Hi deeprybka,
sorry für meine späte Rückmeldung, die Grippe legte mich lang.
Hatte das GVU Fenster bereits durch einen ESET-Intensivsuchlauf knacken können.
Als erstes mal das Log direkt nach dem Fix, vor dem reboot Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-04-2014 01
Ran by Jürgen at 2014-04-14 10:33:35 Run:1
Running from D:\
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
S2 Winmgmt; C:\Users\JRGEN~1.TK\AppData\Local\Temp\z8h2zclcl.cpp [X]
2014-04-02 01:15 - 2014-04-02 01:15 - 00229769 _____ (Microsoft Corporation) C:\ProgramData\n3fl4oo.cpp
Startup: C:\Users\Jürgen.TK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lclcz2h8z.lnk
ShortcutTarget: lclcz2h8z.lnk -> C:\Users\JRGEN~1.TK\AppData\Local\Temp\z8h2zclcl.cpp (No File)
Startup: C:\Users\Jürgen.TK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\oo4lf3n.lnk
ShortcutTarget: oo4lf3n.lnk -> C:\Users\JRGEN~1.TK\AppData\Local\Temp\n3fl4oo.cpp (No File)
C:\Users\JRGEN~1.TK\AppData\Local\Temp\z8h2zclcl.cpp [X]
*****************
Winmgmt => Service restored successfully.
C:\ProgramData\n3fl4oo.cpp => Moved successfully.
C:\Users\Jürgen.TK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lclcz2h8z.lnk => Moved successfully.
C:\Users\JRGEN~1.TK\AppData\Local\Temp\z8h2zclcl.cpp not found.
C:\Users\Jürgen.TK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\oo4lf3n.lnk => Moved successfully.
C:\Users\JRGEN~1.TK\AppData\Local\Temp\n3fl4oo.cpp not found.
"C:\Users\JRGEN~1.TK\AppData\Local\Temp\z8h2zclcl.cpp [X]" => File/Directory not found.
The system needed a reboot.
==== End of Fixlog ====
Hier das FRST.log direkt nach dem reboot
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-04-2014 01
Ran by Jürgen (administrator) on JT on 14-04-2014 10:38:02
Running from D:\
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESTOS GmbH) C:\Windows\system32\EACUSrv.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TPMX Electronics Ltd.) C:\Program Files\Lenovo\Mouse Suite\ico.exe
() C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
(Lenovo (Shenzhen) Electronic Co., Ltd.) C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(GFi) C:\Program Files\GFI\FAXmaker Client\fmstart.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(ESTOS GmbH) C:\Program Files\ESTOS\ProCall 4\ECtiClient.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\Lenovo\Mouse Suite\FSRremoS.EXE
(sw4you, Siegfried Weckmann) C:\Program Files\Hardcopy\hardcopy.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
(Dropbox, Inc.) C:\Users\Jürgen.TK\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ESTOS GmbH) C:\Program Files\ESTOS\ProCall 4\Communicator.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Mouse Suite 98 Daemon] => C:\Program Files\Lenovo\Mouse Suite\ICO.EXE [65536 2009-01-04] (TPMX Electronics Ltd.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [141848 2009-08-02] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [174104 2009-08-02] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [151064 2009-08-02] (Intel Corporation)
HKLM\...\Run: [PWMTRV] => C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL [622592 2009-08-11] (Lenovo Group Limited)
HKLM\...\Run: [PWRAGD] => C:\Program Files\ThinkPad\Utilities\DPMHost.EXE [72256 2009-08-13] ()
HKLM\...\Run: [Message Center Plus] => C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [49976 2009-05-27] ()
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [244208 2009-08-04] (Sonic Solutions)
HKLM\...\Run: [LenovoFSC] => C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe [49152 2009-07-29] (Lenovo (Shenzhen) Electronic Co., Ltd.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [FMStart] => C:\Program Files\GFI\FAXmaker Client\fmstart.exe [151633 2008-11-11] (GFi)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM\...\Run: [IminentMessenger] => C:\Program Files\Iminent\Iminent.Messengers.exe
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [3158584 2013-02-14] (ESET)
HKLM\...\Run: [ECtiClient] => C:\Program Files\ESTOS\ProCall 4\eCtiClient.exe [22863648 2014-03-04] (ESTOS GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1174016 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1174016 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1485710523-4015343456-4157109710-1144\...\Run: [iLivid] => "C:\Users\Jürgen.TK\AppData\Local\iLivid\iLivid.exe" -autorun
AppInit_DLLs: c:\progra~1\movies~1\datamngr\mgrldr.dll => c:\progra~1\movies~1\datamngr\mgrldr.dll File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
Startup: C:\Users\Jürgen.TK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jürgen.TK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jürgen.TK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkcentre
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=695&systemid=406&v=a11465-226&apn_uid=4978090350894071&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {EE79FE94-1671-4F12-9C25-5EC0C2232EA0} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - Software URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {C43BB2B0-6194-4DA1-B962-949E6A34DD4E} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {D02C66A7-5B04-4CEB-A89C-F9E1706CA650} URL =
SearchScopes: HKCU - {EE79FE94-1671-4F12-9C25-5EC0C2232EA0} URL = https://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - No File
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - Lenovo ThinkVantage Toolbox - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll (PC-Doctor, Inc.)
