| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Zip Datei geöffnet - anschließend Fehlermeldung Outlook & T-Online: 550 5.7.1 Send quota exceededWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.06.2014, 13:31
| #1 |
| |  Zip Datei geöffnet - anschließend Fehlermeldung Outlook & T-Online: 550 5.7.1 Send quota exceeded Hallo Bekämpfer der Trojaner, ich habe heute morgen eine E-Mail mit einer angeblichen Bestellung erhalten. Ich habe die enthaltene Zip DAtei heruntergeladen. Vor dem öffnen der Zip Datei habe ich die Datei mit Kaspersky Internet Security überprüft. Nachdem das Programm keine möglichen Viren bzw. Fehler aufgezeigt hat, habe ich die Zip Datei geöffnet. Als ich gesehen habe, dass in der Zip Datei eine EXE-Datei ist, habe ich diese als auch die E-Mail sofort gelöscht. Anschließend habe ich auch sofort den kompletten Computer auf Viren überprüft....alles ohne Befund! Jedoch kommt seit heute morgen bei jeder E-Mail die ich über Outlook und den T-Online Server rausschicke diese Fehlermeldung: Ihre Nachricht hat einige oder alle Empfänger nicht erreicht. Betreff: test Gesendet am: 02.06.2014 12:46 Folgende(r) Empfänger kann/können nicht erreicht werden: *****.***@me.com am 02.06.2014 12:46 550 5.7.1 Send quota exceeded, try again in 40463 seconds Ich habe nun Angst, dass ich mit dem öffnen der E-Mail bzw. der Zip-DAtei eine Malware auf dem Pc habe. Der Fehler könnte aber auch mein Angestellter produziert haben, denn er wollte heute morgen eine E-mail von 800 MB versenden. Da es sich hier um einen ArbeitsPC im Netzwerk handelt bräuchte ich schnellst möglich Klarheit, ob es sich um Malware oder um die zu Große E-Mail handelt. Wäre sehr dankbar wenn Ihr mir weiterhelfen könntet! VIELEN DANK FÜR EURE UNTERSTÜTZUNG. Beste Grüße RoterHugo Ich habe mich mir Forum weiterinformiert und bei anderen wolltet Ihr die FRST.txt Diese gebe ich Euch hiermit schonmal vorab: FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01
Ran by User1 (administrator) on USER-S-THINK on 02-06-2014 14:26:54
Running from C:\Users\User1\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Beratungstechnologie) D:\Software\NuernbergerBT\BTnet_0213\AVB_Steuerung\BTAVB_KomDienst.exe
(Beratungstechnologie) D:\Software\NuernbergerBT\BTnet_0214\AVB_Steuerung\BTAVB_KomDienst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Xerox Corporation) C:\Program Files (x86)\Xerox WorkCentre M24\Xerox PrintBack\XeroxPrintBack.exe
(Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
(NÜRNBERGER Versicherungsgruppe) C:\Program Files (x86)\NÜRNBERGER AutoUpdater\BT.Setup.Updater.TrayApp.exe
(RSA, The Security Division of EMC.) C:\Program Files (x86)\Common Files\RSA Shared\RSA Card Conversion Utility\RSACardConversionUtility.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\EvernoteClipper.exe
(Stardock) C:\Program Files (x86)\ObjectDockFree\ObjectDock.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.BTNET\MSSQL\Binn\sqlservr.exe
(NUERNBERGER Versicherungsgruppe) C:\Program Files (x86)\NuernbergerBT\BT.Net_Listener.exe
(Stardock) C:\Program Files (x86)\ObjectDockFree\Dock64.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(NÜRNBERGER Versicherungsgruppe) C:\Program Files (x86)\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe
(NUERNBERGER Versicherungsgruppe) C:\Program Files (x86)\NuernbergerBT\BT.Net_Listener.exe
() C:\Windows\SysWOW64\NMSAccess32.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Sun Microsystems, Inc.) D:\Software\NuernbergerBT\BTnet_0214\Dope\Dope-Mobile\utils\java_jdk_windows-x86-32\bin\javaw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663976 2010-12-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [Power Manager Power Agenda] => C:\Program Files (x86)\ThinkPad\Utilities\DPMHost.EXE [75064 2011-03-16] ()
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [RSA Card Conversion Utility] => C:\Program Files (x86)\Common Files\RSA Shared\RSA Card Conversion Utility\RSACardConversionUtility.exe [3499728 2010-08-27] (RSA, The Security Division of EMC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2073976 2012-03-14] (Flexera Software LLC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BTnetPortComm] => C:\Program Files (x86)\NuernbergerBT\BT.Net_Listener.exe [977536 2014-03-24] (NUERNBERGER Versicherungsgruppe)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2234112168-3842343836-2753211503-1000\...\Run: [SimpleSYN.NET] => C:\Program Files (x86)\SimpleSYN 2.1\CBN.SimpleSYN.NET.exe [2275696 2011-06-21] (creativbox.net, Torsten Leithold & Georg von Kries GbR)
