DHL PDF im Spam Email geöffnet

OliverF

Hallo,

meine Frau hat leider das DHL SPam Mail geöffnet, meint aber nur die pdf geöffnet zu haben. Wahrscheinlich hat Sie keinen link geöffnet. Zumindest hat Sie keine zip Datei geöffnet oder Weiterleitung gesehen.

jetzt bin ich mir nicht sicher, ob mein PC etas abbekommen hat. Jetzt brauche ich Eure Hilfe.
Wenn ich weitere Schritte machen soll, sagt mir Bescheid.

Gruß
Oliver


Anbei mein Logfile:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-05-2015
Ran by Oliver at 2015-05-14 10:26:07
Running from C:\Users\Oliver\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-718057176-2926429940-2907879898-500 - Administrator - Disabled)
Gast (S-1-5-21-718057176-2926429940-2907879898-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-718057176-2926429940-2907879898-1004 - Limited - Enabled)
Oliver (S-1-5-21-718057176-2926429940-2907879898-1001 - Administrator - Enabled) => C:\Users\Oliver

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 157 - Abelssoft)
Ashampoo WinOptimizer 2014 v.1.0.0 (HKLM\...\{4209F371-99CD-68CB-1C29-9910F8F9BD96}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
COMPUTER BILD Account-Alarm (HKLM\...\{7B0F11E4-5EB1-4B31-96F8-BE8BF2A8ED10}) (Version: 1.0.5 - J3S)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
G Data InternetSecurity CBE (HKLM\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Maxtor Manager (HKLM\...\{B8281D46-D846-4BB9-BC84-F1115A7BF820}) (Version: - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft Office Proof (German) 2007 (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: - )
Microsoft Office Word MUI (German) 2007 (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}) (Version: - )
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0}) (Version: - )
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Should I Remove It (HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
WinSysClean X5 (HKLM\...\WinSysClean X5) (Version: 15.01 - Ultimate Systems, Inc.)
WinSysClean X5 (Version: 15.01 - Ultimate Systems, Inc.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-718057176-2926429940-2907879898-1001_Classes\CLSID\{53B5243F-8302-4DAD-BE8F-1D0665E8225E}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO3.dll (Hewlett-Packard Company)
CustomCLSID: HKU\S-1-5-21-718057176-2926429940-2907879898-1001_Classes\CLSID\{AB246BE9-1623-4A84-ABDA-CFF4D4A273CB}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)

