Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Behinderung durch Trojaner?

Behinderung durch Trojaner?


Plagegeister aller Art und deren Bekämpfung: Behinderung durch Trojaner?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.08.2015, 17:11   #4
sugus666
 
Behinderung durch Trojaner? - Standard

Behinderung durch Trojaner?


[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by Marcel (2015-08-14 18:07:08)
Running from F:\90 Daten Systemordner\Downloads_sys
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3121602427-3534730855-1075997385-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-3121602427-3534730855-1075997385-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3121602427-3534730855-1075997385-1003 - Limited - Enabled)
Marcel (S-1-5-21-3121602427-3534730855-1075997385-1001 - Administrator - Enabled) => C:\Users\Marcel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop Album 2.0 Starter Edition (HKLM-x32\...\{11B569C2-4BF6-4ED0-9D17-A4273943CB24}) (Version: 2.00.100 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.6.5 - ASUS)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bitdefender Antivirus Plus 2015 (HKLM\...\Bitdefender) (Version: 19.1.0.115 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-9440CN (HKLM-x32\...\{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J5620DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
Brother Product Research and Support Program (HKLM-x32\...\{8040527F-DD74-4B45-8A06-C4BF145B6C76}) (Version: 2.1.0.0000 - Brother Industries, Ltd.)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DisplayLink Core Software (HKLM\...\{BB07E020-7224-4EC3-864E-2AA0BF42A7DD}) (Version: 7.4.51572.0 - DisplayLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)
E-Finance Java (HKLM-x32\...\E-Finance Java) (Version: 1.0.0.0 - PostFinance)
eLohnausweis SSK Uninstaller (HKLM-x32\...\{34F301D7-88EA-4DE2-846B-E9F9F188107C}_is1) (Version:  - DV Bern AG)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.51 - Lenovo)
Energy Manager (x32 Version: 1.0.1.51 - Lenovo) Hidden
eTax.zug 2013 jP 1.0.0 (HKLM-x32\...\9994-2633-2807-7220) (Version: 1.0.0 - Information Factory AG)
eTax.zug 2014 jP 1.0.0 (HKLM-x32\...\8321-3702-0421-0790) (Version: 1.0.0 - Information Factory AG)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.44 - FileZilla Project)
FreeFileSync 7.0 (HKLM-x32\...\FreeFileSync) (Version: 7.0 - www.FreeFileSync.org)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.)
ICP Basis 7.00 (HKLM-x32\...\ICP Basis 7.00) (Version:  - )
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{D6FBF816-ACB8-46CC-ACC6-C8BBA85F497D}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1c7272f2-45cf-469f-b7e9-17c6b212549c}) (Version: 16.5.3 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
join.me (HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\JoinMe) (Version: 1.17.0.153 - LogMeIn, Inc.)
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.5.5 - SunplusIT)
Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab)
Lenovo Motion Control (x32 Version: 2.0.1.0107 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.0 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.12271 - Lenovo)
Lenovo USB Graphics (HKLM\...\{7257526E-B74A-488E-BA2E-56327482B06B}) (Version: 7.4.51587.0 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.3 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.3 - Lenovo) Hidden
MailStore Home 8.2.1.10082 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.2.1.10082 - MailStore Software GmbH)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Visio Professional 2003 (HKLM-x32\...\{90510407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Project Standard 2002 (HKLM-x32\...\{903A0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2915.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 de)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
My Swisscom Assistant (HKLM-x32\...\My Swisscom Assistant) (Version: 2.15.2.2072 - Swisscom (Schweiz) AG)
MyKeyFinder (HKLM-x32\...\MyKeyFinder_is1) (Version: 2015 - Abelssoft)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version:  - )
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.1 - Notepad++ Team)
Oracle VM VirtualBox 4.3.18 (HKLM\...\{74B7E6F9-DCAC-4ADB-B2D0-EEFDD1B5AC25}) (Version: 4.3.18 - Oracle Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
Prey Anti-Theft (x32 Version: 1.3.9 - Prey, Inc.) Hidden
Private Tax 2013 1.4.0 (HKLM-x32\...\0579-4231-5684-8562) (Version: 1.4.0 - Information Factory AG)
Private Tax 2014 1.4.0 (HKLM-x32\...\3690-0225-9329-1026) (Version: 1.4.0 - Information Factory AG)