HKU\S-1-5-21-2234112168-3842343836-2753211503-1000\...\Run: [Xerox PrintBack Agent] => C:\Program Files (x86)\Xerox WorkCentre M24\Xerox PrintBack\XeroxPrintBack.exe [1100800 2012-09-17] (Xerox Corporation)
HKU\S-1-5-21-2234112168-3842343836-2753211503-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1104256 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-2234112168-3842343836-2753211503-1000\...\MountPoints2: {03533146-0799-11e1-bd51-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-2234112168-3842343836-2753211503-1000\...\MountPoints2: {03533149-0799-11e1-bd51-806e6f6e6963} - E:\CDStart.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NÜRNBERGER AutoUpdater.lnk
ShortcutTarget: NÜRNBERGER AutoUpdater.lnk -> C:\Windows\Installer\{366D38BF-E12D-48FB-9F01-EEF3E7DCADEF}\BT.Setup.Updater.T_CD8CBA3468C240F981B372C3EA3FF361.exe (Acresso Software Inc.)
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BeratungsNavigator Schnellstarter.lnk
ShortcutTarget: BeratungsNavigator Schnellstarter.lnk -> D:\Software\Stuttgarter\.kevuSSLV\SAS\kqstarter.exe ()
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\ObjectDockFree\ObjectDock.exe (Stardock)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkcentre
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkcentre
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE467
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE467
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{716B5847-E678-47B8-8B1B-C88267AA18F1}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\gzyig8fc.default
FF Homepage: about:home|hxxp://www.assekuranz-kriebel.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\User1\AppData\Local\Citrix\Plugins\97\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\gzyig8fc.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\gzyig8fc.default\Extensions\2020Player_IKEA@2020Technologies.com [2012-07-18]
FF Extension: Pocket - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\gzyig8fc.default\Extensions\isreaditlater@ideashower.com [2013-06-28]
FF Extension: Evernote Web Clipper - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\gzyig8fc.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2013-12-19]
FF Extension: NoScript - C:\Users\User1\AppData\Roaming\Mozilla\Firefox\Profiles\gzyig8fc.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-13]
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-16]
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-16]
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-16]
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-16]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-16]
==================== Services (Whitelisted) =================
R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
U2 BTAVB_KomDienst_Vers_Btnet_1302; D:\Software\NuernbergerBT\BTnet_0213\AVB_Steuerung\BTAVB_KomDienst.exe [17920 2013-04-03] (Beratungstechnologie)
R2 BTAVB_KomDienst_Vers_Btnet_1402; D:\Software\NuernbergerBT\BTnet_0214\AVB_Steuerung\BTAVB_KomDienst.exe [17920 2013-04-03] (Beratungstechnologie)
S2 ISIS; C:\Windows\SysWOW64\ruv_isis.exe [231936 2009-10-07] (Bitpride)
S2 MSSQL$ARTBASE2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ARTBASE2008\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation)
R2 MSSQL$BTNET; C:\Program Files\Microsoft SQL Server\MSSQL10_50.BTNET\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation)
R2 NbgAutoUpdater; C:\Program Files (x86)\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe [23120 2013-12-05] (NÜRNBERGER Versicherungsgruppe)
R2 NMSAccessU; C:\Windows\SysWOW64\NMSAccess32.exe [71096 2009-01-12] ()
S4 SQLAgent$ARTBASE2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ARTBASE2008\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation)
S4 SQLAgent$BTNET; C:\Program Files\Microsoft SQL Server\MSSQL10_50.BTNET\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation)