==================== Restore Points =========================

03-05-2015 14:21:18 Windows Update
12-05-2015 06:40:51 Windows Update
13-05-2015 08:42:26 Windows Update
13-05-2015 12:38:50 Windows Update
13-05-2015 22:39:14 Wiederherstellungsvorgang
13-05-2015 23:58:58 Windows Update
14-05-2015 00:22:23 Removed Microsoft Silverlight
14-05-2015 10:11:04 Installed Adobe Acrobat Reader DC - Deutsch.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2014-12-24 16:49 - 00000901 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 google-analytics.com
127.0.0.1 www.google-analytics.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0CEDF61B-AA14-4298-9F6A-DA4E57F448DA} - System32\Tasks\One-Click Optimizer => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe [2013-12-18] (Ashampoo Development GmbH & Co. KG)
Task: {1B8E4A6A-6775-4BC9-AEAF-D3DF12D60AB8} - System32\Tasks\Uninstaller_SkipUac_Oliver => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {1D67CF39-F5EF-47F8-BA42-C48FAC745C61} - System32\Tasks\{9224D4DE-06A8-4F07-9D99-6E92F960DFAB} => pcalua.exe -a C:\Users\Oliver\Downloads\32bit_Win7_Win8_Win81_R275.exe -d C:\Users\Oliver\Downloads
Task: {263C71CE-A879-4A42-A4CA-3B039F393762} - System32\Tasks\{08DA2242-ECA2-4BF7-A60E-C6CEAA6B5B5B} => pcalua.exe -a C:\Users\Oliver\Downloads\AVM_FRITZ!WLAN_Repeater_300E_Assistent.exe -d C:\Users\Oliver\Downloads
Task: {270BC545-E5FC-4838-95FE-08C837837FC8} - System32\Tasks\{16FB0CC5-3609-48E8-BDF6-A2ABD7F9547D} => pcalua.exe -a E:\Download\Install_CopyTrans_Suite_4.840.exe -d E:\Download
Task: {28328104-037F-41AE-A0EA-19097FEF9C58} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {28EF8E8E-8D10-4138-B290-CAC7A81D57E2} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
Task: {386CF091-DFCD-4AF4-AD01-8F29861E93F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-15] (Adobe Systems Incorporated)
Task: {46435706-E1E0-49A9-A577-EDDA0B290543} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {66AE77B3-EE51-46BD-A9BD-C3BB1542C960} - System32\Tasks\{A8E07978-0681-4D81-A920-4D3426312CBC} => pcalua.exe -a C:\Users\Oliver\Downloads\BOM2148h_setup.exe -d C:\Users\Oliver\Downloads
Task: {6E2369D5-4824-477F-A849-D42D4B6B9FE0} - System32\Tasks\4806 => Wscript.exe C:\Users\Oliver\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {6EBC5EAD-78E8-4BCB-9CC2-48F6A69DC424} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {706C3242-EDAE-4D39-B851-9EC6E8138AB0} - System32\Tasks\Driver Booster Beta SkipUAC (Oliver) => C:\Program Files\IObit\Driver Booster Beta\DriverBooster.exe
Task: {70A49347-E50A-4171-B3B7-096990A91C36} - System32\Tasks\Driver Booster SkipUAC (Oliver) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {7A3521E2-8AF4-46D2-BC72-A3150FE7E40D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {83130278-4E39-483B-9A9E-8DEF5E0AE0DB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {9E0579C0-6057-463D-9B09-6FE75163A2A5} - System32\Tasks\Escolade => C:\Users\Oliver\AppData\Roaming\iPumper\Updater.exe <==== ATTENTION
Task: {9F6D8B7B-2149-406A-8C57-B1FFFD1367C1} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {B7688F4F-2139-473A-B37E-F0DF13456010} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {C063BD16-F7C5-4E79-819D-1532A9DC770F} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
Task: {CF613440-9B9A-49D1-A5E3-8EF5E11999D3} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {D9E55B95-9275-4150-9B43-0DC56DE59CDA} - System32\Tasks\SmartDefrag3_Update => C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe
Task: {DB4AF985-A6D7-4A43-823B-084572815ABA} - System32\Tasks\ASC7_SkipUac_Oliver => C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe
Task: {DD9AF356-EF47-4699-980F-613AAB155D66} - System32\Tasks\HPLJCustParticipation => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {ED9B752D-4BD5-4626-BE1E-4A573B727E01} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {FCA1D6AB-D348-495E-B143-F42D2D5D22F4} - System32\Tasks\{D30B4751-2BD0-416C-AED8-E87B74FBB794} => pcalua.exe -a C:\Users\Oliver\Desktop\Install_CopyTrans_Suite.exe -d C:\Users\Oliver\Desktop

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\One-Click Optimizer.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe

==================== Loaded Modules (whitelisted) ==============

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-16 11:05 - 2014-07-16 11:05 - 00710304 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2012-06-18 17:27 - 2012-06-18 17:27 - 00018432 _____ () C:\Users\Oliver\AppData\LocalLow\ColorZillaStats\IE\ColorZillaStatsUpdater.exe
2014-09-09 14:28 - 2014-09-09 14:28 - 00014336 _____ () C:\Program Files\COMPUTER BILD Account-Alarm\BCrypt.Net.dll
2013-12-19 04:42 - 2013-12-19 04:42 - 00287864 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll
2015-02-15 16:10 - 2015-02-15 16:10 - 16852144 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\1-se.com -> 1-se.com

