Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
CloudScout bringt immer Werbung

CloudScout bringt immer Werbung


Log-Analyse und Auswertung: CloudScout bringt immer Werbung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 15.06.2015, 14:09   #1
Thomas_L
 
CloudScout bringt immer Werbung - Standard

Addition File


[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by TL at 2015-06-15 11:43:30
Running from C:\Users\tl\Desktop\Virenschutz
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1747593855-565391543-2980224419-500 - Administrator - Disabled)
Gast (S-1-5-21-1747593855-565391543-2980224419-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM-x32\...\{051770B2-AC7A-4A63-9326-394C3E6E3B12}) (Version: 2.4.2526 - Famatech)
AMD Catalyst Install Manager (HKLM\...\{C23F43A3-327E-2969-52F2-89ED83D99F48}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.3 - Ihr Firmenname)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
cardPresso (HKLM-x32\...\cardPresso) (Version: 1.1.0 - Copyright 2012, cardPresso, Lda)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
DataDirect ODBC driver for InterBase (HKLM-x32\...\DataDirect ODBC driver for InterBase) (Version:  - )
DecoderProgrammer (C:\Program Files (x86)\DecoderProgrammer\) (HKLM-x32\...\ST6UNST #2) (Version:  - )
DecoderProgrammer (HKLM-x32\...\ST6UNST #1) (Version:  - )
Digi Device Discovery (HKLM-x32\...\Digi Device Discovery) (Version:  - )
ELCOM BTI-TERM (HKLM-x32\...\ELCOM BTI-TERM) (Version: 1.0 - ELCOM GmbH & Co. KG)
FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
IB-Upgrade Version 1.0.0.1 (HKLM-x32\...\{15E58B69-C4D7-4338-AA1C-4519F843AE0C}_is1) (Version: 1.0.0.1 - Uhlenbrock Elektronik GmbH)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33268) (Version: 3.6.1.33268.15 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
InterBase 2009 (HKLM-x32\...\InterBase 2009) (Version: InterBase 2009 - Embarcadero Technologies Inc.)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
Linphone (HKLM-x32\...\Linphone) (Version: 3.8.4 - Belledonne communications)
LogMeIn (HKLM-x32\...\{CB7AF84A-1B7F-4C6B-8A58-EB7CDE48C23A}) (Version: 4.1.3268 - LogMeIn, Inc.)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MySQL Utilities (HKLM-x32\...\{0B18AA75-6A44-4950-A0A2-A486C2D839A0}) (Version: 1.4.4 - Oracle Corporation)
MySQL Workbench 6.1 CE (HKLM-x32\...\{AD95295B-0279-43B6-A873-F12A1D1CD146}) (Version: 6.1.7 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
PhonerLite 2.25 (HKLM-x32\...\PhonerLite_is1) (Version: 2.25 - Heiko Sommerfeldt)
PingPlotter Standard 3.42.3s (HKLM-x32\...\{1C1D0A2C-C8B4-4C2C-9877-884F8FC082B5}) (Version: 3.42.3.6 - Nessoft, LLC)
Premium Sound HD (HKLM\...\{000A208E-1050-4181-AC37-E13DA9254B73}) (Version: 1.12.6000 - DTS, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Scriptable Automation Manager (HKLM-x32\...\{9F26E6E5-66BD-4EEA-9038-AC18A63E49A5}) (Version: 0.9.20 - AIT Software GmbH)
Self-Service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6626.6406 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 2.00.972 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{11A5F0A4-5738-4857-9CEA-216E4F78BEB5}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0015 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.2 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
VMware vSphere Client 5.1 (HKLM-x32\...\{09DC364B-A77A-49A0-972B-E43F0DACC5E3}) (Version: 5.1.0.1557 - VMware, Inc.)
vtiger CRM Outlook Plugin-6.0-X86 (HKLM-x32\...\vtiger CRM Outlook Plugin-6.0-X86) (Version:  - Vtiger)
vtiger CRM Outlook plugin-6.0-X86_64 (HKLM\...\vtiger CRM Outlook plugin-6.0-X86_64) (Version:  - Vtiger)
vtigercrm600 (HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\vtigercrm600) (Version:  - )
VWP100 (HKLM-x32\...\PfisterWaagenGmbH VWP100_is1) (Version: 2.1.0.205 - Pfister Waagen Bilanciai GmbH)
WinWeigh Plus (HKLM-x32\...\PfisterWaagenGmbH WinWeighPlus_is1) (Version: 6.0.0.203 - Pfister Waagen Bilanciai GmbH)
X-Lite (HKLM-x32\...\{D79740D7-405F-4A07-A144-40A655CA4B7C}) (Version: 48.7.6589 - CounterPath Corporation)
Zebra ZXP S3 and S1 Card Printers (HKLM-x32\...\{1132009E-7E6B-43D3-8F24-5554F5E9483B}) (Version: 05.01.00.00 - Zebra Technologies Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1026108093-1314267383-2887952174-1155_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\tl\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