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-16] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-16] (Kaspersky Lab ZAO)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-02 14:26 - 2014-06-02 14:27 - 00021920 _____ () C:\Users\User1\Downloads\FRST.txt
2014-06-02 14:26 - 2014-06-02 14:27 - 00000000 ____D () C:\FRST
2014-06-02 14:26 - 2014-06-02 14:26 - 02067456 _____ (Farbar) C:\Users\User1\Downloads\FRST64.exe
2014-06-02 11:22 - 2014-06-02 14:26 - 01441792 _____ () C:\Windows\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2014-06-02 11:04 - 2014-06-02 11:10 - 617286045 _____ () C:\Users\User1\Downloads\VHV_57.0.18.exe
2014-05-28 18:40 - 2014-05-28 18:40 - 00071818 _____ () C:\Users\User1\Desktop\Bestandsdaten_003983-000_20140526.EXE
2014-05-20 10:21 - 2014-05-19 01:22 - 00097009 _____ () C:\Users\User1\Desktop\DAT
2014-05-15 15:28 - 2014-05-15 15:28 - 00787771 _____ () C:\Users\User1\Downloads\vb-download-riester-aktion.zip
2014-05-15 15:27 - 2014-05-15 15:27 - 00100182 _____ () C:\Users\User1\Downloads\vb-download-aktion.zip
2014-05-14 17:34 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 17:34 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 17:34 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 17:34 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 17:34 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 17:34 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 10:32 - 2014-05-14 10:32 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 09:16 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 09:16 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 09:16 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 09:16 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 09:15 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 09:15 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 09:15 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 09:15 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 09:15 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 09:15 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 09:15 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 09:15 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 09:15 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 09:15 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 09:15 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 09:15 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 09:15 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 09:15 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 09:15 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 09:15 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 09:15 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 09:15 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 09:15 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 09:15 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 09:15 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 09:15 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 09:15 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 09:15 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 09:15 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 09:15 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 09:15 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 09:15 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 09:15 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 09:15 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 15:41 - 2014-05-13 15:41 - 00003174 _____ () C:\Windows\System32\Tasks\{6252A8A1-E62D-4B3E-88F8-3923822E39C3}
2014-05-12 11:46 - 2014-05-12 11:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-07 09:11 - 2014-05-07 09:11 - 00000000 ____D () C:\Users\User1\AppData\Roaming\DropboxMaster
2014-05-06 17:17 - 2014-05-15 08:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 11:04 - 2014-05-05 11:04 - 00000000 ____D () C:\Users\User1\AppData\Local\{0B8BE100-D60B-4D4C-8A21-6565C2D1B5E4}
==================== One Month Modified Files and Folders =======
2014-06-02 14:27 - 2014-06-02 14:26 - 00021920 _____ () C:\Users\User1\Downloads\FRST.txt
2014-06-02 14:27 - 2014-06-02 14:26 - 00000000 ____D () C:\FRST