There are 4788 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-718057176-2926429940-2907879898-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Biet-O-Matic.lnk => C:\Windows\pss\Biet-O-Matic.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Oliver^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Oliver^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Luffi.lnk => C:\Windows\pss\Luffi.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ApnUpdater =>
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Browser Infrastructure Helper =>
MSCONFIG\startupreg: cltmng.exe =>
MSCONFIG\startupreg: DataMgr => C:\Users\Oliver\AppData\Roaming\DataMgr\datamgr.exe
MSCONFIG\startupreg: DriverScanner =>
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: mxomssmenu => "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
MSCONFIG\startupreg: Optimizer Pro =>
MSCONFIG\startupreg: Protector => wscript.exe "C:\Users\Oliver\AppData\Roaming\SDIV 2.0\Prot\prot.vbs" check
MSCONFIG\startupreg: QTTask.exe => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_ROC_NT =>
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TU => "C:\Users\Oliver\AppData\Roaming\SDIV 2.0\Prot\tu\tu.exe"
MSCONFIG\startupreg: vProt =>
MSCONFIG\startupreg: Yontoo Desktop => "C:\Users\Oliver\AppData\Roaming\Yontoo\YontooDesktop.exe"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{C1EC82B1-F378-453F-ABEA-A43C3DCA0BBE}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{1CD4FE37-7738-47E7-AD33-AA4301C7824D}] => (Allow) F:\fsetup.exe
FirewallRules: [{F5309D7E-8805-49AD-8D67-8E7A9D6D12F4}] => (Allow) F:\fsetup.exe
FirewallRules: [TCP Query User{CC84F6D1-2D58-43B3-BCC9-D52D2F5B37D0}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Allow) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
FirewallRules: [UDP Query User{3B3CABDA-2DBB-46DA-9946-C29D8DA452E3}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Allow) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
FirewallRules: [TCP Query User{C321F776-E9F4-4A01-B735-0DA8FD5E4DDE}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{28F56D56-1D5F-4147-839E-DC7ECEF5B313}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{D61A4A12-3507-480A-BB7B-AB13E85EF1A0}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9E8EC2B0-E8B7-4404-BDD6-43AF09BF51E4}] => (Allow) LPort=2869
FirewallRules: [{F549F5CA-13F4-46ED-A8A7-8E1130CEF264}] => (Allow) LPort=1900
FirewallRules: [{58128F19-7B44-4006-B470-C6EADF353067}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DF68EB53-FE68-4DF6-BD2A-9AFBC1949A38}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{CB7BAFD8-FDF6-4E5F-9841-BA95A4F9805A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{8803B4E2-CC03-4100-9323-4445244DFA46}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{60847AD6-7016-4104-8745-2EDAE78FD144}] => (Allow) C:\Program Files\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{89C6C598-165F-4B71-B86B-207802CD93F9}] => (Allow) C:\Program Files\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{2542C334-B178-40BE-9A09-52611DC5AB5F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{72968E69-F61F-40F4-959A-558242577820}] => (Allow) LPort=80

==================== Faulty Device Manager Devices =============

Name: kl2
Description: kl2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kl2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2015 10:14:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WinSysClean.exe, Version: 15.0.1.560, Zeitstempel: 0x52cad7bb
Name des fehlerhaften Moduls: WinSysClean.exe, Version: 15.0.1.560, Zeitstempel: 0x52cad7bb
Ausnahmecode: 0x40000015
Fehleroffset: 0x0021c5a8
ID des fehlerhaften Prozesses: 0x17a8
Startzeit der fehlerhaften Anwendung: 0xWinSysClean.exe0
Pfad der fehlerhaften Anwendung: WinSysClean.exe1
Pfad des fehlerhaften Moduls: WinSysClean.exe2
Berichtskennung: WinSysClean.exe3

Error: (05/14/2015 10:14:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WinSysClean.exe, Version: 15.0.1.560, Zeitstempel: 0x52cad7bb
Name des fehlerhaften Moduls: WinSysClean.exe, Version: 15.0.1.560, Zeitstempel: 0x52cad7bb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a1c7d
ID des fehlerhaften Prozesses: 0x1288
Startzeit der fehlerhaften Anwendung: 0xWinSysClean.exe0
Pfad der fehlerhaften Anwendung: WinSysClean.exe1
Pfad des fehlerhaften Moduls: WinSysClean.exe2
Berichtskennung: WinSysClean.exe3

Error: (05/14/2015 10:10:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WinSysClean.exe, Version: 15.0.1.560, Zeitstempel: 0x52cad7bb
Name des fehlerhaften Moduls: WinSysClean.exe, Version: 15.0.1.560, Zeitstempel: 0x52cad7bb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a1c7d
ID des fehlerhaften Prozesses: 0x1780
Startzeit der fehlerhaften Anwendung: 0xWinSysClean.exe0
Pfad der fehlerhaften Anwendung: WinSysClean.exe1
Pfad des fehlerhaften Moduls: WinSysClean.exe2
Berichtskennung: WinSysClean.exe3

Error: (05/14/2015 00:09:00 AM) (Source: MsiInstaller) (EventID: 11500) (User: Oliver-PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch -- Fehler 1500. Im Augenblick wird eine andere Installation ausgeführt. Sie müssen die Installation, die bereits ausgeführt wird, erst abschließen, bevor Sie mit dieser Installation fortfahren können.

