Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: 2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 17.03.2014, 12:58   #1
Froschal
 
2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig - Standard

2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig



Sollte mir FRST runterladen - hier die Logfiles:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Paar Johanna (administrator) on JOHANNA on 17-03-2014 09:53:55
Running from C:\Users\Paar Johanna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7WAONE9K
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(mquadr.at software engineering and consulting GmbH, web: mquadr.at :: Self-Service Connectivity Software for Internet Access Providers, mail: office@mquadr.at) C:\Program Files\A1 Servicecenter\A1 Diagnose\A1Diagnose.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-03-04] (Kaspersky Lab ZAO)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9288296 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] - C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\...\Run: [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\...\Run: [A1Diagnose] - C:\Program Files\A1 Servicecenter\A1 Diagnose\A1Diagnose.exe [21004392 2014-01-16] (mquadr.at software engineering and consulting GmbH, web: mquadr.at :: Self-Service Connectivity Software for Internet Access Providers, mail: office@mquadr.at)
HKU\S-1-5-21-1360048915-4139430745-1786109950-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-04-10] (Google Inc.)
HKU\S-1-5-21-1360048915-4139430745-1786109950-1000\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1360048915-4139430745-1786109950-1000\...\Run: [Driver Updater] - C:\Program Files\Carambis\Driver Updater\dupdater.exe [4813920 2011-04-27] (MEDIA FOG LTD)
AppInit_DLLs: C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL => C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL File Not Found
Startup: C:\Users\Paar Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = news.ORF.at
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4512_1&babsrc=SP_clro&mntrId=a06ed3ee000000000000485d60196a45
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4512_1&babsrc=SP_clro&mntrId=a06ed3ee000000000000485d60196a45
SearchScopes: HKCU - {1891848C-0A4C-4AA6-9621-A044A22484BB} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5EAT&gct=&itbv=12.10.3.34&apn_uid=514FE6F8-1C5C-4D20-9012-3DF3F1E4BD37&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EAT&apn_dbr=ie_11.0.9600.16518&doi=2014-03-06&trgb=IE&q={searchTerms}&psv=
BHO: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files\Claro LTD\claro\1.8.3.10\bh\claro.dll No File
BHO: No Name - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -  No File
BHO: CescrtHlpr Object - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll No File
BHO: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\Paar Johanna\AppData\Local\SaveSense\SaveSenseIE.dll No File
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files\Claro LTD\claro\1.8.3.10\claroTlbr.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Paar Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\3dc4f2hq.default
FF user.js: detected! => C:\Users\Paar Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\3dc4f2hq.default\user.js
FF NewTab: hxxp://www.claro-search.com/?affID=114508&tt=4512_1&babsrc=NT_clro&mntrId=a06ed3ee000000000000485d60196a45
FF DefaultSearchEngine: Amazon 
FF Homepage: hxxp://orf.at/
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF SearchPlugin: C:\Users\Paar Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\3dc4f2hq.default\searchplugins\babylon.xml
FF Extension: Site Finder - C:\Users\Paar Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\3dc4f2hq.default\Extensions\sitefinder@sitefinder.com [2014-02-21]
FF Extension: A1 Servicecenter - C:\Program Files\Mozilla Firefox\extensions\{B0BBFC8E-6697-4D2B-8FC4-B5AD9B3B1F11} [2014-02-24]
FF HKLM\...\Firefox\Extensions:  - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2014-03-04]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2014-03-04]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2014-03-04]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2014-03-04]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2014-03-04]

Chrome: 
=======
CHR HomePage: hxxp://www.claro-search.com/?affID=114508&tt=4512_1&babsrc=HP_clro&mntrId=a06ed3ee000000000000485d60196a45
CHR DefaultSearchKeyword: claro-search.com
CHR DefaultSearchProvider: Amazon
CHR DefaultSearchURL: hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4512_8&babsrc=SP_clro&mntrId=a06ed3ee000000000000485d60196a45
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Babylon Chrome Plugin) - C:\Users\Paar Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.210.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Oracle)
CHR Plugin: (Java(TM) Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Paar Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-10]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Paar Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-03-10]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Paar Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-10]
CHR Extension: (Google Wallet) - C:\Users\Paar Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Anti-Banner) - C:\Users\Paar Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-03-10]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-18]

========================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-25] (APN LLC.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-03-04] (Kaspersky Lab ZAO)
S4 savesenselive; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-21] (SaveSense)
S4 savesenselivem; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-21] (SaveSense)