Toolbar: HKLM - No Name - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - No File
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {03056933-A3B0-493C-B67E-4FF483BFBF49} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Gantt_Chart.cab
DPF: {06314967-EECF-11D2-9D64-0000949887BE} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_ERM_ContentSync.cab
DPF: {0818A591-5276-4930-BC76-0D42F6EA1450} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Marketing_Allocation.cab
DPF: {1D73E847-908C-4468-89D5-112DABB9A61E} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_UInbox.cab
DPF: {1E4FF862-57ED-4E5C-9C57-3ECB8DC17827} hxxp://172.25.47.250/ePlusDVR.cab
DPF: {3BEB9B4B-227D-48F8-A8E6-562907748DAD} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Marketing_HTML_Editor.cab
DPF: {43083A36-3B86-466A-92CA-71503BB8BF15} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Test_Automation.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} hxxp://radax.dyndns.info:84/RtspVaPgDec.cab
DPF: {5FB18797-0E68-435E-A01F-C4E5754A4CB0} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_HI_Client.cab
DPF: {6A93528B-8657-4CC2-8BCA-9A6A72D09623} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Hospitality_Gantt.cab
DPF: {71B83EEB-817D-432D-87D5-76108AFC3DD5} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Calendar.cab
DPF: {80D54C86-1F4B-459D-9187-C7852DEC1037} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_CTI_Toolbar.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8C244272-1DC1-4CE7-9C6C-FABCA09EB543} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Desktop_Integration.cab
DPF: {8EC26986-77B5-4CC5-8BF0-A12473D41334} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Prodselection.cab
DPF: {9E16250E-8777-4D9D-B178-BA9BF728DC05} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Marketing_Calendar.cab
DPF: {B0EA311D-EC36-40FB-BCEC-70FEB1CC83F0} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Smartscript.cab
DPF: {B4CB8358-ABDB-47EE-BC2D-437B5DEBABCB} hxxp://radax.dyndns.info:86/AxViewer/AxMediaControl.cab
DPF: {B624466D-8B11-4569-886C-E39739941D84} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_OutBound_mail.cab
DPF: {B6F5DEC1-EAD6-4F8C-9998-C903E05FCDFD} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_Microsite_Layout.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F86BCFF3-743B-4F11-92AB-D8538FF4BA53} https://siebelsales.sky.de/ecommunications_deu/20423/applets/SiebelAx_iHelp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.25.47.10
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2014-03-12]
Chrome:
=======
CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-695&v=a11465-226&t=4
CHR RestoreOnStartup: "sync_promo" : {
"startup_count" : 4,
"user_skipped"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=695&systemid=406&v=a11465-226&apn_uid=4978090350894071&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Jürgen.TK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-07]
CHR Extension: (Google Drive) - C:\Users\Jürgen.TK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-07]
CHR Extension: (YouTube) - C:\Users\Jürgen.TK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-07]
CHR Extension: (Google Search) - C:\Users\Jürgen.TK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-07]
CHR Extension: (Google Wallet) - C:\Users\Jürgen.TK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Jürgen.TK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-04-14]
CHR Extension: (Gmail) - C:\Users\Jürgen.TK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-07]
========================== Services (Whitelisted) =================
R2 EACUSrv; C:\Windows\system32\EACUSrv.exe [7080776 2013-11-01] (ESTOS GmbH)
S3 edsservice; C:\Program Files\ESTOS\ProCall 4\EDeskShareService.exe [702272 2014-03-04] (ESTOS GmbH)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [33136 2013-02-14] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [1020304 2013-02-14] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [183944 2013-02-14] (ESET)
R2 MSSQL$KNXETS4; C:\Program Files\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe [43129288 2012-06-29] (Microsoft Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-04] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-04] (Sonic Solutions)
S2 RoxLiveShare10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [309744 2009-08-04] (Sonic Solutions)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S4 SQLAgent$KNXETS4; C:\Program Files\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\SQLAGENT.EXE [379848 2012-06-29] (Microsoft Corporation)
U2 SUService; c:\Program Files\Lenovo\System Update\SUService.exe [15872 2009-08-13] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [175288 2013-02-04] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [171680 2013-04-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [124848 2013-02-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [155224 2013-02-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [34208 2013-02-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [47056 2013-02-04] (ESET)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [57536 2008-03-13] (FTDI Ltd.)