Q-Dir (HKLM\...\Q-Dir) (Version:  - )
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version:  - Tobit.Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
RecImgManager (HKLM-x32\...\{1ECC3992-5E46-4A3B-823F-4228D5B05A83}) (Version: 2.0.26222 - SlimWare Utilities, Inc.)
ReminderInstaller (HKLM-x32\...\InstallShield_{48B99BC9-CEB0-485E-96B1-4609BC86D2DE}) (Version: 1.00.0000 - Absolute Software.)
ReminderInstaller (x32 Version: 1.00.0000 - Absolute Software.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Link 2.0.0.1503181422 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1503181422 - Copyright 2013 SAMSUNG)
Sandboxie 4.20 (64-bit) (HKLM\...\Sandboxie) (Version: 4.20 - Sandboxie Holdings, LLC)
Screenpresso (HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Screenpresso) (Version: 1.5.6.0 - Learnpulse)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.102 - Skype Technologies S.A.)
Snapform Viewer 1.7.39 (HKLM\...\2841-5017-1617-4151) (Version: 1.7.39 - Ringler Informatik AG)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.7 - Synaptics Incorporated)
ThinkPad USB 3.0 Dock (HKLM-x32\...\{69109A9C-1D00-4A84-9ABF-AAE9CADD20DD}) (Version: 1.07.15 - Lenovo)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.0f-1 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WHS ProStation (HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\InstallShield_{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}) (Version: 2.38.56.10.2 - WH SELFINVEST)
WHS ProStation (x32 Version: 2.38.56.10.2 - WH SELFINVEST) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0106 - Lenovo)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1FA5F244-9468-D082-1262-D4EE85889A47} No File
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5FB02946-9468-D082-10B9-C1AE85889A47} No File
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0120950B-72D8-4543-A921-62AD99989D11} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {114B555B-6E44-421B-90EC-509925C4578F} - System32\Tasks\4Team updater => C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe
Task: {11CF1733-D8D7-4871-9BB3-A8BBE91DE674} - System32\Tasks\MsgUpdateCheck (ed5bac9b-5ca0-4f99-aa46-a881a08ff6f3) => C:\SmartDraw CI\MarkedUp\tray\TrayNotifierNET35.exe [2014-04-30] (MarkedUp Inc)
Task: {19676596-235C-492C-9BBD-B736CE6B4742} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {45C50541-C5AB-4236-A2F3-C0B6375B44DF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3121602427-3534730855-1075997385-1001UA => C:\Users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {48BD7CC0-33DC-4B22-9320-2A75C6A425B8} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5177C064-CC6E-4D71-BE7A-B42FA270C361} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {54C13448-7CAE-4053-AB65-45947EFA1342} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {669D6792-29A3-428A-A195-CEE18EFBC3BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {6AB1569F-4369-4546-88C8-735FD098A9AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {934E759D-B07C-451F-9877-E757089B7DEE} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {93BD02A6-3C5E-46BB-8D41-FEA837F972C9} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {9F2AF63D-65F9-4C86-91A1-B4CBDA3421F9} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {AB1B2D4F-AD1B-4388-807F-BA561CDE4FD9} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-03-28] (Lenovo)
Task: {B20FD989-8C81-46A1-B185-C1D28F8D24F5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {C71A6436-7370-460F-864E-09FE1370A395} - System32\Tasks\SDMsgUpdate (TE) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {F97DB1F3-B11D-48E1-B038-8906E0AA1B7E} - System32\Tasks\SDMsgUpdate (Local) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {FFA9A996-FEC2-420E-8B15-7FB5F295BCF6} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-29] (Synaptics Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\ParetoLogic Registration3.job => C:\windows\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-02 02:31 - 2013-08-02 02:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-02 02:31 - 2013-08-02 02:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-02 02:31 - 2013-08-02 02:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-03-28 08:55 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-30 09:15 - 2015-03-18 15:22 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2014-08-30 09:15 - 2015-03-18 15:22 - 02633728 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2014-08-30 09:15 - 2015-03-18 15:22 - 02540544 