05-06-2015 16:17:04 Windows Update
10-06-2015 13:43:26 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
12-06-2015 14:37:53 Removed PlanetView 030006
15-06-2015 09:37:30 AA11

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A2A573B-2C2A-44EF-A06D-5431D3C00D31} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-11] (Microsoft Corporation)
Task: {21E2740A-9194-4FAF-9B22-117618CDA0A0} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {26166EDA-84BE-488F-822B-13821D2B145E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-29] (Google Inc.)
Task: {2A54C017-97F1-445E-A08F-FF3A8CC22857} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {2F16612B-41A6-4680-A5EF-395EBE596C73} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {32A9D14E-C630-4A42-9556-CFD9EEAC6C4C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {417502C0-9D3B-4553-9DE0-69FA1FA67AE1} - System32\Tasks\{7FB0C9C3-0F3E-4C60-9925-21E2C811DC63} => pcalua.exe -a C:\Users\tl\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=slb2
Task: {5242AA7D-454B-4B4F-9014-D4837CDCBC5E} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-09-25] (Toshiba Europe GmbH)
Task: {5AB1DB5F-1591-4541-849A-635A46A95760} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {5B8BFD2D-202A-4F64-B1A4-B960C4BB4878} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {74415D5C-E789-4B25-8333-AA42DA002600} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {8C7DC534-40B9-4692-90E4-DE07859545E2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {A1AFF702-852D-4707-8739-A25D528605D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-29] (Google Inc.)
Task: {B1495406-6C7D-4100-AFEC-5E5830E0966B} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1026108093-1314267383-2887952174-1155 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {CABB91D3-E361-4ECC-BADD-08D85B7C3E4D} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {E8B683AC-BAE7-4250-A5FB-DA5919F275FD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {EA7E79F4-622D-4847-9422-E8A0C990CB77} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\vtigerCRM Email Reminder.job => C:\Program Files (x86)\vtigercrm600\apache\htdocs\vtigerCRM\modules\Calendar\SendReminder.bat
Task: C:\WINDOWS\Tasks\vtigerCRM Notification Scheduler.job => C:\Program Files (x86)\vtigercrm600\apache\htdocs\vtigerCRM\cron\intimateTaskStatus.bat
Task: C:\WINDOWS\Tasks\vtigerCRM Recurring Invoice.job => C:\Program Files (x86)\vtigercrm600\apache\htdocs\vtigerCRM\cron\modules\SalesOrder\RecurringInvoiceCron.bat
Task: C:\WINDOWS\Tasks\vtigerCRM WorkFlow.job => C:\Program Files (x86)\vtigercrm600\apache\htdocs\vtigerCRM\cron\modules\com_vtiger_workflow\com_vtiger_workflow.bat

==================== Loaded Modules (Whitelisted) ==============

2011-10-13 14:38 - 2011-10-13 14:38 - 00156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2014-07-14 15:08 - 2014-07-14 15:08 - 00034304 _____ () C:\WINDOWS\System32\ssj2mlm.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-25 10:03 - 2012-09-25 10:03 - 05750784 _____ () C:\Program Files (x86)\vtigercrm600\mysql\bin\mysqld-nt.exe
2015-03-02 16:43 - 2015-03-02 16:43 - 00099288 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-09-11 09:29 - 2014-09-11 09:30 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\kpcengine.2.3.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2013-07-03 11:20 - 2008-05-12 17:27 - 00389120 _____ () C:\CodeGear\InterBase\bin\sanctuarylib.dll
2013-06-05 11:26 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-03-02 22:30 - 2015-03-02 22:30 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-06-15 09:43 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-15 09:43 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-15 09:43 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-01-13 12:42 - 2014-01-13 12:42 - 00251392 _____ () C:\Program Files (x86)\vtigerCRM\Outlook6.0\vtigerCRMOutlookAddin.dll
2013-07-04 07:30 - 2013-07-04 07:30 - 00886272 _____ () C:\Program Files (x86)\vtigerCRM\Outlook6.0\System.Data.SQLite.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\tl\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\bern.ch -> hxxps://portal.bern.ch
IE trusted site: HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\internet -> internet
IE trusted site: HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\logmein.com -> hxxps://secure.logmein.com
IE trusted site: HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\mcafee.com -> hxxps://mcafee.com
IE trusted site: HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\saidef.ch -> hxxps://login.saidef.ch
IE trusted site: HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\...\webcompanion.com -> hxxp://webcompanion.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1026108093-1314267383-2887952174-1155\Control Panel\Desktop\\Wallpaper -> C:\Users\tl\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 81.218.119.5 - 82.163.142.130