2014-06-02 14:27 - 2012-01-17 09:03 - 00000000 ____D () C:\Users\User1\AppData\Local\Temp
2014-06-02 14:26 - 2014-06-02 14:26 - 02067456 _____ (Farbar) C:\Users\User1\Downloads\FRST64.exe
2014-06-02 14:26 - 2014-06-02 11:22 - 01441792 _____ () C:\Windows\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2014-06-02 13:37 - 2012-01-20 19:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-06-02 13:36 - 2011-11-05 12:36 - 02020971 _____ () C:\Windows\WindowsUpdate.log
2014-06-02 13:32 - 2012-04-19 11:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-02 12:27 - 2012-01-21 14:39 - 00000000 ____D () C:\Users\User1\Documents\Outlook-Dateien
2014-06-02 12:24 - 2012-01-21 14:36 - 00000000 ____D () C:\Users\User1\AppData\Local\SimpleSYN
2014-06-02 12:06 - 2014-01-07 13:38 - 00016982 _____ () C:\Windows\VFRAME32.INI
2014-06-02 11:41 - 2014-01-07 13:38 - 00001106 _____ () C:\Windows\DOCS.INI
2014-06-02 11:41 - 2013-10-14 11:14 - 00001330 _____ () C:\Windows\CAF.INI
2014-06-02 11:41 - 2012-05-29 16:54 - 07727616 ___SH () C:\Users\User1\Desktop\Thumbs.db
2014-06-02 11:41 - 2012-02-07 13:40 - 00000907 _____ () C:\Windows\VPMS.INI
2014-06-02 11:41 - 2012-01-21 13:34 - 00001037 _____ () C:\Windows\ODBC.INI
2014-06-02 11:39 - 2011-11-05 12:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-02 11:10 - 2014-06-02 11:04 - 617286045 _____ () C:\Users\User1\Downloads\VHV_57.0.18.exe
2014-06-02 09:32 - 2012-01-17 09:03 - 00003500 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-06-02 09:32 - 2012-01-17 09:03 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-06-02 09:32 - 2012-01-17 09:03 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-06-02 09:11 - 2012-01-17 09:03 - 00006116 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-06-02 09:11 - 2012-01-17 09:03 - 00000624 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-02 09:07 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-02 09:07 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-02 08:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 18:40 - 2014-05-28 18:40 - 00071818 _____ () C:\Users\User1\Desktop\Bestandsdaten_003983-000_20140526.EXE
2014-05-27 14:48 - 2012-10-29 13:51 - 00000000 ____D () C:\ProgramData\firebird
2014-05-23 08:47 - 2009-07-14 06:45 - 00445608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-22 16:56 - 2012-02-28 11:30 - 00000000 ___RD () C:\Users\User1\Dropbox
2014-05-22 16:22 - 2012-01-20 19:42 - 00126096 _____ () C:\Users\User1\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-22 14:40 - 2012-02-28 11:28 - 00000000 ____D () C:\Users\User1\AppData\Roaming\Dropbox
2014-05-22 14:29 - 2014-02-20 11:47 - 00326144 ___SH () C:\Users\User1\Downloads\Thumbs.db
2014-05-19 01:22 - 2014-05-20 10:21 - 00097009 _____ () C:\Users\User1\Desktop\DAT
2014-05-16 12:57 - 2012-02-28 11:30 - 00001033 _____ () C:\Users\User1\Desktop\Dropbox.lnk
2014-05-16 12:57 - 2012-02-28 11:28 - 00000000 ____D () C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-15 15:54 - 2014-04-24 12:35 - 00000000 ____D () C:\Users\User1\Documents\HALLESCHE Tarifsoftware
2014-05-15 15:28 - 2014-05-15 15:28 - 00787771 _____ () C:\Users\User1\Downloads\vb-download-riester-aktion.zip
2014-05-15 15:27 - 2014-05-15 15:27 - 00100182 _____ () C:\Users\User1\Downloads\vb-download-aktion.zip
2014-05-15 13:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 11:40 - 2012-02-29 10:57 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-15 08:55 - 2012-01-17 09:26 - 00000000 ___RD () C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 08:55 - 2012-01-17 09:26 - 00000000 ___RD () C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 08:51 - 2014-05-06 17:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 08:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 17:35 - 2012-01-20 20:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 17:32 - 2013-08-15 19:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 17:31 - 2012-02-02 10:05 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 10:32 - 2014-05-14 10:32 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 10:32 - 2012-04-19 11:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 10:32 - 2012-04-19 11:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 10:32 - 2012-01-26 10:11 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 15:41 - 2014-05-13 15:41 - 00003174 _____ () C:\Windows\System32\Tasks\{6252A8A1-E62D-4B3E-88F8-3923822E39C3}