==================== Drivers (Whitelisted) ====================

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [595552 2014-03-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-03-04] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2014-03-04] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2014-03-04] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2014-03-04] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2014-03-04] (Kaspersky Lab ZAO)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-03-04] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 09:52 - 2014-03-17 09:52 - 00000000 ____D () C:\FRST
2014-03-17 09:45 - 2014-03-17 09:45 - 00405504 _____ () C:\Users\Paar Johanna\Downloads\intel_srldetect_4.5.13.0 (1).msi
2014-03-12 19:43 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 19:43 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 19:43 - 2014-03-01 05:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 19:43 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 19:43 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 19:43 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 19:43 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 19:43 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 19:43 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 19:43 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 19:43 - 2014-03-01 04:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 19:43 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 19:43 - 2014-03-01 04:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 19:43 - 2014-03-01 04:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 19:43 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 19:43 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 19:43 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 19:43 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 19:43 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 19:43 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 19:43 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 19:43 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 19:43 - 2014-02-07 02:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 19:43 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 19:43 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 19:43 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 19:43 - 2014-01-28 03:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-10 16:41 - 2014-03-10 16:41 - 00000000 ____D () C:\Program Files\phenomedia
2014-03-07 10:57 - 2012-09-12 15:58 - 00101888 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Desktop\wlmail.exe
2014-03-07 10:51 - 2012-09-12 15:58 - 00101888 _____ (Microsoft Corporation) C:\Program Files\wlmail.exe
2014-03-06 16:52 - 2014-03-06 16:52 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-03-06 16:52 - 2014-03-06 16:52 - 00000000 ____D () C:\ProgramData\APN
2014-03-06 16:52 - 2014-03-06 16:52 - 00000000 ____D () C:\Program Files\AskPartnerNetwork
2014-03-06 16:50 - 2014-03-06 16:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-06 16:50 - 2014-03-06 16:49 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-06 16:49 - 2014-03-06 16:49 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-03-06 16:47 - 2014-03-06 16:48 - 00921512 _____ (Oracle Corporation) C:\Users\Paar Johanna\Downloads\JavaSetup7u51.com
2014-03-06 16:46 - 2014-03-06 16:46 - 00405504 _____ () C:\Users\Paar Johanna\Downloads\intel_srldetect_4.5.13.0.msi
2014-03-06 16:46 - 2014-03-06 16:46 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-03-05 18:51 - 2014-03-05 18:51 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-03-05 18:50 - 2014-03-05 18:50 - 00000000 __RHD () C:\MSOCache
2014-03-05 10:49 - 2014-03-05 11:05 - 00000000 ____D () C:\Program Files\Windows Live
2014-03-05 10:44 - 2014-03-05 10:46 - 142608624 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\wlsetup-all_de_16.4.3505.0912 (1).exe
2014-03-05 10:34 - 2014-03-05 10:34 - 02156544 _____ (Farbar) C:\Users\Paar Johanna\Downloads\FRST64 (1).exe
2014-03-05 10:33 - 2014-03-05 10:33 - 02156544 _____ (Farbar) C:\Users\Paar Johanna\Downloads\FRST64.exe
2014-03-05 10:07 - 2014-03-05 10:07 - 00002335 _____ () C:\Users\Administrator\Desktop\Sicherer Zahlungsverkehr.lnk
2014-03-04 10:19 - 2014-03-04 10:33 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\Nico Mak Computing
2014-03-04 09:21 - 2014-03-04 09:21 - 00002339 _____ () C:\Users\Paar Johanna\Desktop\Sicherer Zahlungsverkehr.lnk
2014-03-04 09:20 - 2014-03-04 09:20 - 00001165 _____ () C:\Program Files\Kaspersky Internet Security 2013.lnk
2014-03-04 09:19 - 2014-03-17 09:43 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-04 09:19 - 2014-03-04 09:30 - 00595552 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-04 09:19 - 2014-03-04 09:30 - 00074848 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-04 09:19 - 2014-03-04 09:19 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-03-04 09:19 - 2014-03-04 09:19 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2014-03-04 09:04 - 2014-03-05 09:27 - 00000000 ____D () C:\Program Files\Amazon
2014-03-04 09:04 - 2014-03-04 09:04 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\amazon
2014-03-02 14:56 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-01 20:24 - 2013-10-02 01:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-03-01 20:24 - 2013-10-02 01:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-01 20:24 - 2013-10-02 01:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-01 20:24 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-03-01 20:24 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-03-01 20:24 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-01 20:24 - 2013-10-02 00:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-01 20:24 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-01 20:24 - 2013-10-02 00:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-01 20:24 - 2013-10-01 23:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-03-01 20:24 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-03-01 20:20 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-01 19:20 - 2014-03-01 19:20 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-03-01 19:20 - 2014-03-01 19:20 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-03-01 19:20 - 2014-03-01 19:20 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-01 19:20 - 2014-03-01 19:20 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-01 19:16 - 2014-03-01 19:16 - 02959376 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\dotnetfx35setup(2).exe
2014-03-01 19:11 - 2014-03-01 19:15 - 142170800 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\wlsetup-all.exe
2014-03-01 17:44 - 2014-03-01 17:44 - 00000020 _____ () C:\Windows\È÷7
2014-03-01 17:27 - 2014-03-01 17:27 - 01245376 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\wlsetup-web (2).exe
2014-02-24 10:57 - 2014-02-24 11:38 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Local\mquadr.at
2014-02-24 10:57 - 2014-02-24 11:17 - 00000000 ____D () C:\ProgramData\mquadr.at
2014-02-24 10:57 - 2014-02-24 10:57 - 00000000 __HDC () C:\ProgramData\{F361AD8C-CA1F-418A-8E74-472ADA2B7803}
2014-02-24 10:56 - 2014-02-24 10:57 - 00000000 ____D () C:\Program Files\A1 Servicecenter
2014-02-24 10:56 - 2014-02-24 10:56 - 00001334 _____ () C:\Users\Paar Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\A1 Servicecenter.lnk
2014-02-24 10:56 - 2014-02-24 10:56 - 00001310 _____ () C:\Users\Public\Desktop\A1 Servicecenter.lnk
2014-02-21 17:40 - 2014-02-21 17:42 - 00000000 ____D () C:\Users\Paar Johanna\Documents\mails
2014-02-21 17:38 - 2014-02-21 17:38 - 00000000 ___RD () C:\Users\Paar Johanna\OneDrive
2014-02-21 17:38 - 2014-02-21 17:38 - 00000000 ____D () C:\Program Files\Microsoft OneDrive
2014-02-21 17:33 - 2014-02-21 17:33 - 01292648 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\wlsetup-web (1).exe
2014-02-21 17:33 - 2014-02-21 17:33 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Local\{11B7E78F-290A-4F2F-BFD4-DE0094D20D6A}
2014-02-21 17:16 - 2014-03-17 09:43 - 00000928 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-02-21 17:16 - 2014-03-14 08:21 - 00000932 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-02-21 17:16 - 2014-03-04 09:08 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-02-21 17:16 - 2014-03-02 15:16 - 00000312 _____ () C:\Windows\Tasks\SaveSense.job
2014-02-21 17:16 - 2014-02-24 10:16 - 00000079 _____ () C:\Users\Paar Johanna\AppData\Roaming\WB.CFG
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\SimilarSites
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\SaveSense
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Local\SaveSenseLive
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\ProgramData\SaveSenseLive
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Program Files\SimilarSites
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Program Files\SaveSenseLive
2014-02-21 17:15 - 2014-02-21 17:15 - 02176336 _____ (WiseCleaner.com ) C:\Users\Paar Johanna\Downloads\WRCFree.exe
2014-02-21 16:59 - 2014-02-21 16:59 - 00283256 _____ (Mozilla) C:\Users\Paar Johanna\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-21 14:29 - 2014-02-21 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-02-21 14:29 - 2014-02-21 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-02-21 14:23 - 2014-02-21 14:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-02-21 14:19 - 2014-02-21 14:19 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Windows Live Writer
2014-02-21 14:19 - 2014-02-21 14:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Windows Live Writer
2014-02-21 14:14 - 2014-03-05 10:06 - 00086872 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-21 14:14 - 2014-02-21 14:14 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\mquadr.at
2014-02-21 14:14 - 2014-02-21 14:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\mquadr.at
2014-02-21 14:14 - 2014-02-21 14:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\a1ta
2014-02-21 14:13 - 2014-02-21 14:13 - 00001470 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-21 14:13 - 2014-02-21 14:13 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 ____D () C:\Users\Administrator
2014-02-21 14:13 - 2012-11-09 14:05 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\TuneUp Software
2014-02-21 14:13 - 2011-09-13 12:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-02-21 14:13 - 2010-08-30 11:11 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-02-21 14:13 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-21 14:13 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-17 13:01 - 2014-03-05 09:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-17 09:53 - 2011-12-29 08:53 - 00026624 _____ () C:\Users\Paar Johanna\Downloads\bootwiz (1).bin
2014-02-17 08:13 - 2011-12-29 08:53 - 00026624 _____ () C:\Users\Paar Johanna\Downloads\bootwiz.bin