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "TPUReg(x86)"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Shairport4w"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [UDP Query User{6DF5E0C5-745D-42FA-9871-6AF4488677F5}C:\pfisterwaagengmbh\hkw_basel\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\hkw_basel\bin\wiegen.exe
FirewallRules: [TCP Query User{B968324F-A042-4C32-8EA8-DACFA77B2D6D}C:\pfisterwaagengmbh\hkw_basel\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\hkw_basel\bin\wiegen.exe
FirewallRules: [UDP Query User{1C96A74D-C23E-4798-BC57-8A50C87A1334}C:\pfisterwaagengmbh\leureko\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\leureko\bin\wiegen.exe
FirewallRules: [TCP Query User{E4707320-9033-4523-99C2-21B1B83C6D99}C:\pfisterwaagengmbh\leureko\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\leureko\bin\wiegen.exe
FirewallRules: [UDP Query User{35C67BCD-819A-46E1-9C7F-FD4ADBA67977}C:\pfisterwaagengmbh\kva_winterthur\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\kva_winterthur\bin\wiegen.exe
FirewallRules: [TCP Query User{AA9AADD3-C7AC-44BF-AFF4-B53DACB2B1BA}C:\pfisterwaagengmbh\kva_winterthur\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\kva_winterthur\bin\wiegen.exe
FirewallRules: [UDP Query User{D3A0D19A-A389-4B14-8F0D-725C9F57B9BE}C:\pfisterwaagengmbh\flueckiger\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\flueckiger\bin\wiegen.exe
FirewallRules: [TCP Query User{37571717-5AA6-4267-9262-D776B612060C}C:\pfisterwaagengmbh\flueckiger\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\flueckiger\bin\wiegen.exe
FirewallRules: [UDP Query User{8D8950B2-BFFD-4764-80C7-398755CA72DE}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{011C5D06-4136-4916-8EBB-61689F4233CC}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{DFB5C209-6260-4295-A146-4C7738862D9D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C73F061D-B069-41BE-B38F-3C08140F3BC3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CB1512B8-1DE0-495B-ACFB-7F78AA456E7B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3387AB65-3249-4A15-BCF1-11FE086DAB27}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5D3135C9-0467-43FE-B51C-4005C1EC9A8C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{3AC7E504-4078-4D6C-940C-BFCF5741D6DE}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [TCP Query User{18A83794-C959-40F8-9357-6074AAD50A6D}C:\pfisterwaagengmbh\winweighplus\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\winweighplus\bin\wiegen.exe
FirewallRules: [UDP Query User{2496DC98-1378-4DA3-84A2-2B702D8D7981}C:\pfisterwaagengmbh\winweighplus\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\winweighplus\bin\wiegen.exe
FirewallRules: [TCP Query User{AD62AC37-7B4D-450F-AD21-E418C0912308}C:\pfisterwaagengmbh\haefeli-bruegger\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\haefeli-bruegger\bin\wiegen.exe
FirewallRules: [UDP Query User{54B4FC3B-8064-4F9D-9316-BC966BA38ACB}C:\pfisterwaagengmbh\haefeli-bruegger\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\haefeli-bruegger\bin\wiegen.exe
FirewallRules: [TCP Query User{A12BD658-2F07-4300-8DA1-623A2E98F4BC}C:\users\tl\appdata\local\temp\lmia96.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmia96.tmp\logmein client.exe
FirewallRules: [UDP Query User{563A6257-137D-4526-AC7F-760B3D200CCB}C:\users\tl\appdata\local\temp\lmia96.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmia96.tmp\logmein client.exe
FirewallRules: [TCP Query User{F1ED3FA5-423F-4382-A2F2-371898F997F0}C:\users\tl\appdata\local\logmein client\logmein client.exe] => (Block) C:\users\tl\appdata\local\logmein client\logmein client.exe
FirewallRules: [UDP Query User{E14CBF71-2B9E-4E9D-A6AE-92FABB963897}C:\users\tl\appdata\local\logmein client\logmein client.exe] => (Block) C:\users\tl\appdata\local\logmein client\logmein client.exe
