3554AA4B-9B0B-451a-A269-2B5F53982209_is1) (Version:  - PC Tools)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.9.0 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)
YTD Video Downloader 4.8 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3476281182-1999910041-1381107984-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-3476281182-1999910041-1381107984-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe No File
CustomCLSID: HKU\S-1-5-21-3476281182-1999910041-1381107984-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe No File
CustomCLSID: HKU\S-1-5-21-3476281182-1999910041-1381107984-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3476281182-1999910041-1381107984-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-3476281182-1999910041-1381107984-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-3476281182-1999910041-1381107984-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3476281182-1999910041-1381107984-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)

==================== Restore Points  =========================

08-09-2014 07:42:28 Installed LISEGA 2D Library for AutoCAD
12-09-2014 16:45:01 Windows Update
19-09-2014 17:51:32 Geplanter Prüfpunkt
22-09-2014 06:03:22 avast! antivirus system restore point
22-09-2014 13:53:09 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter
22-09-2014 13:54:05 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-09-21 12:00 - 00000855 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {66BF11C1-A156-4148-BA67-AB865626A8F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-28] (Google Inc.)
Task: {79CEED31-D2BD-4F88-AA70-8097C66AF056} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {9424D783-5B9F-4679-911F-0E7059410843} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {9DA1A669-473B-4557-B5CB-D081E2C95AF5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {BA5069BC-AC7F-4CE3-AAAE-A83D3C216BCE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {DD15BCF3-949D-4CB2-8E20-F41FD2C23752} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-22] (AVAST Software)
Task: {EF51A320-388F-47A2-BC61-D3692A6A155D} - System32\Tasks\BetterDesktopTool => C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe [2014-06-18] ()
Task: {FB6CCE6E-C904-4CE6-AB99-F6811CB9357F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-28] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-08 22:35 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 20:47 - 2012-09-07 16:57 - 00559424 _____ () C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll
2013-11-08 22:51 - 2013-04-30 10:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2014-04-28 10:22 - 2011-04-01 11:26 - 01163264 ____R () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2014-04-28 10:22 - 2005-04-22 13:36 - 00143360 ____N () C:\windows\system32\BrSNMP64.dll
2014-09-22 15:50 - 2014-06-18 18:49 - 00402432 _____ () C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe
2014-09-22 15:50 - 2014-06-18 18:49 - 00305664 _____ () C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe
2014-09-22 08:03 - 2014-09-22 08:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-22 12:06 - 2014-09-22 12:06 - 02864640 _____ () C:\Program Files\AVAST Software\Avast\defs\14092200\algo.dll
2014-09-22 19:58 - 2014-09-22 19:58 - 02865152 _____ () C:\Program Files\AVAST Software\Avast\defs\14092201\algo.dll
2014-04-16 12:24 - 2014-04-01 08:07 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-04-16 12:24 - 2014-04-01 08:07 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-03-17 12:59 - 2014-03-17 12:59 - 00026488 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2014-03-17 12:58 - 2014-03-17 12:58 - 00082808 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2014-03-17 12:58 - 2014-03-17 12:58 - 00357752 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2014-04-28 10:22 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-09-20 16:41 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Michaelis Sebastian\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-06-20 15:12 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-20 15:12 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-20 15:12 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-22 08:03 - 2014-09-22 08:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-22 13:44 - 2014-04-01 08:07 - 00104328 _____ () C:\Users\Michaelis Sebastian\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
2014-06-20 15:12 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-20 15:12 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-11-08 22:15 - 2013-03-12 14:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-22 15:50 - 2014-06-18 18:48 - 00135680 _____ () C:\Program Files (x86)\BetterDesktopTool\HookLibrary.dll
2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-09-19 13:19 - 2014-09-19 13:19 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2014 09:31:07 PM) (Source: MsiInstaller) (EventID: 11310) (User: MichaelisSebast)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Michaelis Sebastian\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/22/2014 09:30:26 PM) (Source: MsiInstaller) (EventID: 11310) (User: MichaelisSebast)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Michaelis Sebastian\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/22/2014 04:50:06 PM) (Source: MsiInstaller) (EventID: 11310) (User: MichaelisSebast)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Michaelis Sebastian\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/22/2014 04:49:24 PM) (Source: MsiInstaller) (EventID: 11310) (User: MichaelisSebast)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Michaelis Sebastian\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/22/2014 03:54:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hsswd.exe, Version: 0.0.0.0, Zeitstempel: 0x51087583
Name des fehlerhaften Moduls: hsswd.exe, Version: 0.0.0.0, Zeitstempel: 0x51087583
Ausnahmecode: 0x40000015
Fehleroffset: 0x0002e394
ID des fehlerhaften Prozesses: 0x1824
Startzeit der fehlerhaften Anwendung: 0xhsswd.exe0
Pfad der fehlerhaften Anwendung: hsswd.exe1
Pfad des fehlerhaften Moduls: hsswd.exe2
Berichtskennung: hsswd.exe3

Error: (09/22/2014 01:44:32 PM) (Source: Autodesk Content Service) (EventID: 0) (User: )
Description: Service cannot be started. Connect.Exceptions.IndexingServiceException: IndexingServiceErrCodes:129:UnexpectedDatabase
   at Connect.MetaStore.MetaStorage.Initialize()
   at Connect.IVault.IVault.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/22/2014 00:00:56 PM) (Source: MsiInstaller) (EventID: 11310) (User: MichaelisSebast)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Michaelis Sebastian\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/22/2014 00:00:03 PM) (Source: MsiInstaller) (EventID: 11310) (User: MichaelisSebast)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Michaelis Sebastian\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/22/2014 08:05:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.2.5373, Zeitstempel: 0x541a8277
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.2.5373, Zeitstempel: 0x541a4d44
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x2b8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (09/22/2014 08:03:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary rjmvrgjq.