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R2 Haspnt; C:\Windows\system32\drivers\Haspnt.sys [47616 2013-06-24] (Aladdin Knowledge Systems)
R3 Pei10Wdm; C:\Windows\System32\Drivers\Pei10Wdm.sys [35547 2002-08-15] (EIBA s.c.)
R3 Pei16Wdm; C:\Windows\System32\Drivers\Pei16Wdm.sys [34683 2002-09-19] (EIBA s.c.)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [249288 2012-06-29] (Microsoft Corporation)
R3 SuperIO; C:\Windows\System32\DRIVERS\spio.sys [11720 2009-06-05] ()
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-14 09:56 - 2014-04-14 09:56 - 00000000 ____D () C:\Users\Jürgen.TK\AppData\Roaming\QuickScan
2014-04-14 09:50 - 2009-06-10 23:39 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140414-095043.backup
2014-04-14 09:42 - 2014-04-14 09:42 - 00002134 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-04-14 09:41 - 2014-04-14 10:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-14 09:41 - 2014-04-14 09:44 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-04-14 09:41 - 2014-04-14 09:41 - 00000000 ____D () C:\Users\Jürgen.TK\Desktop\Spybot
2014-04-14 09:41 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-04-14 08:23 - 2014-04-14 08:23 - 00034443 _____ () C:\Users\Jürgen.TK\Desktop\gemsmantel_Reportformular SysStabV1.xlsx
2014-04-09 03:07 - 2014-02-24 04:05 - 11020800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 03:07 - 2014-02-24 04:05 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 03:07 - 2014-02-24 04:05 - 02078208 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 03:07 - 2014-02-24 04:05 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 03:07 - 2014-02-24 04:05 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 03:07 - 2014-02-24 04:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 03:07 - 2014-02-24 04:05 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 03:07 - 2014-02-24 04:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 03:07 - 2014-02-24 04:05 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 03:07 - 2014-02-24 04:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 03:07 - 2014-02-24 03:15 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 03:07 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 03:07 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 03:07 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 03:07 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 03:07 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 03:04 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-05 00:42 - 2014-04-14 10:38 - 00000000 ____D () C:\FRST
2014-04-04 16:05 - 2014-04-04 16:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-04 16:05 - 2014-04-04 16:05 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-04 16:05 - 2014-04-04 16:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-04 16:05 - 2014-04-04 16:05 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\ESTOS
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\ESET
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Apple Computer
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\Google
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\ESTOS
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\ESET
2014-04-04 14:11 - 2014-04-04 14:13 - 103335704 _____ (Microsoft Corporation) C:\Users\Jürgen.TK\Downloads\msert.exe
2014-03-31 09:38 - 2014-03-31 09:38 - 00000000 ____D () C:\Users\Jürgen.TK\AppData\Local\KNX
2014-03-31 09:35 - 2014-03-31 09:35 - 00002429 _____ () C:\Users\Public\Desktop\ETS4.lnk
2014-03-31 09:35 - 2014-03-31 09:35 - 00000000 ____D () C:\ProgramData\KNX
2014-03-31 09:35 - 2014-03-31 09:35 - 00000000 ____D () C:\Program Files\ETS4
2014-03-31 09:35 - 2014-03-31 09:35 - 00000000 ____D () C:\Program Files\Ets3PlugIn
2014-03-31 09:35 - 2014-03-31 09:35 - 00000000 ____D () C:\Program Files\Common Files\Elka Shared
2014-03-31 09:31 - 2014-03-31 09:32 - 00000000 ____D () C:\Windows\system32\js
2014-03-31 09:31 - 2014-03-31 09:32 - 00000000 ____D () C:\Windows\system32\html
2014-03-31 09:31 - 2014-03-31 09:31 - 00000000 ____D () C:\Windows\system32\prompting
2014-03-31 09:31 - 2014-03-31 09:31 - 00000000 ____D () C:\Windows\system32\images
2014-03-31 09:31 - 2014-03-31 09:31 - 00000000 ____D () C:\Windows\system32\css
2014-03-31 09:26 - 2012-06-29 01:22 - 00082888 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$KNXETS4-sqlctr10.52.4000.0.dll
2014-03-31 09:26 - 2012-06-29 01:22 - 00057288 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL10_50.KNXETS4-sqlagtctr.dll
2014-03-31 09:25 - 2014-03-31 09:25 - 00000000 ____D () C:\Windows\system32\RsFx
2014-03-31 09:23 - 2014-03-31 09:23 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 9.0