==================== One Month Modified Files and Folders =======

2014-03-17 09:52 - 2014-03-17 09:52 - 00000000 ____D () C:\FRST
2014-03-17 09:50 - 2009-07-14 05:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-17 09:50 - 2009-07-14 05:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-17 09:46 - 2011-04-11 02:06 - 01338945 _____ () C:\Windows\WindowsUpdate.log
2014-03-17 09:45 - 2014-03-17 09:45 - 00405504 _____ () C:\Users\Paar Johanna\Downloads\intel_srldetect_4.5.13.0 (1).msi
2014-03-17 09:43 - 2014-03-04 09:19 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-17 09:43 - 2014-02-21 17:16 - 00000928 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-03-17 09:43 - 2011-04-10 18:21 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-17 09:42 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-17 09:42 - 2009-07-14 05:39 - 00048354 _____ () C:\Windows\setupact.log
2014-03-17 09:27 - 2012-09-03 14:08 - 00000000 ____D () C:\Windows\pss
2014-03-15 16:04 - 2011-04-10 18:21 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-14 08:21 - 2014-02-21 17:16 - 00000932 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-03-13 18:27 - 2009-07-14 05:33 - 00347248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 18:26 - 2010-08-30 17:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 19:56 - 2011-06-02 16:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-10 16:41 - 2014-03-10 16:41 - 00000000 ____D () C:\Program Files\phenomedia
2014-03-06 21:23 - 2010-08-28 01:49 - 01829862 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-06 21:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-06 20:15 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-06 16:52 - 2014-03-06 16:52 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-03-06 16:52 - 2014-03-06 16:52 - 00000000 ____D () C:\ProgramData\APN
2014-03-06 16:52 - 2014-03-06 16:52 - 00000000 ____D () C:\Program Files\AskPartnerNetwork
2014-03-06 16:50 - 2014-03-06 16:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-06 16:49 - 2014-03-06 16:50 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-06 16:49 - 2014-03-06 16:49 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-03-06 16:49 - 2010-08-30 11:05 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-06 16:49 - 2010-08-30 11:05 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-06 16:49 - 2010-08-30 11:05 - 00000000 ____D () C:\Program Files\Java
2014-03-06 16:48 - 2014-03-06 16:47 - 00921512 _____ (Oracle Corporation) C:\Users\Paar Johanna\Downloads\JavaSetup7u51.com
2014-03-06 16:46 - 2014-03-06 16:46 - 00405504 _____ () C:\Users\Paar Johanna\Downloads\intel_srldetect_4.5.13.0.msi
2014-03-06 16:46 - 2014-03-06 16:46 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-03-05 19:27 - 2010-08-30 10:48 - 03997818 _____ () C:\Windows\PFRO.log
2014-03-05 18:59 - 2011-04-10 18:24 - 00088496 _____ () C:\Users\Paar Johanna\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-05 18:53 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-05 18:52 - 2011-04-12 11:04 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-03-05 18:52 - 2010-08-30 17:59 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-03-05 18:52 - 2010-08-30 11:18 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-05 18:51 - 2014-03-05 18:51 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-03-05 18:51 - 2009-07-14 08:48 - 00000000 ____D () C:\Windows\ShellNew
2014-03-05 18:50 - 2014-03-05 18:50 - 00000000 __RHD () C:\MSOCache
2014-03-05 11:05 - 2014-03-05 10:49 - 00000000 ____D () C:\Program Files\Windows Live
2014-03-05 10:47 - 2012-07-16 17:34 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Local\Windows Live
2014-03-05 10:46 - 2014-03-05 10:44 - 142608624 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\wlsetup-all_de_16.4.3505.0912 (1).exe
2014-03-05 10:34 - 2014-03-05 10:34 - 02156544 _____ (Farbar) C:\Users\Paar Johanna\Downloads\FRST64 (1).exe
2014-03-05 10:33 - 2014-03-05 10:33 - 02156544 _____ (Farbar) C:\Users\Paar Johanna\Downloads\FRST64.exe
2014-03-05 10:07 - 2014-03-05 10:07 - 00002335 _____ () C:\Users\Administrator\Desktop\Sicherer Zahlungsverkehr.lnk
2014-03-05 10:06 - 2014-02-21 14:14 - 00086872 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-05 09:50 - 2011-07-13 19:26 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-03-05 09:44 - 2014-02-17 13:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-05 09:27 - 2014-03-04 09:04 - 00000000 ____D () C:\Program Files\Amazon
2014-03-05 08:54 - 2009-07-14 05:53 - 00032548 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-04 11:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-03-04 11:05 - 2011-06-10 09:17 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\Systweak
2014-03-04 10:33 - 2014-03-04 10:19 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\Nico Mak Computing
2014-03-04 09:30 - 2014-03-04 09:19 - 00595552 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-04 09:30 - 2014-03-04 09:19 - 00074848 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-04 09:30 - 2012-08-13 16:49 - 00145040 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-03-04 09:30 - 2012-08-02 15:09 - 00025696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2014-03-04 09:30 - 2012-07-25 14:53 - 00025696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2014-03-04 09:30 - 2012-06-19 17:28 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-03-04 09:30 - 2012-06-08 11:38 - 00044000 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2014-03-04 09:30 - 2012-05-25 19:38 - 00025696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-03-04 09:21 - 2014-03-04 09:21 - 00002339 _____ () C:\Users\Paar Johanna\Desktop\Sicherer Zahlungsverkehr.lnk
2014-03-04 09:20 - 2014-03-04 09:20 - 00001165 _____ () C:\Program Files\Kaspersky Internet Security 2013.lnk
2014-03-04 09:19 - 2014-03-04 09:19 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-03-04 09:19 - 2014-03-04 09:19 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2014-03-04 09:16 - 2010-08-30 10:59 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-04 09:16 - 2010-08-30 10:59 - 00000000 ____D () C:\Program Files\Adobe
2014-03-04 09:08 - 2014-02-21 17:16 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-03-04 09:05 - 2011-04-10 18:21 - 00002170 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 09:04 - 2014-03-04 09:04 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\amazon
2014-03-04 09:03 - 2011-06-10 09:17 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-03-04 09:02 - 2012-11-10 09:18 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-02 15:16 - 2014-02-21 17:16 - 00000312 _____ () C:\Windows\Tasks\SaveSense.job
2014-03-01 20:27 - 2010-05-12 14:13 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-03-01 19:24 - 2013-12-11 17:39 - 00196608 _____ () C:\Windows\ocsetup_install_NetFx3.etl
2014-03-01 19:24 - 2013-12-11 17:39 - 00084882 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.txt
2014-03-01 19:21 - 2012-11-05 18:38 - 00122384 _____ () C:\Windows\iis7.log
2014-03-01 19:20 - 2014-03-01 19:20 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-03-01 19:20 - 2014-03-01 19:20 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-03-01 19:20 - 2014-03-01 19:20 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-01 19:20 - 2014-03-01 19:20 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-01 19:20 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-03-01 19:16 - 2014-03-01 19:16 - 02959376 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\dotnetfx35setup(2).exe
2014-03-01 19:15 - 2014-03-01 19:11 - 142170800 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\wlsetup-all.exe
2014-03-01 18:57 - 2011-04-11 09:51 - 00000000 ____D () C:\Users\Paar Johanna\Tracing
2014-03-01 17:44 - 2014-03-01 17:44 - 00000020 _____ () C:\Windows\È÷7
2014-03-01 17:27 - 2014-03-01 17:27 - 01245376 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\wlsetup-web (2).exe
2014-03-01 05:30 - 2014-03-12 19:43 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 05:11 - 2014-03-12 19:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 05:10 - 2014-03-12 19:43 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 04:52 - 2014-03-12 19:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 04:51 - 2014-03-12 19:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 19:43 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 04:43 - 2014-03-12 19:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 19:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 04:40 - 2014-03-12 19:43 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 04:38 - 2014-03-12 19:43 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 04:38 - 2014-03-12 19:43 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 04:37 - 2014-03-12 19:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 04:31 - 2014-03-12 19:43 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:25 - 2014-03-12 19:43 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 04:16 - 2014-03-12 19:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:14 - 2014-03-12 19:43 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:03 - 2014-03-12 19:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 19:43 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 19:43 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 03:32 - 2014-03-12 19:43 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 03:27 - 2014-03-12 19:43 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:25 - 2014-03-12 19:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-24 11:38 - 2014-02-24 10:57 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Local\mquadr.at
2014-02-24 11:17 - 2014-02-24 10:57 - 00000000 ____D () C:\ProgramData\mquadr.at
2014-02-24 10:57 - 2014-02-24 10:57 - 00000000 __HDC () C:\ProgramData\{F361AD8C-CA1F-418A-8E74-472ADA2B7803}
2014-02-24 10:57 - 2014-02-24 10:56 - 00000000 ____D () C:\Program Files\A1 Servicecenter
2014-02-24 10:56 - 2014-02-24 10:56 - 00001334 _____ () C:\Users\Paar Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\A1 Servicecenter.lnk
2014-02-24 10:56 - 2014-02-24 10:56 - 00001310 _____ () C:\Users\Public\Desktop\A1 Servicecenter.lnk
2014-02-24 10:56 - 2013-08-03 10:30 - 00000000 __HDC () C:\ProgramData\{7421FE87-82BC-4E38-B371-D129BE9C26C5}
2014-02-24 10:16 - 2014-02-21 17:16 - 00000079 _____ () C:\Users\Paar Johanna\AppData\Roaming\WB.CFG
2014-02-24 10:14 - 2012-10-15 20:10 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Local\A1TA
2014-02-21 17:42 - 2014-02-21 17:40 - 00000000 ____D () C:\Users\Paar Johanna\Documents\mails
2014-02-21 17:38 - 2014-02-21 17:38 - 00000000 ___RD () C:\Users\Paar Johanna\OneDrive
2014-02-21 17:38 - 2014-02-21 17:38 - 00000000 ____D () C:\Program Files\Microsoft OneDrive
2014-02-21 17:38 - 2011-04-10 18:23 - 00000000 ____D () C:\Users\Paar Johanna
2014-02-21 17:33 - 2014-02-21 17:33 - 01292648 _____ (Microsoft Corporation) C:\Users\Paar Johanna\Downloads\wlsetup-web (1).exe
2014-02-21 17:33 - 2014-02-21 17:33 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Local\{11B7E78F-290A-4F2F-BFD4-DE0094D20D6A}
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\SimilarSites
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Roaming\SaveSense
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Users\Paar Johanna\AppData\Local\SaveSenseLive
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\ProgramData\SaveSenseLive
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Program Files\SimilarSites
2014-02-21 17:16 - 2014-02-21 17:16 - 00000000 ____D () C:\Program Files\SaveSenseLive
2014-02-21 17:15 - 2014-02-21 17:15 - 02176336 _____ (WiseCleaner.com ) C:\Users\Paar Johanna\Downloads\WRCFree.exe
2014-02-21 16:59 - 2014-02-21 16:59 - 00283256 _____ (Mozilla) C:\Users\Paar Johanna\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-21 14:29 - 2014-02-21 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-02-21 14:29 - 2014-02-21 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-02-21 14:23 - 2014-02-21 14:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-02-21 14:19 - 2014-02-21 14:19 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Windows Live Writer
2014-02-21 14:19 - 2014-02-21 14:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Windows Live Writer
2014-02-21 14:14 - 2014-02-21 14:14 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\mquadr.at
2014-02-21 14:14 - 2014-02-21 14:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\mquadr.at
2014-02-21 14:14 - 2014-02-21 14:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\a1ta
2014-02-21 14:13 - 2014-02-21 14:13 - 00001470 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-21 14:13 - 2014-02-21 14:13 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-02-21 14:13 - 2014-02-21 14:13 - 00000000 ____D () C:\Users\Administrator
2014-02-17 08:13 - 2013-09-10 11:45 - 02426791 _____ () C:\Users\Paar Johanna\Downloads\00368.mkv