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (09/22/2014 09:34:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2014 09:24:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2014 09:14:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2014 09:04:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2014 08:54:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2014 08:44:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2014 08:34:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2014 08:24:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2014 08:14:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2014 08:04:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (08/19/2014 08:10:38 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 57 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/17/2014 06:34:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/28/2014 10:36:05 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/15/2014 07:31:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/15/2014 08:31:20 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/15/2014 08:29:58 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/15/2014 08:29:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/15/2014 08:26:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 39 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/17/2014 10:55:54 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 209 seconds with 180 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-06-20 08:50:57.156
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-20 08:50:57.156
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-20 08:50:57.156
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-20 08:50:57.126
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-20 08:50:57.126
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-20 08:50:57.116
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-19 09:59:08.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-19 09:59:08.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-19 09:59:08.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-19 09:59:08.918
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 21%
Total physical RAM: 16272.35 MB
Available physical RAM: 12714.2 MB
Total Pagefile: 32542.88 MB
Available Pagefile: 28829.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:919.41 GB) (Free:813.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 56E0A8AA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)

==================== End Of Log ============================
         

Alt 23.09.2014, 19:35   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Zitat:
Hotspot Shield Toolbar for IE
Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.09.2014, 13:00   #15
hellraiser88
 
Softwareinstallation blokiert. - Standard

Softwareinstallation blokiert.



Hallo Schrauber,

aus irgendeinem Grund findet das Programm Revo Uninstaller fast keine Programme die installiert sind.

In Systemsteuerung; Programme deinstallieren sind auch fast keine mehr aufzufinden +- 30 Stück.

Neuinstallierte Programme tauchen aber wieder in der Liste auf.

Antwort

Themen zu Softwareinstallation blokiert.
anderes, avg, avira, deaktiviert, deinstallation, dienst, entfernen, fehlermeldung, festgestellt, folge, forum, fund, funktionieren, funktioniert, kaspersky, malwarebytes, modus, netzwerkverbindung, nicht mehr, nichts, problem, programme, spybot, verschiedene, windows



Ähnliche Themen: Softwareinstallation blokiert.


  1. windows7 bösartige webseite blokiert
    Plagegeister aller Art und deren Bekämpfung - 27.10.2015 (41)
  2. Avira durch gruppenrichtlinie blokiert
    Log-Analyse und Auswertung - 16.03.2015 (21)
  3. Win 7, Addware durch Softwareinstallation (Programme, Umleitungen, neue Startseite und Suchmaschine, Browser Add-ons und Plug-Ins)
    Log-Analyse und Auswertung - 21.01.2015 (11)
  4. Search Protect wurde bei Softwareinstallation mitinstalliert
    Log-Analyse und Auswertung - 22.04.2014 (11)
  5. Aus Sicherheitsgründen wurde Windowssystem blokiert
    Plagegeister aller Art und deren Bekämpfung - 12.04.2012 (3)
  6. Aus Sicherheitsgründen wurde ihr Windossystem blokiert! 50€ zahlen?!
    Log-Analyse und Auswertung - 29.03.2012 (1)
  7. wegen sicherheitsproblem ist ihr windows system blokiert?
    Plagegeister aller Art und deren Bekämpfung - 20.03.2012 (31)
  8. Windowssystem durch Trojana blokiert
    Log-Analyse und Auswertung - 13.02.2012 (3)
  9. Mein windowssystem wurde blokiert
    Log-Analyse und Auswertung - 09.02.2012 (1)
  10. mein windowssystem wurde aus sicherheitsgründen blokiert
    Plagegeister aller Art und deren Bekämpfung - 04.02.2012 (1)
  11. Windows Systems blokiert...Trojaner :(
    Plagegeister aller Art und deren Bekämpfung - 19.01.2012 (7)
  12. Achtung! ihr System wurde aus Sicherheitsgründen blokiert
    Log-Analyse und Auswertung - 09.01.2012 (24)
  13. Windows blokiert zahle 50€ um es zu entsperren
    Log-Analyse und Auswertung - 03.01.2012 (4)
  14. Windows Blokiert, 50€ zur freischaltung
    Log-Analyse und Auswertung - 29.12.2011 (3)
  15. Adminrechte nach Softwareinstallation weg
    Plagegeister aller Art und deren Bekämpfung - 23.08.2011 (12)
  16. Trojaner endeckt>Blokiert AV,TaskM
    Log-Analyse und Auswertung - 29.08.2009 (1)
  17. Rechner sehr langsam und Fehlermeldung bei Softwareinstallation
    Log-Analyse und Auswertung - 27.07.2009 (2)

Zum Thema Softwareinstallation blokiert. - Hallo Forum, ich habe forgendes Problem: Seit einiger Zeit ist es nicht mehr möglich Programme auf meinem PC zu installierten (Windows7), wenn ich es versuche kommt immer folgende Fehlermeldung: Der - Softwareinstallation blokiert....
Archiv
Du betrachtest: Softwareinstallation blokiert. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.