2014-03-31 09:21 - 2014-03-31 09:21 - 00000000 ____D () C:\Windows\system32\1033
2014-03-31 09:15 - 2014-03-31 09:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-30 14:34 - 2014-04-14 10:39 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4c1465c89dab.job
2014-03-26 07:55 - 2014-03-26 07:55 - 00009779 _____ () C:\Users\Jürgen.TK\Desktop\Alko Winterpflege.xlsx
2014-03-24 12:51 - 2014-03-02 15:03 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-24 08:59 - 2014-03-04 16:14 - 03902248 _____ (ESTOS GmbH) C:\Windows\system32\edial.tsp
==================== One Month Modified Files and Folders =======
2014-04-14 10:39 - 2014-03-30 14:34 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4c1465c89dab.job
2014-04-14 10:38 - 2014-04-05 00:42 - 00000000 ____D () C:\FRST
2014-04-14 10:37 - 2011-12-05 13:07 - 00000000 ___RD () C:\Users\Jürgen.TK\Dropbox
2014-04-14 10:37 - 2011-12-05 13:06 - 00000000 ____D () C:\Users\Jürgen.TK\AppData\Roaming\Dropbox
2014-04-14 10:36 - 2013-04-25 13:58 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 10:35 - 2009-12-11 16:20 - 00111112 _____ () C:\Windows\PFRO.log
2014-04-14 10:35 - 2009-12-11 10:44 - 00000104 _____ () C:\Windows\system32\config\netlogon.ftl
2014-04-14 10:35 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 10:35 - 2009-07-14 06:39 - 00127975 _____ () C:\Windows\setupact.log
2014-04-14 10:34 - 2009-10-15 20:10 - 01479264 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 10:31 - 2014-04-14 09:41 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-14 10:31 - 2012-04-11 07:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 09:56 - 2014-04-14 09:56 - 00000000 ____D () C:\Users\Jürgen.TK\AppData\Roaming\QuickScan
2014-04-14 09:46 - 2009-07-14 06:34 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-14 09:46 - 2009-07-14 06:34 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-14 09:44 - 2014-04-14 09:41 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-04-14 09:42 - 2014-04-14 09:42 - 00002134 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-04-14 09:41 - 2014-04-14 09:41 - 00000000 ____D () C:\Users\Jürgen.TK\Desktop\Spybot
2014-04-14 08:23 - 2014-04-14 08:23 - 00034443 _____ () C:\Users\Jürgen.TK\Desktop\gemsmantel_Reportformular SysStabV1.xlsx
2014-04-14 08:22 - 2009-12-11 12:18 - 00000109 _____ () C:\Windows\cdlli40.INI
2014-04-13 15:00 - 2009-12-11 10:46 - 00000340 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-04-12 21:00 - 2009-12-11 10:46 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-04-09 20:44 - 2013-06-07 16:16 - 00002138 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-09 06:52 - 2009-12-11 12:24 - 00000432 _____ () C:\Windows\MSTCTI.INI
2014-04-09 03:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-09 03:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-09 03:09 - 2009-10-15 20:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-07 19:46 - 2013-10-29 13:29 - 00000000 ____D () C:\Users\Jürgen.TK\Documents\Robin
2014-04-04 16:05 - 2014-04-04 16:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-04 16:05 - 2014-04-04 16:05 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-04 16:05 - 2014-04-04 16:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-04 16:05 - 2014-04-04 16:05 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-04 16:05 - 2012-11-18 14:24 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-04 16:05 - 2012-11-18 14:24 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-04 16:05 - 2009-10-15 20:11 - 00000000 ____D () C:\Program Files\Java
2014-04-04 15:58 - 2009-12-11 11:04 - 00002274 ____H () C:\Users\Jürgen.TK\Documents\Default.rdp
2014-04-04 14:55 - 2009-10-15 20:14 - 00000000 ____D () C:\ProgramData\Sonic
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\ESTOS
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\ESET
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Apple Computer
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\Google
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\ESTOS
2014-04-04 14:52 - 2014-04-04 14:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\ESET
2014-04-04 14:13 - 2014-04-04 14:11 - 103335704 _____ (Microsoft Corporation) C:\Users\Jürgen.TK\Downloads\msert.exe
2014-03-31 10:10 - 2009-07-21 07:30 - 01815446 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 10:04 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-31 09:38 - 2014-03-31 09:38 - 00000000 ____D () C:\Users\Jürgen.TK\AppData\Local\KNX
2014-03-31 09:35 - 2014-03-31 09:35 - 00002429 _____ () C:\Users\Public\Desktop\ETS4.lnk
2014-03-31 09:35 - 2014-03-31 09:35 - 00000000 ____D () C:\ProgramData\KNX