2014-05-13 15:41 - 2012-01-25 11:35 - 00000000 ____D () C:\Temp
2014-05-13 08:58 - 2012-04-25 16:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 11:46 - 2014-05-12 11:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-14 09:16 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 09:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 14:31 - 2014-04-17 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER BTnet 02.2014
2014-05-07 10:47 - 2014-03-12 12:00 - 00000000 ____D () C:\Users\User1\Desktop\Praxis Dr. Heiner Eckelmann - BAV
2014-05-07 10:47 - 2014-02-26 16:49 - 00832611 _____ () C:\Users\User1\Desktop\Unfallversicherung.pptx
2014-05-07 09:11 - 2014-05-07 09:11 - 00000000 ____D () C:\Users\User1\AppData\Roaming\DropboxMaster
2014-05-06 06:40 - 2014-05-14 17:34 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 17:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 17:34 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 17:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 17:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 17:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 11:04 - 2014-05-05 11:04 - 00000000 ____D () C:\Users\User1\AppData\Local\{0B8BE100-D60B-4D4C-8A21-6565C2D1B5E4}
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-19 10:15
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2014 01
Ran by User1 at 2014-06-02 14:27:30
Running from C:\Users\User1\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
BeratungsNavigator Januar 2014 (HKCU\...\InstallShield_{9B8DF27F-FF21-45A7-880E-51ABB8A0E2A5}) (Version: 42.00.0000 - Stuttgarter Lebensversicherung a.G.)
BeratungsNavigator Januar 2014 (x32 Version: 42.00.0000 - Stuttgarter Lebensversicherung a.G.) Hidden
BTnet (x32 Version: 14.02.2.1 - NÜRNBERGER Beratungstechnologie) Hidden
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Business plus+ (HKCU\...\d7d997e86766123f) (Version: 1.1.0.128 - BCA)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Citrix Presentation Server Client (HKLM-x32\...\{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}) (Version: 10.00.52110 - Citrix Systems, Inc.)
Concordia Software (HKLM-x32\...\{9042194C-8E97-4CAD-A2B0-6FD1A10F609E}) (Version: 2.40.0000 - Concordia Versicherungsgesellschaft a.G.)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Dienstprogramme für Xerox WorkCentre 6605 Ver.1.0.0.1 (HKLM-x32\...\{63C4C8DB-0D95-41D0-95FA-A28AE5A3116C}) (Version: 1.0.0.1 - Xerox)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
EAS (HKLM-x32\...\EAS) (Version: - )
Evernote v. 4.6.4 (HKLM-x32\...\{DDAFC46A-90E2-11E2-B700-984BE15F174E}) (Version: 4.6.4.8136 - Evernote Corp.)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version: - )
GoToMeeting 6.0.0.1259 (HKCU\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
HALLESCHE Tarifsoftware (HKLM-x32\...\HALLESCHE Tarifsoftware) (Version: - )
HanseMerkur-Tarife (HKLM-x32\...\HanseMerkur-Tarife) (Version: - )
HN HNPKV (HKLM-x32\...\HN HNPKV) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2279 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
LV1871 Tarifsoftware (HKLM-x32\...\{D3A8EE78-C9B9-44C8-905E-E6E1593A8240}) (Version: 8.11.0074 - Lebensversicherung von 1871 a.G. München)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64 Bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64 Bit) (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{992B55F9-FD13-42C5-8B3C-B7E9F998A969}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2-Setup (Deutsch) (HKLM\...\{8E7A48F0-44F6-4ECD-86E1-C345CDD35791}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{8DD113A8-811A-404E-A4D7-443D014946AC}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XML Parser (x32 Version: 8.70.1104.04 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NativeJ (HKLM-x32\...\{C7302C37-D85A-48EB-8930-E0E1EDDC5E94}) (Version: 13.3.17 - Versicherungskammer Bayern - 7IV02)
NÜRNBERGER AutoUpdater (HKLM-x32\...\{366D38BF-E12D-48FB-9F01-EEF3E7DCADEF}) (Version: 1.4 - NÜRNBERGER Versicherungsgruppe)