Files to move or delete:
====================
C:\ProgramData\Setup_A1Servicecenter_RTM_1.3.0.37.exe


Some content of TEMP:
====================
C:\Users\Paar Johanna\AppData\Local\Temp\APNSetup.exe
C:\Users\Paar Johanna\AppData\Local\Temp\BackupSetup.exe
C:\Users\Paar Johanna\AppData\Local\Temp\DRPCUNLR.dll
C:\Users\Paar Johanna\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Paar Johanna\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Paar Johanna\AppData\Local\Temp\ose00000.exe
C:\Users\Paar Johanna\AppData\Local\Temp\TUUUninstallHelper.exe
C:\Users\Paar Johanna\AppData\Local\Temp\Uninst.exe
C:\Users\Paar Johanna\AppData\Local\Temp\uninst1.exe
C:\Users\Paar Johanna\AppData\Local\Temp\{EFF616A3-14B1-4A6A-9192-4E85EA2DE69E}_emergency.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 10:34

==================== End Of Log ============================
         
--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Paar Johanna at 2014-03-17 09:54:15
Running from C:\Users\Paar Johanna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7WAONE9K
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

A1 Servicecenter (HKLM\...\A1 Servicecenter) (Version: 1.3.0.38 - A1 Telekom Austria AG)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Ask Toolbar (HKLM\...\{4F524A2D-5637-4300-76A7-A758B70C0A03}) (Version: 12.10.3.34 - APN, LLC) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{BE4AE3A7-190D-BCB8-A953-A708C9E8E8AA}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Carambis Driver Updater (HKLM\...\{542068F1-9AAE-4E1B-8ACA-094FE03728BE}) (Version: 1.2.3.2273 - MEDIA FOG LTD)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0527.1242.20909 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2010.0527.1242.20909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2010.0527.1242.20909 - ATI) Hidden
CCC Help Danish (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help Dutch (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help English (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help Finnish (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help French (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help German (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help Italian (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help Japanese (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help Norwegian (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help Spanish (Version: 2010.0527.1241.20909 - ATI) Hidden
CCC Help Swedish (Version: 2010.0527.1241.20909 - ATI) Hidden
ccc-core-static (Version: 2010.0527.1242.20909 - ATI) Hidden
ccc-utility (Version: 2010.0527.1242.20909 - ATI) Hidden
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.2515 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (Version: 1.5.1306 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
HOFER Bestellsoftware 4.9 (HKLM\...\HOFER Bestellsoftware) (Version: 4.9 - ORWO Net)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
Junk Mail filter update (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2013 (HKLM\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Schnappi Fungames XXL (HKLM\...\{EC76722E-DDB2-4E2B-A2C2-4B167BDCB951}) (Version: 1.00.0000 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
System Requirements Lab for Intel (HKLM\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{4B93560B-F33D-4A67-A224-F5E1C329BD22}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Communications Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