Error: (05/14/2015 00:08:56 AM) (Source: MsiInstaller) (EventID: 11500) (User: Oliver-PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch -- Fehler 1500. Im Augenblick wird eine andere Installation ausgeführt. Sie müssen die Installation, die bereits ausgeführt wird, erst abschließen, bevor Sie mit dieser Installation fortfahren können.

Error: (05/14/2015 00:08:53 AM) (Source: MsiInstaller) (EventID: 11500) (User: Oliver-PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch -- Fehler 1500. Im Augenblick wird eine andere Installation ausgeführt. Sie müssen die Installation, die bereits ausgeführt wird, erst abschließen, bevor Sie mit dieser Installation fortfahren können.

Error: (05/13/2015 10:37:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EXCEL.EXE, Version: 12.0.6718.5000, Zeitstempel: 0x54e45be7
Name des fehlerhaften Moduls: EXCEL.EXE, Version: 12.0.6718.5000, Zeitstempel: 0x54e45be7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013216
ID des fehlerhaften Prozesses: 0x16e8
Startzeit der fehlerhaften Anwendung: 0xEXCEL.EXE0
Pfad der fehlerhaften Anwendung: EXCEL.EXE1
Pfad des fehlerhaften Moduls: EXCEL.EXE2
Berichtskennung: EXCEL.EXE3

Error: (05/13/2015 10:37:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EXCEL.EXE, Version: 12.0.6718.5000, Zeitstempel: 0x54e45be7
Name des fehlerhaften Moduls: EXCEL.EXE, Version: 12.0.6718.5000, Zeitstempel: 0x54e45be7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013216
ID des fehlerhaften Prozesses: 0x16e8
Startzeit der fehlerhaften Anwendung: 0xEXCEL.EXE0
Pfad der fehlerhaften Anwendung: EXCEL.EXE1
Pfad des fehlerhaften Moduls: EXCEL.EXE2
Berichtskennung: EXCEL.EXE3

Error: (05/13/2015 09:42:43 PM) (Source: Microsoft Office 12) (EventID: 2000) (User: )
Description: Accepted Safe Mode action : Microsoft Office Excel.

Error: (05/13/2015 08:12:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SETUP.EXE_Microsoft Setup Bootstrapper, Version: 12.0.6606.1000, Zeitstempel: 0x4e26b0a2
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bc21
ID des fehlerhaften Prozesses: 0x16b0
Startzeit der fehlerhaften Anwendung: 0xSETUP.EXE_Microsoft Setup Bootstrapper0
Pfad der fehlerhaften Anwendung: SETUP.EXE_Microsoft Setup Bootstrapper1
Pfad des fehlerhaften Moduls: SETUP.EXE_Microsoft Setup Bootstrapper2
Berichtskennung: SETUP.EXE_Microsoft Setup Bootstrapper3


System errors:
=============
Error: (05/14/2015 10:08:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
KL1
kl2
KLIF
KLIM6

Error: (05/14/2015 10:08:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/14/2015 10:08:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (05/14/2015 00:32:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
KL1
kl2
KLIF
KLIM6

Error: (05/14/2015 00:31:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/14/2015 00:31:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (05/14/2015 00:14:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Windows-Tool zum Entfernen bösartiger Software - Mai 2015 (KB890830)

Error: (05/14/2015 00:14:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246007 fehlgeschlagen: Microsoft Office File Validation Add-in

Error: (05/14/2015 00:06:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80080005 fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB3046002)

Error: (05/14/2015 00:06:48 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}


Microsoft Office Sessions:
=========================
Error: (05/13/2015 10:37:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8922 seconds with 60 seconds of active time. This session ended with a crash.

Error: (11/09/2013 06:13:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 669 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/02/2012 05:59:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1978 seconds with 720 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 620 Processor
Percentage of memory in use: 48%
Total physical RAM: 3326.3 MB
Available physical RAM: 1705.2 MB
Total Pagefile: 6650.91 MB
Available Pagefile: 4391.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.43 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:712.27 GB) (Free:452.44 GB) NTFS
Drive d: (Recover) (Fixed) (Total:13.7 GB) (Free:4.85 GB) NTFS
Drive e: (Förster - Persönliches Laufwerk) (Fixed) (Total:205.44 GB) (Free:73.08 GB) NTFS
Drive f: (COMPANY_MEN) (CDROM) (Total:6.79 GB) (Free:0 GB) UDF
Drive h: (Externes Laufwerk) (Fixed) (Total:698.64 GB) (Free:70.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=712.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=205.4 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 698.6 GB) (Disk ID: AC9CA11D)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================