NÜRNBERGER AVB_Steuerung_Dope (x32 Version: 13.01.0002 - NÜRNBERGER Versicherungsgruppe) Hidden
NÜRNBERGER AVB_Steuerung_Dope (x32 Version: 13.02.10.0001 - NÜRNBERGER Versicherungsgruppe) Hidden
NÜRNBERGER AVB_Steuerung_Dope (x32 Version: 14.02.1 - NÜRNBERGER Versicherungsgruppe) Hidden
NÜRNBERGER BTnet 02.2014 (HKLM-x32\...\{38D5E4F6-057B-4EEC-9856-8717C93BCDCF}) (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER CompassDB (x32 Version: 13.02.20.0001 - Nürnberger Beratungstechnologie) Hidden
NÜRNBERGER DOKnet (HKLM-x32\...\{6588F598-F01F-4DF9-BE89-DAEA037BE4DD}) (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER PortCommunication BtNet (HKLM-x32\...\{76778E24-C677-4A7C-8602-89E0C3AD349E}) (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER StepOver eSignatureOffice45 (HKLM-x32\...\{330AEB9B-5B34-4B84-B7E8-92D3FE1CF1E2}) (Version: 1.02.0003 - NÜRNBERGER Beratungstechnologie on behalf of StepOver GmbH)
ObjectDock Free (HKLM-x32\...\ObjectDock Free) (Version: 2.0 - Stardock Corporation)
ObjectDock Free (x32 Version: 2.0 - Stardock Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
R+V CONNECT (HKLM-x32\...\{599F073B-2A3E-4366-84E0-F07F260763A2}) (Version: 3.00.0000 - R+V Versicherung)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6265 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RSA SecurID Software Token (HKLM-x32\...\{24C4AC5A-67A4-4E1D-B30C-8C7A01712607}) (Version: 4.1.0 - RSA, The Security Division of EMC)
RSA Smart Card Middleware 3.5 (HKLM-x32\...\{AC2F9FCC-170E-4B0B-84AB-7307A373570F}) (Version: 3.5.3.36 - RSA, The Security Division of EMC)
RV-SysInfo (HKLM-x32\...\{7D4A2D91-A497-4E02-8244-5C3FB1A3F4E7}) (Version: 4.60.0003 - R+V Versicherung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Service Pack 2 für SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SimpleSYN 2.1 (HKLM-x32\...\{9F8233F4-80FA-4AF4-B828-9F5805989D92}) (Version: 2.1.4189 - creativbox.net)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQLAnywhere11 (HKLM-x32\...\SQLAnywhere11) (Version: - )
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0039 - Lenovo)
ThinkVantage Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 1.05.0009 - Lenovo Group Limited)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
VHV RECOMAX (HKLM-x32\...\{53CFF9B1-4ED7-4114-8ECF-ADD13BC8AC57}) (Version: 7.00 - VHV Allgemeine Versicherung AG)
VHV-Tarifprogramm (HKLM-x32\...\{84B284E2-D3D3-4DA8-AF85-86B0572F5207}) (Version: 57.0.18 - VHV Allgemeine Versicherung AG)
View Management Utility (HKLM-x32\...\InstallShield_{C6254514-DD94-45E5-87C0-B9CB90A34C89}) (Version: 2.1.11.0313 - Lenovo)
View Management Utility (Version: 2.1.11.0313 - Lenovo) Hidden
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
VKB Angebotsprogramme (HKLM-x32\...\{44C2D882-C093-3EEA-B108-FA3DD54935D4}) (Version: 13.3.01114 - Versicherungskammer Bayern (VKB))
VOLKSWOHL BUND - Angebotsprogramm Komfort (HKLM-x32\...\{C20B2271-69D4-11D4-A951-08005AD260A8}) (Version: 14.2.0 - VOLKSWOHL BUND Versicherungen)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows-Treiberpaket - Intel Corporation (igfx) Display (01/07/2011 8.15.10.2279) (HKLM\...\812A7B18A108DDFB30CF501D85DF544856235AE0) (Version: 01/07/2011 8.15.10.2279 - Intel Corporation)
Windows-Treiberpaket - Intel hdc (09/10/2010 9.2.0.1011) (HKLM\...\171901D8B4D5484C362A709BF264A50F065A14FB) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\8058FF31D7C7F4818DC176DAF53CD379968C86E4) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)
Windows-Treiberpaket - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows-Treiberpaket - Microsoft (USBCCID) SmartCardReader (05/17/2005 5.2.3790.2444) (HKLM\...\E38B2136962D21A7BDE5AAC98CD1C6EA6B6D0687) (Version: 05/17/2005 5.2.3790.2444 - Microsoft)
Windows-Treiberpaket - Realtek (RSUSBSTOR) USB (12/01/2010 6.1.7600.30127) (HKLM\...\A9B611D00F738A4FA650BF91A26C355FB188BFBD) (Version: 12/01/2010 6.1.7600.30127 - Realtek)