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00030720 _____ () C:\windows\SYSTEM32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00908800 _____ () C:\windows\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\windows\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\windows\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\windows\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\windows\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2014-08-30 09:16 - 2014-08-30 09:16 - 00669696 _____ () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2014-08-30 09:15 - 2015-03-18 15:22 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2014-08-30 09:15 - 2015-03-18 15:22 - 00499712 _____ () C:\Program Files\Samsung\Samsung Link\utils\MetaExtractorDLL.dll
2015-01-08 20:36 - 2005-04-22 14:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2014-03-28 08:55 - 2014-03-28 08:55 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-03-28 08:55 - 2014-03-28 08:55 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-03-28 08:55 - 2014-03-28 08:55 - 00062224 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-03-28 08:53 - 2014-01-07 00:14 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
2014-03-28 08:55 - 2014-03-28 08:55 - 00161792 _____ () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
2015-08-09 12:43 - 2015-04-22 16:55 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-08-09 12:43 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-08-09 12:43 - 2015-06-10 18:41 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-08-13 14:12 - 2015-08-13 14:12 - 00861696 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00550_003\ashttpbr.mdl
2015-08-13 14:12 - 2015-08-13 14:12 - 00728576 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00550_003\ashttpdsp.mdl
2015-08-13 14:12 - 2015-08-13 14:12 - 02776064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00550_003\ashttpph.mdl
2015-08-13 14:12 - 2015-08-13 14:12 - 01395200 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00550_003\ashttprbl.mdl
2015-08-02 13:04 - 2014-03-07 09:21 - 00080312 _____ () C:\windows\system32\IGFXEXPS.DLL
2008-07-04 12:38 - 2008-07-04 12:38 - 00065536 _____ () C:\Brother\BPRSP\resources\BrSupSsp.exe
2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2015-07-23 11:29 - 2015-07-23 11:29 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-23 11:29 - 2015-07-23 11:29 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2014-04-22 20:23 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-03-28 08:39 - 2013-08-08 22:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-28 08:55 - 2014-03-28 08:55 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2015-08-09 12:43 - 2015-04-22 16:53 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\txmlutil.dll
2015-08-09 12:43 - 2015-05-12 15:48 - 00067808 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\bdwtxff.dll
2003-07-11 10:09 - 2003-07-11 10:09 - 00048192 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\1031\nsextint.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Marcel\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Radio.fx.LNK"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "AutoStartTransition"
HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Yoga Picks"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "My Swisscom Assistant"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\StartupApproved\Run: => "zzihaw.exe"
HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\StartupApproved\Run: => "rfxsrvtray"
HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4431DEAE-785F-4476-A1D9-31EE2F25E07D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3E4C4004-2938-408E-BB9F-065DD2A43E64}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{7F4CFB46-E8EE-4804-BC7A-5E9E37543015}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B7649C76-9956-4020-AC6E-924C8B77E9D6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EE9CAD80-E182-4C83-B105-8DA877E0B70E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F87B0288-5786-47AB-8833-6834612238AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0D3253CE-E1C8-482C-B2F2-9649D1CE2B4D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F9B3630D-7E6B-4AC8-BA2E-07A8398C70DD}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{1A1C5D3C-6EA9-46EB-87CC-2B72169BD698}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{D4820C6E-E3E7-40F6-AE1A-C59957B8B1C6}] => (Allow) LPort=54925