05-03-2014 08:43:20 Removed Claro Chrome Toolbar
05-03-2014 08:52:13 Removed CorelDRAW Essentials 4 - Windows Shell Extension.
05-03-2014 08:58:24 Windows Live Essentials
05-03-2014 08:58:57 WLSetup
05-03-2014 09:47:50 Windows Live Essentials
05-03-2014 09:49:26 WLSetup
05-03-2014 10:03:41 Windows Live Essentials
05-03-2014 10:05:15 WLSetup
05-03-2014 17:50:02 Installed Microsoft Office Home and Student 2010
06-03-2014 15:46:24 Installed System Requirements Lab for Intel
06-03-2014 15:49:33 Installed Java 7 Update 51
06-03-2014 18:14:07 Windows Update
06-03-2014 19:08:34 Windows Update
06-03-2014 20:22:05 Windows Update
09-03-2014 09:54:51 Windows Update
10-03-2014 15:41:21 Installiert Schnappi Fungames XXL
12-03-2014 18:39:34 Windows Update
12-03-2014 18:53:31 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {079EB85B-FA4E-4C9B-9667-EBF5B40B8EFF} - System32\Tasks\{7C1D3A9C-4C32-488D-A86B-D09CC0BE7952} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {1135A454-B5BE-441E-9231-30360C7D38F3} - System32\Tasks\{B7235BA7-7E99-4BB9-84CA-7B2A453723C8} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {122FE45D-1474-4E20-9A25-DB6272243103} - System32\Tasks\{965D8DE7-092B-4A57-B532-6C5F562A682B} => C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {161B8239-AA3A-44E8-A305-10D6E6A848AA} - System32\Tasks\{94C01906-2EA5-4C98-A4D8-0030F930168A} => C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {1E4421EF-7149-443D-916A-121310781D06} - System32\Tasks\{EB93D8E8-7DDC-4F36-9311-A15DAFEB1DEE} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {291FAEE3-D8DD-4A2B-A903-D29231B883B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-10] (Google Inc.)
Task: {2B9EDEEF-6BEB-4682-9239-3DC2E9BBD81A} - System32\Tasks\{8EE4DB36-2E76-44EF-A642-73D13774401A} => Firefox.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {346BB715-FE96-4CCA-A2BF-A7CFFD492094} - System32\Tasks\{0CAE5C32-4141-434F-97DC-F40DC3E919ED} => C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {3759BD9A-08EA-4843-AC9B-0B63DE53D154} - System32\Tasks\{7652F9FC-B6A2-45D3-AB8D-0666FF99E418} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {392E61C2-F4B5-4403-BC89-B806D81EC14D} - System32\Tasks\{DA6FC74C-00E1-4AFF-9354-28A5EA203339} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {41E5C8F3-D122-40D7-BDF8-D43827DDFD55} - System32\Tasks\{29EB5C1B-A841-4EAF-B31C-99A679C42FC8} => C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {45A2308B-3211-43F5-B306-941C4DCCC882} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [2014-02-21] (SaveSense) <==== ATTENTION
Task: {4FC327A3-37A9-4C28-90ED-72513F8FDD1D} - System32\Tasks\{E208E92C-0CEF-4107-A144-FE307B278630} => C:\Program Files\A1\A1 Servicecenter\A1Servicecenter.exe [2012-08-03] ()
Task: {57FD06C9-A301-4230-AE2B-853DEA3C745D} - System32\Tasks\{0EE1E87D-9BEC-437E-A7AF-C52F6B8E01DE} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {5A14FA19-DF2B-4207-8C7A-467F1339F04C} - \AdobeFlashPlayerUpdate No Task File
Task: {5A7A7900-BFE4-415A-A084-EECA1218B0FE} - System32\Tasks\{EE01FCCF-BD1C-4301-8971-66686DEDE16C} => \\JOHANNA\Program Files\Internet Explorer\ExtExport.exe [2013-12-01] (Microsoft Corporation)
Task: {5C1148EB-B689-46DF-B23C-0B2E27EB9CA2} - System32\Tasks\Aufgaben der Ereignisanzeige\Application_Windows Backup_4099 => \\JOHANNA\Program Files\Internet Explorer\ieinstal.exe [2014-03-01] (Microsoft Corporation)
Task: {67809407-F510-43AD-B4F8-EADAB916BE39} - System32\Tasks\SaveSense => C:\Users\PAARJO~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {6895722A-9801-425B-9494-BE8AC12402E1} - System32\Tasks\{67F258AF-EAC0-48C9-A017-92158C478CBE} => C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe
Task: {6C7C5DB1-90C2-4CFF-AFED-ECDF27320C0E} - System32\Tasks\{3795F50C-4F9E-4B3D-837E-B975F8222EF3} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {7208120C-54E4-475E-A547-A90A629A33F0} - System32\Tasks\{B2EAFDE4-1F44-4001-B61E-DB6E837ED71B} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {72129E08-097C-4C48-9E0D-8DA4BB9F39BF} - System32\Tasks\Aufgaben der Ereignisanzeige\Application_Microsoft-Windows-RestartManager_10010 => \\JOHANNA\Program Files\Internet Explorer\ExtExport.exe [2013-12-01] (Microsoft Corporation)
Task: {7431D319-98AC-4C5E-AD90-D8EC7CD54E42} - System32\Tasks\{D3838CC4-0708-48D5-8033-A28EDB764148} => C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe
Task: {7810AD8D-8B0D-46FA-AA11-7EA6A7B5E0BB} - System32\Tasks\{2A5B22DC-DF5F-4E06-97A4-7D7F48C27374} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {7EA34AF2-4EDC-479A-AC1A-0A1905DC8D78} - System32\Tasks\{4487C858-77FF-488C-999E-88A077E3D278} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {80712C95-90CC-4689-9063-D98A48D16FEE} - System32\Tasks\Aufgaben der Ereignisanzeige\Application_Windows Backup_4104 => \\JOHANNA\Program Files\Internet Explorer\ieinstal.exe [2014-03-01] (Microsoft Corporation)
Task: {854384BC-982B-484C-A707-82B72B55A072} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe
Task: {8BD126CB-B8A9-4D8D-9B06-146C88C6E9EF} - System32\Tasks\{41B8992D-AEF5-4784-A706-F25FD660FDA8} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {8E0AA65D-5989-4BB6-A806-E84101413472} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {90169C6D-610C-4476-B744-F8719EC151B1} - System32\Tasks\{12C55DD8-A2CA-4E57-B840-A83C0E94CCD9} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {90809887-E274-4542-BFFE-7102A25CB04F} - System32\Tasks\{CC71F833-F39C-40E6-A9F6-33E0EF1942AD} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {915B9B07-2C04-4EAE-88A3-60ED3C1C2492} - System32\Tasks\{2305E47A-FDD6-4C44-ACCB-1123AE5F3DD2} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {9170460E-6A5A-4E92-8A6B-C5FAD6E2FC25} - System32\Tasks\{C7F0F3E3-1588-4072-AE60-2D54176E0674} => Firefox.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {9832DE4E-F91B-44C4-9E23-26E6A5D27031} - System32\Tasks\{73B05082-3E6C-4B70-A9E3-FE1396AA2134} => \\JOHANNA\Program Files\Internet Explorer\ExtExport.exe [2013-12-01] (Microsoft Corporation)
Task: {9A77F18B-342F-4B1E-A0EC-3C761B08065B} - System32\Tasks\{9BE36338-BDD3-462A-9977-D212BA63AE3E} => C:\Program Files\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe [2009-11-20] (Microsoft Corporation)
Task: {9D20CD22-D5BE-47CE-A013-D69D38EE4A39} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {9D57C552-30B5-4CEA-B591-177E8E52E30D} - System32\Tasks\{4579C5E6-A794-451A-A897-4A0AA8345C43} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {9F381B10-7170-4A72-B789-1C570743A54F} - System32\Tasks\{EAF69592-888E-4163-A385-3486BAA4D7C3} => \\JOHANNA\Program Files\Internet Explorer\ieinstal.exe [2014-03-01] (Microsoft Corporation)
Task: {A8858E07-B9C3-4C89-AECF-81DD36B8723D} - System32\Tasks\Aufgaben der Ereignisanzeige\Application_Microsoft-Windows-User Profiles Service_1530 => \\JOHANNA\Program Files\Internet Explorer\ExtExport.exe [2013-12-01] (Microsoft Corporation)
Task: {A8A531E8-144C-407A-A634-206302D97BC6} - System32\Tasks\{6244125C-A998-41B1-ABBC-C0784758AF08} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {B4A4D645-F887-4A56-8FCD-98824EDFC44A} - System32\Tasks\{AA868F7F-B343-440A-88FF-7DD14A6A6450} => \\JOHANNA\Program Files\Avira\AntiVir Desktop\avadmin.exe
Task: {B6B0EFE3-A360-4860-A676-E116439F6EF0} - System32\Tasks\{B454B7A1-6796-4CB3-8E94-663C44326125} => C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {C527F3CC-6443-4232-856A-340BF8E8B4EC} - System32\Tasks\{22EAEEF9-D193-48ED-9960-5E172D565292} => C:\Program Files\Canon\EOS Utility\EOS Utility.exe
Task: {C5C15CB7-CBE1-498E-978A-A4368FE730D7} - System32\Tasks\{FC8FEF3A-FA17-4872-9289-DC01171DC94A} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {C8EEB956-9B84-47BC-9904-CAC2A980CD69} - System32\Tasks\{3417A4A8-8262-4D05-A82D-90B166CDC0C9} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {CC9A7D06-8490-4490-9CD0-C94F8FCCC057} - System32\Tasks\{64191D6E-4F92-4958-A638-0935F337BA8A} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {D144D32B-E2BA-4186-B3A3-32D160D947E7} - System32\Tasks\{27967B5A-19A7-4BB1-BEE4-D907687A8023} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {DAF03AD3-7FE4-4961-A742-7F6D87904928} - System32\Tasks\{84A9AAF7-69C8-4454-A7F9-172DFB31FFB4} => \\JOHANNA\Program Files\Internet Explorer\ExtExport.exe [2013-12-01] (Microsoft Corporation)
Task: {DB0834C2-E453-40F7-8D73-AC8A98D4C8D0} - System32\Tasks\{232E2E3D-85E6-4A21-A9F7-827FF5DF3B3D} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {DF87394B-251D-47DD-8D8A-C1C8FDBE2748} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-10] (Google Inc.)
Task: {E1CFF595-6947-4887-B746-0BA5DDF17298} - System32\Tasks\{0BF6B1E4-3B35-4D37-B616-B7830598FCD6} => Firefox.exe Skype-Nutzungsbedingungen
Task: {ECBEB2EE-FE19-4C58-8E3B-7305B024012D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F4B9AFDF-2D28-481F-BE89-989D7D68FB7E} - System32\Tasks\{AE7C2CBE-C4A1-4343-AF9D-7CAD4CB345BE} => C:\Program Files\Windows Live\Mail\wlmail.exe [2014-01-10] (Microsoft Corporation)
Task: {F918D9DF-5042-4272-9541-D41C3D9811CC} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [2014-02-21] (SaveSense) <==== ATTENTION
Task: {FD2D39C3-7C17-4491-A717-96517BB2F46E} - System32\Tasks\{98479E52-20AF-4DEB-801B-282378F55C85} => Firefox.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\PAARJO~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-08-17 21:39 - 2014-03-04 09:25 - 01310136 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2010-05-27 20:40 - 2010-05-27 20:40 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Paar Johanna\AW_ Besuch zu Allerheiligen.eml:OECustomProperty
AlternateDataStreams: C:\Users\Paar Johanna\Documents\25596B3C-00000006 - Kopie - Kopie - Kopie.eml:OECustomProperty
AlternateDataStreams: C:\Users\Paar Johanna\Documents\25596B3C-00000006 - Kopie - Kopie - Kopie.eml:OEStandardProperty
AlternateDataStreams: C:\Users\Paar Johanna\Documents\25596B3C-00000006 - Kopie - Kopie.eml:OECustomProperty
AlternateDataStreams: C:\Users\Paar Johanna\Documents\25596B3C-00000006 - Kopie - Kopie.eml:OEStandardProperty
AlternateDataStreams: C:\Users\Paar Johanna\Documents\25596B3C-00000006 - Kopie.eml:OECustomProperty
AlternateDataStreams: C:\Users\Paar Johanna\Documents\25596B3C-00000006 - Kopie.eml:OEStandardProperty
AlternateDataStreams: C:\Users\Paar Johanna\Documents\25596B3C-00000006.eml:OECustomProperty
AlternateDataStreams: C:\Users\Paar Johanna\Documents\25596B3C-00000006.eml:OEStandardProperty
AlternateDataStreams: C:\Users\Paar Johanna\Documents\Fw_ Jetzt machen Sie Ihr Outlook 15 x besser!.eml:OECustomProperty
AlternateDataStreams: C:\Users\Public\Documents\we hausmeisterabrechnung  1.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: savesenselive => 2
MSCONFIG\Services: savesenselivem => 3
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: BabylonToolbar => "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