2014-03-31 09:35 - 2014-03-31 09:35 - 00000000 ____D () C:\Program Files\ETS4
2014-03-31 09:35 - 2014-03-31 09:35 - 00000000 ____D () C:\Program Files\Ets3PlugIn
2014-03-31 09:35 - 2014-03-31 09:35 - 00000000 ____D () C:\Program Files\Common Files\Elka Shared
2014-03-31 09:34 - 2013-06-24 13:56 - 00000000 ____D () C:\Program Files\Common Files\EIBA sc
2014-03-31 09:32 - 2014-03-31 09:31 - 00000000 ____D () C:\Windows\system32\js
2014-03-31 09:32 - 2014-03-31 09:31 - 00000000 ____D () C:\Windows\system32\html
2014-03-31 09:32 - 2009-07-14 04:04 - 00017486 _____ () C:\Windows\system32\Drivers\etc\services
2014-03-31 09:31 - 2014-03-31 09:31 - 00000000 ____D () C:\Windows\system32\prompting
2014-03-31 09:31 - 2014-03-31 09:31 - 00000000 ____D () C:\Windows\system32\images
2014-03-31 09:31 - 2014-03-31 09:31 - 00000000 ____D () C:\Windows\system32\css
2014-03-31 09:25 - 2014-03-31 09:25 - 00000000 ____D () C:\Windows\system32\RsFx
2014-03-31 09:25 - 2009-10-15 20:26 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-03-31 09:23 - 2014-03-31 09:23 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 9.0
2014-03-31 09:21 - 2014-03-31 09:21 - 00000000 ____D () C:\Windows\system32\1033
2014-03-31 09:16 - 2014-03-31 09:15 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-31 08:59 - 2013-06-24 14:00 - 00000696 _____ () C:\Windows\ODBC.INI
2014-03-26 07:55 - 2014-03-26 07:55 - 00009779 _____ () C:\Users\Jürgen.TK\Desktop\Alko Winterpflege.xlsx
2014-03-15 13:02 - 2009-10-15 20:06 - 00000000 ____D () C:\swshare
Some content of TEMP:
====================
C:\Users\Timo\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-09 00:35
==================== End Of Log ============================
--- --- ---
--- --- ---
Und noch die Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-04-2014 01
Ran by Jürgen at 2014-04-14 10:40:25
Running from D:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET Endpoint Security 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Endpoint Security 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: ESET Personal Firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Access Help (HKLM\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 2.00 - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM\...\{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.4.6 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A94000000001}) (Version: 9.4.6 - Adobe Systems Incorporated)
Adobe Reader 9.5.3 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - )
Anmeldevordruck 4.0 (HKLM\...\{3DE689FE-0A69-40AF-8B0A-2930AD7FAD36}) (Version: 4.00.0000 - PDG Softwaredesign)
Apple Application Support (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Create Recovery Media (HKLM\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ESET Endpoint Security (HKLM\...\{323DDD5B-3BE3-45FA-931D-D4AE04F63EF3}) (Version: 5.0.2214.5 - ESET, spol. s r.o.)
ESTOS ProCall (HKLM\...\{4D690C48-F3B5-4890-8535-8B5B16612CA8}) (Version: 4.1.16.26842 - ESTOS)
ETS3 Professional (HKLM\...\ETS3 Professional) (Version: 3.0.00990.0 - KNX Association)
ETS3 Professional (Version: 3.0.00990.0 - KNX Association cvba) Hidden
FanSpeedControl (HKLM\...\InstallShield_{209E3222-E1E4-4244-A2E5-49DCEBEA1A91}) (Version: 1.00.00.13 - Lenovo)
FanSpeedControl (Version: 1.00.00.13 - Lenovo) Hidden
FileZilla Client 3.3.0.1 (HKLM\...\FileZilla Client) (Version: 3.3.0.1 - )
GFI FAXmaker Client (HKLM\...\{83B346F1-E4B1-4863-8759-5E09C35FE080}) (Version: 14.3.511 - GFI Software Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
GutachtenManager (HKLM\...\{33AFEE13-4459-4F0E-A763-22EA2842701D}) (Version: 6.0.0 - WaningV60)
Hardcopy (C:\Program Files\Hardcopy) (HKLM\...\Hardcopy(C__Program Files_Hardcopy)) (Version: 17.0.07 - )
HS/FS Experte 2.5 (HKLM\...\HS_FS Experte 2.5.100908_DE) (Version: 2.5 - )
HS/FS Experte 2.60 (HKLM\...\HS_FS Experte 2.6.110331_DE) (Version: 2.60 - )
iCloud (HKLM\...\{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}) (Version: 1.0.1.29 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
iTunes (HKLM\...\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216016FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
KNX eteC Falcon Runtime v2.1 (Version: 2.1.5213.27900 - KNX Association cvba) Hidden
KNX ETS4 (HKLM\...\KNX ETS4) (Version: 4.1.3246.36180 - KNX Association cvba)
KNX ETS4 (Version: 4.1.3246.36180 - KNX Association cvba) Hidden
KNX ETS4 Additional Runtime (Version: 4.0.0.0 - KNX Association cvba) Hidden
Korean Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5670-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5449.31 - PC-Doctor, Inc.)