FirewallRules: [{C400B6EE-8C7E-4FEB-92F4-ACEEC20EA8D3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{83D4BC26-742A-4A8A-9314-A7F2997CB682}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{BC591497-5730-4159-A59B-BFA8E0FF5C1F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{BB30ACF2-BBE3-4A73-A8D0-4CAAAEE54456}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{E17A4801-6EE3-4BA6-9601-A3752B78AAAC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{5433EC50-5282-4E59-B9C3-EE2541AD45D4}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{D389BBA3-48A3-460F-9BA0-DAF3EA753A9B}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\WLAN\SwisscomWLAN.exe
FirewallRules: [{215839A2-8207-4AB5-B1DB-4413380C620A}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\WLAN\SwisscomWLAN.exe
FirewallRules: [{9DF4834B-E895-43D9-B66B-56F6EC196392}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe
FirewallRules: [{74553D50-32B3-4F3C-A9C3-B3CBC13A58FE}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe
FirewallRules: [{945872BD-00E1-4BE3-821E-9874698B5A84}] => (Allow) LPort=8743
FirewallRules: [{63B85722-A77D-45A2-8F5C-64F23EABA935}] => (Allow) LPort=8643
FirewallRules: [{E2EA838F-A7A3-4A5D-9159-C05F086C7263}] => (Allow) LPort=7676
FirewallRules: [{EC45B1E0-C6C4-4AE3-9C08-713A85E6A46C}] => (Allow) LPort=7679
FirewallRules: [{3CC2556B-3C36-4251-BB85-E0036DCBF1F5}] => (Allow) LPort=24234
FirewallRules: [{258AF4F6-619B-4104-9528-45E68F583009}] => (Allow) LPort=7900
FirewallRules: [{EDB7FCB4-5921-4FD9-B591-FAF26006558D}] => (Allow) LPort=1900
FirewallRules: [{EBE5F558-DF3D-42B2-96E0-CB6F67A61301}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{65312F94-6083-4AA6-AFDE-94F7400725B5}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{B71C1162-9807-4FE3-9553-F1000FAD5ADE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{82824B5A-ACA2-4AC9-9E02-733544CAF2FB}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{BDC2A857-DE46-4F93-9D6A-5AF7742BF1CB}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{042614FB-48A6-472C-80C9-89DAA5A1B3C8}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{87BDB682-26F7-4441-9898-BCF01749892B}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{D9A08DF9-4A68-41ED-B187-03C0F7F22298}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [TCP Query User{36306197-E317-4D40-949D-992EBC574FE1}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{7D77A54A-D12C-42DE-8A4E-8EC03DF859BF}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{3A498FFE-111E-4BD0-8227-D598BF14E5EC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{A6C10A9F-9B83-44EC-AA72-C32A14945666}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{07697B2F-7B22-41B9-972D-BE006011B3FA}] => (Allow) C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{9DF63D6B-7184-4AD8-A624-F8DCE60FDA0E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{EE2C085E-CE90-4492-8A4A-40CFD385AA52}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A2973539-9915-4060-AE99-57E858910C69}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{390F3960-F197-4DDA-A2E9-5584BF3E790A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{CC27E496-D046-4E88-9F5F-0397BD62798D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{ABAF99FD-E70B-4F6F-A5C1-485427AC18A4}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{FF9E7EB5-D622-4096-9BFD-5AF7E24C1E85}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{697F890B-7392-4A34-95E1-E13E077C1D12}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [TCP Query User{BA97556E-0C2E-4EFA-92B4-D864348CB679}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D547E705-30C7-4C99-8E10-C49310943D70}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{2DA0F69C-34E6-4FE6-97FF-E35B619D3444}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{A7199F1C-1D6C-4819-A485-F0B2F8017273}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F1248851-1A38-47FF-A437-CAF528F289AD}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{6BBFC808-ACC0-4064-90D7-BAB0BDB1FABE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A97EE786-2B57-47B2-8D4A-DB30E403E4FC}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{D467C7B2-FE00-4D4F-8FAE-A1C4E19DB5E9}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{09EBD004-26EC-4FCD-9A91-A9DABBD8EBDB}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{96B2F48E-D869-44E7-86C9-D933CB69F4B0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{9FBE20C2-2F6E-45EC-9CE3-BE21B022A9E7}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{F0CF83FE-DBB1-43CA-AEC3-24FF6AA337CD}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{B0BEE50F-1730-4425-A5BB-5BDF6B14EC11}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{12F7F8CB-96F8-4C34-8AA7-32B42558FB55}