==================== Faulty Device Manager Devices =============

Name: photosmart 7600 series
Description: photosmart 7600 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/13/2014 07:18:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/10/2014 04:41:20 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {73980509-bb10-416f-99ef-0b740abba419}

Error: (03/10/2014 10:34:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/07/2014 10:12:10 AM) (Source: MsiInstaller) (User: Johanna)
Description: Product: System Requirements Lab for Intel -- Error 1316. A network error occurred while attempting to read from the file: C:\Users\Paar Johanna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y981YAD1\intel_srldetect_4.5.13.0.msi

Error: (03/06/2014 05:26:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/06/2014 04:46:38 PM) (Source: MsiInstaller) (User: Johanna)
Description: Product: System Requirements Lab for Intel -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (03/05/2014 08:21:41 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: A1Diagnose.exe, Version: 4.5.1.232, Zeitstempel: 0x52d408f9
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xA1Diagnose.exe0
Pfad der fehlerhaften Anwendung: A1Diagnose.exe1
Pfad des fehlerhaften Moduls: A1Diagnose.exe2
Berichtskennung: A1Diagnose.exe3

Error: (03/05/2014 11:06:37 AM) (Source: Microsoft-Windows-RestartManager) (User: Johanna)
Description: Die Anwendung oder der Dienst "Microsoft Windows Search Filter Host" konnte nicht heruntergefahren werden.

Error: (03/05/2014 11:04:38 AM) (Source: Microsoft-Windows-RestartManager) (User: Johanna)
Description: Die Anwendung oder der Dienst "Windows Search" konnte nicht heruntergefahren werden.

Error: (03/05/2014 10:47:50 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {8cde8263-33ca-466d-8033-3ce155392192}


System errors:
=============
Error: (03/17/2014 09:42:55 AM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (03/17/2014 09:28:18 AM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (03/17/2014 09:18:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Aufgabenplanung" ist vom Dienst "Windows-Ereignisprotokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (03/17/2014 09:16:35 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/17/2014 09:12:53 AM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (03/15/2014 03:45:35 PM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (03/14/2014 08:04:32 AM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (03/13/2014 06:58:30 PM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (03/13/2014 06:27:22 PM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (03/12/2014 07:34:48 PM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.