Lenovo Welcome (HKLM\...\Lenovo Welcome_is1) (Version: 2.0.016.0 - Lenovo)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell)
Message Center Plus (HKLM\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 1.2.121.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.2.3042.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{EEB0EFE8-61EB-4C42-929A-CE25D3FBC0C6}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7FB12670-0F93-4E1E-B2F5-4F339199A03A}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Minianwendung "Desktoplinks" für Windows Small Business Server 2008 (HKLM\...\{DB6C2AC7-4D4C-493A-B5E8-4B1E685C277F}) (Version: 6.0.5601.6 - Microsoft Corporation)
Mouse Suite (HKLM\...\MouseSuite98) (Version: 2.0.5.23 - Lenovo)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
PACdimension 1.3 (HKLM\...\PACdimension_is1) (Version: 1.3 - doppelintegral GmbH)
PASST pro (HKLM\...\PASST pro) (Version: - )
PASSTProPCDeploy (HKLM\...\{2DF38AC0-3BF7-4E06-861C-84341AD2ECD2}) (Version: 1.0.2 - Standardfirmenname)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio Central Audio (Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (Version: 3.8.0 - Roxio) Hidden
Roxio Creator Small Business Edition (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Creator Small Business Edition (Version: 10.3.081 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden
Safari (HKLM\...\{5E453519-60F6-4A4D-A0BF-16663F9B3536}) (Version: 5.34.51.22 - Apple Inc.)
Schüco Solar Calculator (HKLM\...\SolarCalculator) (Version: v2.02 - Resolto Informatik GmbH)
Schüco Solar Calculator (Version: 2.02 - Resolto Informatik GmbH) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SimonsVoss Driver (HKLM\...\{677EE074-2863-41FF-854B-0F6D45293EC5}) (Version: 4.10.0700 - SimonsVoss Technologies AG)
SimonsVoss Locking System Management Starter 3.2 (HKLM\...\{B8FBA436-568C-4519-B66A-7A5A17C2E683}) (Version: 3.2.10316 - SimonsVoss Technologies AG)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Sonic Icons for Lenovo (HKLM\...\{B334D9AE-1393-423E-97C0-3BDC3360E692}) (Version: 2.0.0 - Lenovo)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sunny Design 2.20 (HKLM\...\{374262DA-B644-4CCA-8A37-DF57AD806408}) (Version: 2.20.1.4 - SMA Solar Technology AG)
System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0005 - Lenovo)
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.8703 - TeamViewer GmbH)
ThinkVantage Energie-Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 1.01.0064 - Lenovo Group Limited)
TreeSize Free V2.7 (HKLM\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.4035.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VDE-Anwendungsprogramm 8.1.1.38 (HKLM\...\VDE-Anwendungsprogramm) (Version: 8.1.1.38 - VDE Verlag GmbH)
Voltwerk Sizer 2.0.0 (HKCU\...\Voltwerk Sizer_is1) (Version: - )
Windows Live Anmelde-Assistent (HKLM\...\{B5BCBD49-202F-4238-8398-D83D423A48B4}) (Version: 5.000.817.1 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Toolbar (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Small Business Server 2008 ClientAgent (HKLM\...\{492F8345-095D-467F-926C-278870D93ECF}) (Version: 6.0.5601.6 - Microsoft Corporation)