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{3C35C46B-71E2-4DCA-AE2B-D61FFC530FFF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{6197A62B-4B7F-4A4B-B2C4-8E11D56E0543}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{DFB0CEDA-1238-47D9-A856-95F0548447EB}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{442153E3-7D80-4AC6-8BF8-C7FB16E6C36C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{5A04ED96-62F3-4297-B99A-4E1476255B79}] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{24E4DDD1-1307-489F-B217-EDBFCDFD935E}] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{D3DD32AA-F817-42DE-9CF1-03371BB95068}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{490B4F85-C6DF-416A-8EF6-3C80F169471A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D76CA2F7-FE24-4D06-86C5-F4CE9E5CAC2F}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14e\FAXRX.EXE
FirewallRules: [{F07D8D86-A96C-4D43-A081-2BF5D0044E48}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{8581DA57-E721-4297-AE0E-57D219D54F08}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{FAEBC70F-315D-4483-8832-FC6488BAB043}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{82301374-2EC6-4FDA-B21E-42D1A903DF3B}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{8D4C8D2E-BC79-4149-9A75-2CB22C4D0CF8}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{D7B14B40-2DF9-46B9-A34E-47BA1AF55C62}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{35B86F9D-0566-47FD-A08B-7E78FCD493EA}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{314DEF24-8962-4B56-AF52-989A6DC32D07}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{BAF2714A-5FB3-485D-9520-30E9A92B2BEF}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [TCP Query User{DAF67383-BEAA-431A-930E-300D496FD568}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7212BC96-4CA3-49A4-A207-5768E6F72B6B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{DB8D1945-70EB-43FE-AA4B-703809F95F18}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{59DF4A80-2B14-4D6B-80C6-E4EED5310827}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{7055B5CC-A0E3-46C3-A978-36B180A734DE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{4C36329F-D803-44D6-A03F-ED2CCD29FA47}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{92B83BC9-2AC5-4C81-A3B3-19656D721B53}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{D55B24AA-BB5F-4629-8829-F8517279707E}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{05DEC036-5A7D-4951-B7EF-2CDDFCFAB025}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{CFB84829-CB9B-4728-8890-488E4B2B181B}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [TCP Query User{59E7C9DC-7743-4F5F-9B56-0793AFA6996D}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{F24072CB-A078-48E1-B810-68D42B118F6B}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{22AADAE4-32FB-4FD8-BEA1-A2DBA80B9F5A}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{CB421610-37DA-49BC-B2BF-6661ADDE9368}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{0C0517AB-9D31-49C3-9C56-8D812D187D52}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AE048FD6-A975-43E6-A034-3304E46E03F5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{98D0103E-A762-4B66-9D2B-AB984A4B89B1}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{13E10B00-2F4B-410E-ABC7-B4FB939537E3}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{FFC75286-B03F-4EB4-9D8C-C473F4B675F8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F8E551C0-620C-48DD-8289-676CF6902D89}] => (Allow) C:\Windows\Prey\versions\1.4.1\bin\node.exe
FirewallRules: [{58D99F8E-8FA4-4A8A-AB35-CBAC89586306}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{4E3BC521-0E78-4909-9FA8-C2184FF1007E}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{2F84591F-72FC-4727-836E-B45FA9744978}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{4914DDF3-1A78-4E94-9B86-2C81E38CBDEE}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{82D91E50-DA66-4C54-A6BD-14AB6B5E876B}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{AE1B92C0-998E-49FE-B67C-64E958E20C17}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{523AC248-C74A-4269-90A0-DDE9881F3AF6}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{4BE7E6D7-D95F-464C-8CD2-75B08A12060A}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{A320978A-5216-4BF5-BA0E-F9F50D3B490B}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
FirewallRules: [{14FCC4D3-1911-4864-AA84-8FEE3554F456}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
StandardProfile\AuthorizedApplications: [C:\Users\Marcel\AppData\Roaming\zzpuok\suujnu.exe] => Enabled:suujnu