Microsoft Office Sessions:
=========================
Error: (03/13/2014 07:18:10 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (03/10/2014 04:41:20 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {73980509-bb10-416f-99ef-0b740abba419}

Error: (03/10/2014 10:34:28 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (03/07/2014 10:12:10 AM) (Source: MsiInstaller)(User: Johanna)
Description: Product: System Requirements Lab for Intel -- Error 1316. A network error occurred while attempting to read from the file: C:\Users\Paar Johanna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y981YAD1\intel_srldetect_4.5.13.0.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/06/2014 05:26:31 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (03/06/2014 04:46:38 PM) (Source: MsiInstaller)(User: Johanna)
Description: Product: System Requirements Lab for Intel -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/05/2014 08:21:41 PM) (Source: Application Error)(User: )
Description: A1Diagnose.exe4.5.1.23252d408f9KERNELBASE.dll6.1.7601.1822951fb10c60eedfade0000812fe8001cf38a8176aef0aC:\Program Files\A1 Servicecenter\A1 Diagnose\A1Diagnose.exeC:\Windows\system32\KERNELBASE.dll60c9ddc0-a49b-11e3-bec2-485d60196a45

Error: (03/05/2014 11:06:37 AM) (Source: Microsoft-Windows-RestartManager)(User: Johanna)
Description: 0C:\Windows\System32\SearchFilterHost.exeMicrosoft Windows Search Filter Host050175220143003A005C00500072006F006700720061006D002000460069006C00650073005C00570069006E0064006F007700730020004C006900760065005C004D00610069006C005C0077006C006D0069006D006500660069006C00740065007200330032002E0064006C006C000000

Error: (03/05/2014 11:04:38 AM) (Source: Microsoft-Windows-RestartManager)(User: Johanna)
Description: 1SearchIndexer.exeWindows Search03026216150640

Error: (03/05/2014 10:47:50 AM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {8cde8263-33ca-466d-8033-3ce155392192}


CodeIntegrity Errors:
===================================
  Date: 2014-03-13 19:19:09.264
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 19:19:09.264
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 19:19:09.264
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 19:19:09.248
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 19:19:09.248
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 19:19:09.248
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 19:19:09.233
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 19:19:09.233
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 19:19:09.233
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-13 19:19:09.217
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 3063.11 MB
Available physical RAM: 1911 MB
Total Pagefile: 6124.52 MB
Available Pagefile: 4596.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.75 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1356.17 GB) (Free:1282.07 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-742852132864) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
--- --- ---

Alt 17.03.2014, 16:39   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig - Standard

2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig



Du hast schon einen Thread => http://www.trojaner-board.de/150607-...ml#post1263616
__________________

__________________

 

Themen zu 2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig
.dll, 4d36e972-e325-11ce-bfc1-08002be10318, adobe, bingbar, browser, computer, desktop, ebanking, explorer, google, helper, home, homepage, internet, kaspersky, mozilla, msiinstaller, newtab, object, realtek, registry, security, services.exe, software, system, tastatur, trojaner, usb, windows, winlogon.exe



Ähnliche Themen: 2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig


  1. Windows 8.1: Programme laufen sehr langsam,
    Log-Analyse und Auswertung - 08.08.2015 (1)
  2. Diverse Funktionen laufen nicht richtig
    Plagegeister aller Art und deren Bekämpfung - 27.02.2015 (28)
  3. Win7: User Passwort gelöscht, Programme laufen nicht mehr
    Log-Analyse und Auswertung - 08.11.2014 (7)
  4. PC läuft nicht mehr richtig, Programme werden nicht gestartet &&
    Plagegeister aller Art und deren Bekämpfung - 03.03.2014 (12)
  5. Wsys Control, Bonanza Deals und qvo6 durch einen Player eingefangen. Browser laufen nicht mehr richtig.
    Log-Analyse und Auswertung - 30.10.2013 (11)
  6. Programme werden nicht mehr ausgeführt, Installationen laufen nicht...
    Log-Analyse und Auswertung - 18.04.2013 (15)
  7. GVU Trojaner mit Kaspersky Rescue Disk 10 evtl nicht richtig entfernt?
    Plagegeister aller Art und deren Bekämpfung - 24.11.2012 (12)
  8. Internet Explorer und alle Programme und Downloads die über ihn laufen funktionieren nicht
    Log-Analyse und Auswertung - 25.09.2012 (6)
  9. mediashifting.com, avira deaktiviert und manche programme laufen nicht mehr ...
    Plagegeister aller Art und deren Bekämpfung - 30.12.2011 (1)
  10. Kaspersky fand Dateien und ich weiß nicht, ob sie meinem PC schädigen
    Plagegeister aller Art und deren Bekämpfung - 26.09.2010 (1)
  11. In Vista laufen div. Programme nicht mehr an (vmtl. wg. Berechtigungsproblemen)
    Alles rund um Windows - 07.03.2010 (25)
  12. Antivirus 2010 entfernt (?), Antivir und andere Programme laufen nicht
    Log-Analyse und Auswertung - 03.02.2010 (18)
  13. Programme laufen nicht richtig, 6viren mit antivir
    Log-Analyse und Auswertung - 19.10.2008 (3)
  14. Nach heftigem Virusbefall, funktionieren Programme nicht mehr richtig. i-net/Pc lahmt
    Log-Analyse und Auswertung - 19.07.2008 (1)
  15. Ich fand HotKeysHook jedoch kann es nicht alles sein, fand aber nichts mehr
    Mülltonne - 30.10.2007 (2)
  16. Programme Starten nicht richtig und lassen sich nicht beenden
    Plagegeister aller Art und deren Bekämpfung - 08.09.2007 (1)
  17. PC fährt nicht richtig hoch, Programme stürzen ab
    Plagegeister aller Art und deren Bekämpfung - 17.09.2006 (2)

Zum Thema 2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig - Sollte mir FRST runterladen - hier die Logfiles: FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 Ran by Paar - 2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig...
Archiv
Du betrachtest: 2x Windows 7 - Kaspersky fand Trojaner - Programme laufen nicht richtig auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.