Windows-Treiberpaket - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010) (HKLM\...\709218CE85195A82A3CF38A2DCA12D470F54FBE1) (Version: 12/29/2010 7.037.1229.2010 - Realtek)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (12/10/2010 6.0.1.6265) (HKLM\...\A90E1088325AFBD3434009078584361E3C382241) (Version: 12/10/2010 6.0.1.6265 - Realtek Semiconductor Corp.)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (12/10/2010 6.0.1.6265) (HKLM\...\CAF9F19A892F138F76721B44D0DEF2B77D0E2032) (Version: 12/10/2010 6.0.1.6265 - Realtek Semiconductor Corp.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xerox Netzwerkscanner-Hilfsprogramm2 (HKLM-x32\...\{81C9205D-3BC2-4059-A303-61405032A482}) (Version: - )
Xerox PrintBack (HKLM-x32\...\{1FCCF1F0-1A66-40F3-BEA3-63D8E42FF631}) (Version: 1.2.0.493 - Xerox)
==================== Restore Points =========================
14-05-2014 15:29:24 Windows Update
21-05-2014 07:04:18 Windows Update
28-05-2014 11:24:42 Geplanter Prüfpunkt
30-05-2014 10:37:03 Windows Update
02-06-2014 09:33:41 Installiert Tarifprogramm
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {51C01C68-5698-42BB-8E37-D9FC0BFA5B1F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {679ACF27-62C9-4C25-8C7E-E25C9156A537} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {97EDCCE3-208F-4C21-A8E8-427669FE4ABD} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {A70E6EAE-26C8-4819-AF2F-AB02C2A5155F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {AF907C1D-A4EA-4039-8551-86861861E810} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {BE39A838-E435-4513-ACE7-D61216EA4F7A} - System32\Tasks\{976BF153-9302-4ABC-BF22-C4AEFD697948} => C:\Program Files (x86)\Xerox WorkCentre M24\Netzwerk-Scannen\XrsUt12.exe
Task: {C180364D-9A9D-4850-BF39-6EBA4DC5671F} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {F63ED2AC-E2A5-43E1-BFB9-24D27F5ADA65} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-16] (Lenovo Group Limited)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2010-10-04 19:54 - 2010-10-04 19:54 - 00776704 _____ () C:\Program Files (x86)\ObjectDockFree\Dock64.dll
2011-11-05 21:15 - 2011-01-07 10:57 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-11-05 12:39 - 2011-01-05 19:05 - 00035840 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2009-01-12 08:15 - 2009-01-12 08:15 - 00071096 _____ () C:\Windows\SysWOW64\NMSAccess32.exe
2009-05-27 23:09 - 2009-05-27 23:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\libxml2.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\libtidy.dll
2010-10-04 19:54 - 2010-10-04 19:54 - 00807936 _____ () C:\Program Files (x86)\ObjectDockFree\CrashRpt.dll
2010-10-04 19:54 - 2010-10-04 19:54 - 00053760 _____ () C:\Program Files (x86)\ObjectDockFree\zlib.dll
2010-10-04 19:54 - 2010-10-04 19:54 - 00675840 _____ () C:\Program Files (x86)\ObjectDockFree\DockShellHook.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2011-06-21 17:05 - 2011-06-21 17:05 - 00042352 _____ () C:\Program Files (x86)\SimpleSYN 2.1\CBN.SimpleSYN.Ipc.XmlSerializers.dll
2014-05-12 11:46 - 2014-05-12 11:46 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-14 10:32 - 2014-05-14 10:32 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^User1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/02/2014 00:31:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm aBSetupFX.exe, Version 17.1.5266.12230 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ff8
Startzeit: 01cf7e4cde93cc44
Endzeit: 16
Anwendungspfad: C:\Users\User1\AppData\Local\Temp\artBase Setup\aBSetupFX.exe
Berichts-ID: 18c047bf-ea41-11e3-b21f-8c89a53f00ea
Error: (06/02/2014 08:59:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/30/2014 00:32:16 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/30/2014 00:32:15 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/30/2014 00:32:15 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/30/2014 00:32:15 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (05/30/2014 00:32:08 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/30/2014 00:32:08 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (05/30/2014 00:32:08 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/30/2014 00:32:08 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (06/02/2014 08:58:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server (ARTBASE2008)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/02/2014 08:58:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SQL Server (ARTBASE2008) erreicht.