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/14/2015 12:52:35 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Scheduled Checkpoint; Fehler = 0x80070422).

Error: (08/14/2015 12:52:32 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRE_DRV" wurde aufgrund eines Fehlers nicht optimiert: The parameter is incorrect. (0x80070057)

Error: (08/14/2015 12:32:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MediaCreationTool.exe, Version: 6.3.9600.17557, Zeitstempel: 0x548cc952
Name des fehlerhaften Moduls: MSONSEXT.DLL, Version: 11.0.6715.60, Zeitstempel: 0x43306199
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052b84
ID des fehlerhaften Prozesses: 0x484c
Startzeit der fehlerhaften Anwendung: 0xMediaCreationTool.exe0
Pfad der fehlerhaften Anwendung: MediaCreationTool.exe1
Pfad des fehlerhaften Moduls: MediaCreationTool.exe2
Berichtskennung: MediaCreationTool.exe3
Vollständiger Name des fehlerhaften Pakets: MediaCreationTool.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MediaCreationTool.exe5

Error: (08/14/2015 12:02:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (08/14/2015 10:42:41 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/13/2015 06:39:53 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (08/13/2015 06:28:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" /scan:boot /quiet /quick; Beschreibung = Prüfpunkt von HitmanPro; Fehler = 0x80070422).

Error: (08/13/2015 06:28:14 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" /scan:boot /quiet /quick; Beschreibung = Prüfpunkt von HitmanPro; Fehler = 0x80070422).

Error: (08/13/2015 06:12:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545042b7
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54503c4d
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000063c1f
ID des fehlerhaften Prozesses: 0x1f18
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (08/13/2015 12:10:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24


System errors:
=============
Error: (08/14/2015 05:17:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS

Error: (08/14/2015 03:47:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS

Error: (08/14/2015 03:17:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS

Error: (08/14/2015 01:47:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS

Error: (08/14/2015 12:47:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS

Error: (08/14/2015 12:39:02 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS

Error: (08/14/2015 12:30:24 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS

Error: (08/14/2015 12:24:12 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS

Error: (08/14/2015 12:18:58 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS

Error: (08/14/2015 12:14:57 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS


Microsoft Office:
=========================
Error: (08/11/2015 06:02:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6723.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4085 seconds with 1800 seconds of active time.  This session ended with a crash.

Error: (06/14/2015 02:26:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 429 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (04/26/2015 09:57:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 38 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/26/2015 09:56:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 96 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (04/21/2015 07:09:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/21/2015 04:15:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 762 seconds with 720 seconds of active time.  This session ended with a crash.

Error: (04/20/2015 07:23:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1980 seconds with 1140 seconds of active time.  This session ended with a crash.

Error: (04/14/2015 10:15:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 284 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/23/2015 08:55:02 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 248 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (01/14/2015 11:24:34 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6712.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2983 seconds with 1560 seconds of active time.  This session ended with a crash.