Windows Small Business Server 2008 WMI Provider (Version: 6.0.5601.6 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel Corporation (igfx) Display (07/28/2009 8.15.10.1855) (HKLM\...\F72C19F49669B7F5F229BB51895CB31FB56993F7) (Version: 07/28/2009 8.15.10.1855 - Intel Corporation)
Windows-Treiberpaket - Marvell (yukonw7) Net (05/20/2009 11.10.5.3) (HKLM\...\43AB67B7FFAA910B27AD8EEDCD3F35D302404D75) (Version: 05/20/2009 11.10.5.3 - Marvell)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (08/05/2009 6.0.1.5911) (HKLM\...\3D521A9B0C0925C77D4D5276998FFF6DF66CBA2F) (Version: 08/05/2009 6.0.1.5911 - Realtek Semiconductor Corp.)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (08/05/2009 6.0.1.5911) (HKLM\...\EDB0CD5E842AE668D9A01C6275DA2CD736D3DD06) (Version: 08/05/2009 6.0.1.5911 - Realtek Semiconductor Corp.)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
28-03-2014 18:00:21 Windows-Sicherung
28-03-2014 21:00:08 Windows Update
31-03-2014 07:15:14
31-03-2014 07:28:28
31-03-2014 07:33:38 Installed Microsoft Primary Interoperability Assemblies 2005
01-04-2014 20:29:09 Windows Update
04-04-2014 14:03:24 Installed Java 7 Update 51
04-04-2014 17:00:12 Windows-Sicherung
04-04-2014 20:44:46 Windows Update
08-04-2014 21:14:30 Windows Update
09-04-2014 01:00:22 Windows Update
11-04-2014 17:00:27 Windows-Sicherung
==================== Hosts content: ==========================
2009-07-14 04:04 - 2014-04-14 09:50 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {006966B7-049E-4D4B-BFED-0CE46B3CF4A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-25] (Google Inc.)
Task: {0B74066C-1B08-487A-8F20-A690970E41A1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {13CE9890-04EF-4EB9-BBBC-ED65E7B7B920} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {1DE11527-8070-4EA0-A6B8-C076C90C05FC} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4c1465c89dab => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-25] (Google Inc.)
Task: {231B8CCF-CF2C-4FEC-876A-A51D714D8893} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\pcdlauncher.exe [2009-11-20] (PC-Doctor, Inc.)
Task: {43C32486-1873-4A7D-AAA8-1A183DF74816} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4B4D4D8C-6893-4657-B4DC-0A4D79980D90} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {68642FD5-6BD7-49AB-92E0-7385D3A876B3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {6C28F889-037A-4AA5-ABE9-274077B84C80} - System32\Tasks\Shutdown => C:\_scripts\shutdown.bat [2010-03-31] ()
Task: {77736073-2432-419C-97BF-22FBD19C4D84} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {A1D172A0-054E-4E98-B71A-F61D359AE9B5} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {A2636297-19DC-4567-BE8E-2013F96A2A10} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PWMIDTSV.EXE [2009-08-13] (Lenovo Group Limited)
Task: {A27A0B07-9943-4E49-B647-308BBE3813CB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {AD00DC7A-6D7E-44F9-BEB1-4E31AA518352} - System32\Tasks\JavaUpdateSched => C:\Windows\System32\jusched.exe
Task: {C1D4C0F7-8BF4-47B5-89FF-0A01F9EC2D5B} - System32\Tasks\realtekHDAudio => c:\program files\realtek\audio\hda\rthdvcpl.exe [2009-08-05] (Realtek Semiconductor)
Task: {D26B77CD-29E2-460B-80A2-553F44786139} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe [2009-11-22] (PC-Doctor, Inc.)