Error: (05/30/2014 00:32:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/30/2014 00:32:16 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (05/30/2014 00:30:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server (ARTBASE2008)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/30/2014 00:30:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SQL Server (ARTBASE2008) erreicht.
Error: (05/28/2014 06:16:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Power Manager DBC Service erreicht.
Error: (05/28/2014 09:18:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/28/2014 09:18:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (05/28/2014 09:18:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (06/02/2014 00:31:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: aBSetupFX.exe17.1.5266.122301ff801cf7e4cde93cc4416C:\Users\User1\AppData\Local\Temp\artBase Setup\aBSetupFX.exe18c047bf-ea41-11e3-b21f-8c89a53f00ea
Error: (06/02/2014 08:59:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/30/2014 00:32:16 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/30/2014 00:32:15 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/30/2014 00:32:15 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/30/2014 00:32:15 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (05/30/2014 00:32:08 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (05/30/2014 00:32:08 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (05/30/2014 00:32:08 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
Error: (05/30/2014 00:32:08 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
4700
CodeIntegrity Errors:
===================================
Date: 2014-05-16 15:00:05.806
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-16 15:00:05.790
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-16 15:00:05.790
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-16 15:00:05.790
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-16 14:58:24.686
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-16 14:58:24.686
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:33:26.369
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:33:26.369
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:33:26.353
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:33:26.353
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 71%
Total physical RAM: 3944.39 MB
Available physical RAM: 1111.15 MB
Total Pagefile: 7886.97 MB
Available Pagefile: 4023.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:227.96 GB) (Free:142.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Volume) (Fixed) (Total:226.86 GB) (Free:213.93 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:1.67 GB) NTFS
Drive v: (TREKSTOR) (Network) (Total:465.65 GB) (Free:197.1 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 13381DAA)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=228 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=227 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
02.06.2014, 15:04
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Zip Datei geöffnet - anschließend Fehlermeldung Outlook & T-Online: 550 5.7.1 Send quota exceeded Hi und
__________________ ist das ein gewerblich genutztes System?
__________________ |
|
02.06.2014, 16:39
| #3 |
| | Zip Datei geöffnet - anschließend Fehlermeldung Outlook & T-Online: 550 5.7.1 Send quota exceeded Vielen dank für die Begrüßung!
__________________Ja ist gewerblich! Warum fragst du? |
|
02.06.2014, 21:17
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Zip Datei geöffnet - anschließend Fehlermeldung Outlook & T-Online: 550 5.7.1 Send quota exceeded Weil wir hier nicht den Job deines Admins übernehmen Siehe auch http://www.trojaner-board.de/108422-...-anfragen.html Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Zip Datei geöffnet - anschließend Fehlermeldung Outlook & T-Online: 550 5.7.1 Send quota exceeded |
| again, association, bräuchte, computer, datei, e-mail, ebanking, erhalte, fehler, fehlermeldung, gesendet, heute, interne, internet, kaspersky, malware, malware / spyware, morgen, mögliche, nachricht, netzwerk, ohne befund, outlook, programm, security, server, trojaner, viren, zip anhang, zip datei, zip datei geöffnet, öffnen |
Linear-Darstellung