CodeIntegrity:
===================================
  Date: 2014-11-15 17:29:16.127
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-15 17:29:15.670
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-15 17:29:15.513
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-15 17:29:15.340
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-15 17:29:15.169
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-15 17:29:14.997
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-15 17:29:14.825
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-15 17:29:14.653
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-15 17:29:14.465
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-15 17:29:14.278
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 71%
Total physical RAM: 8104.27 MB
Available physical RAM: 2321.72 MB
Total Virtual: 16296.27 MB
Available Virtual: 10032.81 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:217.68 GB) (Free:78.22 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.88 GB) NTFS
Drive f: (Daten) (Fixed) (Total:216.58 GB) (Free:162.22 GB) NTFS
Drive g: (ESD-USB) (Removable) (Total:28.88 GB) (Free:28.88 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D9341526)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 28.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of log ============================
--- --- ---
 

Themen zu Behinderung durch Trojaner?
administrator, bitdefender, cmd, dateien, defender, diverse, einstellung, fehler, folge, foren, hijack, hijackthis, iso-datei, malwarebytes, microsoft, programme, prüfen, ratlos, starten, system32, taskmanager, trojaner, trojaner?, virus, windows


« Win7: Rechner "hing" nach Kopierversuch großer Dateien, dann chdsk angelaufen | nerviger Rechner-Verlangsamungs-Virus »


Ähnliche Themen: Behinderung durch Trojaner?


  1. nach Befall durch BKA Virus Entfernung durch Fachhandel Jetzt startet Windows sicherheitsdienst nicht mehr
    Log-Analyse und Auswertung - 05.06.2014 (14)
  2. Zugriffsverweigerung auf Netbook(XP)durch BKA,danach durch GVU-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 21.02.2013 (13)
  3. Laptop mit Windows xp gesperrt durch Bundespolizei, Entsperrung nur durch Geld
    Log-Analyse und Auswertung - 25.01.2013 (34)
  4. GVU-Trojaner über hawaiidermatology.com? + unsichere eigene Website durch diesen Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 15.01.2013 (16)
  5. Mehrere Trojaner durch Malwarebytes Anti Malware gefunden und ein Virus durch Avira gefunden (TR/Gendal.81920.6)
    Log-Analyse und Auswertung - 10.11.2012 (1)
  6. Trojaner durch email
    Log-Analyse und Auswertung - 02.08.2012 (28)
  7. Hardwaredefekt durch Trojaner?
    Netzwerk und Hardware - 01.06.2012 (1)
  8. Bluescreen durch Flashplayer; Malwarefund durch MBAM
    Plagegeister aller Art und deren Bekämpfung - 19.01.2012 (11)
  9. Icq trojaner durch bild
    Plagegeister aller Art und deren Bekämpfung - 13.06.2010 (9)
  10. Trojaner durch MSN-Link
    Log-Analyse und Auswertung - 31.03.2010 (8)
  11. Rndll.exe Trojaner durch MSN was tun
    Plagegeister aller Art und deren Bekämpfung - 08.01.2010 (1)
  12. Passworte weg durch Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 09.09.2009 (1)
  13. Befall durch Trojaner, was tun?
    Log-Analyse und Auswertung - 08.08.2008 (5)
  14. Virenbefall erst durch Symantec E-Mail Proxy, dann durch andere.
    Plagegeister aller Art und deren Bekämpfung - 24.05.2008 (2)
  15. Help Trojaner durch MSN
    Log-Analyse und Auswertung - 04.11.2007 (4)
  16. Grafikfehler durch Trojaner?
    Log-Analyse und Auswertung - 12.08.2006 (2)
  17. Trojaner durch 180Solutions
    Log-Analyse und Auswertung - 30.03.2005 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Behinderung durch Trojaner? - [CODE]Additional FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:13-08-2015 Ran by Marcel (2015-08-14 18:07:08) Running from F:\90 Daten Systemordner\Downloads_sys Boot Mode: Normal - Behinderung durch Trojaner?...
Archiv
Du betrachtest: Behinderung durch Trojaner? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131