Task: {D8EB3E54-9200-422B-ABEB-A5A1070DF50D} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4c1465c89dab.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\pcdlauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe
==================== Loaded Modules (whitelisted) =============
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-14 09:41 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-04-14 09:41 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-04-14 09:41 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-04-14 09:41 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-04-14 09:41 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-01-04 09:13 - 2008-08-02 12:02 - 00057344 ____N () C:\Program Files\Hardcopy\HcDLL2_23_Win32.dll
2009-11-15 17:29 - 2009-11-15 17:29 - 00094208 ____N () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-12-11 13:47 - 2009-08-16 18:06 - 00141312 _____ () C:\Program Files\WinRAR\rarext.dll
2009-10-15 20:02 - 2009-08-11 19:00 - 00035328 ____N () C:\Program Files\ThinkPad\Utilities\GR\PWMRT32V.DLL
2009-05-27 22:09 - 2009-05-27 22:09 - 00049976 ____N () C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
2009-10-15 20:00 - 2008-12-16 13:47 - 00020480 ____N () C:\Program Files\Lenovo\Mouse Suite\FSRremoS.EXE
2010-01-04 09:13 - 2008-08-03 09:32 - 00441344 ____N () C:\Program Files\Hardcopy\HcDllS.dll
2010-01-04 09:13 - 2003-11-20 13:18 - 00045056 ____N () C:\Program Files\Hardcopy\hardcopy.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Jürgen.TK\AppData\Roaming\Dropbox\bin\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2014 09:53:10 AM) (Source: Application Hang) (User: )
Description: Programm SDScan.exe, Version 2.2.18.177 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 954
Startzeit: 01cf57b659a3daac
Endzeit: 0
Anwendungspfad: C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Berichts-ID: ce22684c-c3a9-11e3-a765-0025114b152d
Error: (04/12/2014 10:54:44 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912
Name des fehlerhaften Moduls: msxml3.dll, Version: 8.110.7601.18334, Zeitstempel: 0x52a13053
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e64f
ID des fehlerhaften Prozesses: 0xde8
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (04/12/2014 10:24:18 AM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2ac
Startzeit: 01cf562781971d23
Endzeit: 10
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: d550c942-c21b-11e3-aac3-0025114b152d
Error: (04/12/2014 10:16:27 AM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: a10
Startzeit: 01cf5625a4d027a0
Endzeit: 16
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: bc7728f8-c21a-11e3-aac3-0025114b152d
Error: (04/12/2014 10:14:59 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912
Name des fehlerhaften Moduls: msxml3.dll, Version: 8.110.7601.18334, Zeitstempel: 0x52a13053
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e64f
ID des fehlerhaften Prozesses: 0x458
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (04/12/2014 10:14:03 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912
Name des fehlerhaften Moduls: msxml3.dll, Version: 8.110.7601.18334, Zeitstempel: 0x52a13053
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e64f
ID des fehlerhaften Prozesses: 0x12d8
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (04/12/2014 08:49:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912
Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.18404, Zeitstempel: 0x530aa86e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000d9b6c
ID des fehlerhaften Prozesses: 0x121c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (04/12/2014 00:36:27 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (04/12/2014 00:34:54 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "EtecFwk,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "EtecFwk,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/12/2014 00:34:53 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "EtecFwk,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "EtecFwk,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (04/14/2014 10:35:24 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (04/14/2014 10:35:20 AM) (Source: NETLOGON) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne TK aufgrund der folgenden
Ursache nicht einrichten:
%%1311
Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.
ZUSÄTZLICHE INFORMATIONEN
Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Error: (04/14/2014 10:32:50 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (04/14/2014 10:32:49 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (04/14/2014 10:32:49 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (04/14/2014 10:32:48 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (04/14/2014 10:27:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (04/14/2014 10:27:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (04/14/2014 10:26:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (04/14/2014 10:26:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Microsoft Office Sessions:
=========================
Error: (11/14/2013 01:13:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 16607 seconds with 180 seconds of active time. This session ended with a crash.
Error: (07/29/2013 07:10:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 25252 seconds with 60 seconds of active time. This session ended with a crash.
Error: (01/29/2013 06:08:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 31112 seconds with 960 seconds of active time. This session ended with a crash.
Error: (02/06/2012 10:00:31 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 28305 seconds with 2580 seconds of active time. This session ended with a crash.
Error: (12/23/2011 10:00:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 51498 seconds with 540 seconds of active time. This session ended with a crash.
Error: (12/13/2011 10:00:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 46312 seconds with 900 seconds of active time. This session ended with a crash.
Error: (10/26/2011 03:09:37 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 21971 seconds with 2700 seconds of active time. This session ended with a crash.
Error: (12/28/2010 10:00:31 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 41935 seconds with 660 seconds of active time. This session ended with a crash.
Error: (11/11/2010 01:24:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7525 seconds with 180 seconds of active time. This session ended with a crash.
Error: (11/10/2010 03:53:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21513 seconds with 1020 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 67%
Total physical RAM: 2047.24 MB
Available physical RAM: 658.08 MB
Total Pagefile: 4094.48 MB
Available Pagefile: 2427.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.86 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:287.15 GB) (Free:114.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (TIMO USB) (Removable) (Total:1.86 GB) (Free:1.16 GB) FAT32
Drive m: (Volume) (Network) (Total:571.15 GB) (Free:122.15 GB) NTFS
Drive n: (Volume) (Network) (Total:571.15 GB) (Free:122.15 GB) NTFS
Drive o: (Volume) (Network) (Total:571.15 GB) (Free:122.15 GB) NTFS
Drive q: (Volume) (Network) (Total:571.15 GB) (Free:122.15 GB) NTFS
Drive s: (David) (Network) (Total:15.35 GB) (Free:12.32 GB) NTFS
Drive z: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:4.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: E860FBE7)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 2 GB) (Disk ID: C3072E18)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
Hinweise: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. 
+ R Taste und schreibe notepad in das Ausführen Fenster.
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.