FirewallRules: [TCP Query User{FE23DF26-717A-47D6-A1A5-2376CAD0E33D}C:\pfisterwaagengmbh\regio-recycling\replikation\sdctec\ibrdemon\rpdemon.exe] => (Allow) C:\pfisterwaagengmbh\regio-recycling\replikation\sdctec\ibrdemon\rpdemon.exe
FirewallRules: [UDP Query User{A28910CA-6DDC-4C00-86EB-30755C32A3F3}C:\pfisterwaagengmbh\regio-recycling\replikation\sdctec\ibrdemon\rpdemon.exe] => (Allow) C:\pfisterwaagengmbh\regio-recycling\replikation\sdctec\ibrdemon\rpdemon.exe
FirewallRules: [TCP Query User{21DA7F26-C2F5-4B21-8A36-498488355AF5}C:\pfisterwaagengmbh\regio-recycling\bin\wiegen.exe] => (Block) C:\pfisterwaagengmbh\regio-recycling\bin\wiegen.exe
FirewallRules: [UDP Query User{184C6217-29E9-4DA7-9129-D2C62B1FE295}C:\pfisterwaagengmbh\regio-recycling\bin\wiegen.exe] => (Block) C:\pfisterwaagengmbh\regio-recycling\bin\wiegen.exe
FirewallRules: [TCP Query User{089CA0E6-CBBA-4C36-9826-B889F3B38B94}C:\pfisterwaagengmbh\sam\bin\sam.exe] => (Allow) C:\pfisterwaagengmbh\sam\bin\sam.exe
FirewallRules: [UDP Query User{C77E5057-773F-41D0-A588-E01586DD8954}C:\pfisterwaagengmbh\sam\bin\sam.exe] => (Allow) C:\pfisterwaagengmbh\sam\bin\sam.exe
FirewallRules: [TCP Query User{DD87B767-647C-40F8-AACD-8ABE328471C5}C:\pfisterwaagengmbh\vwp\bin\vwp100.exe] => (Allow) C:\pfisterwaagengmbh\vwp\bin\vwp100.exe
FirewallRules: [UDP Query User{8D9F3E63-B0AD-482F-9E19-587758D3F184}C:\pfisterwaagengmbh\vwp\bin\vwp100.exe] => (Allow) C:\pfisterwaagengmbh\vwp\bin\vwp100.exe
FirewallRules: [TCP Query User{C8720512-FE45-47AA-A0C0-84BC71589354}C:\program files (x86)\microsoft office\office14\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office14\outlook.exe
FirewallRules: [UDP Query User{65B458B4-ED04-48A4-9776-5F8DF6649BF4}C:\program files (x86)\microsoft office\office14\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office14\outlook.exe
FirewallRules: [TCP Query User{4BF94D84-EC94-41AF-9EF1-F0427563870C}C:\pfisterwaagengmbh\laurent\sam\bin\sam.exe] => (Allow) C:\pfisterwaagengmbh\laurent\sam\bin\sam.exe
FirewallRules: [UDP Query User{960BAFC1-E79B-4C3E-8061-637AC1941B77}C:\pfisterwaagengmbh\laurent\sam\bin\sam.exe] => (Allow) C:\pfisterwaagengmbh\laurent\sam\bin\sam.exe
FirewallRules: [TCP Query User{1A5BFCA4-FE72-4F6C-A5D2-DB6293FCEDDE}C:\pfisterwaagengmbh\laurent\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\laurent\bin\wiegen.exe
FirewallRules: [UDP Query User{929D7F75-EBBC-4931-B07B-C27E6BEB83BE}C:\pfisterwaagengmbh\laurent\bin\wiegen.exe] => (Allow) C:\pfisterwaagengmbh\laurent\bin\wiegen.exe
FirewallRules: [{4FC63C92-DCC9-4192-9DD1-0D0BA1F7328E}] => (Allow) LPort=6160
FirewallRules: [TCP Query User{19510CE2-CEDD-457F-A46B-D08D9DD539E7}C:\users\tl\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\tl\appdata\local\logmein client\logmein client.exe
FirewallRules: [UDP Query User{98CA6081-5BEB-417D-B701-FDAF9B4A6D89}C:\users\tl\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\tl\appdata\local\logmein client\logmein client.exe
FirewallRules: [TCP Query User{F3841F5E-F098-43FA-A794-DDA85A92D73A}C:\pfisterwaagengmbh\winweighplus\bin\vip.exe] => (Allow) C:\pfisterwaagengmbh\winweighplus\bin\vip.exe
FirewallRules: [UDP Query User{3A7712EF-C62A-4FEC-84F4-FC5EB9576612}C:\pfisterwaagengmbh\winweighplus\bin\vip.exe] => (Allow) C:\pfisterwaagengmbh\winweighplus\bin\vip.exe
FirewallRules: [TCP Query User{2861A8E2-B3A1-4326-A1B8-EABC00F03C2E}C:\users\tl\appdata\local\temp\lmi8a0b.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi8a0b.tmp\logmein client.exe
FirewallRules: [UDP Query User{13489791-BAE8-4DEE-85E8-F55AD935635F}C:\users\tl\appdata\local\temp\lmi8a0b.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi8a0b.tmp\logmein client.exe
FirewallRules: [TCP Query User{EE5A351F-F3E3-4DDA-9770-A11D4E2C7D33}C:\users\tl\appdata\local\temp\lmicab0.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmicab0.tmp\logmein client.exe
FirewallRules: [UDP Query User{2DBA82D1-C9F6-4099-A9D8-3818A1F5A81B}C:\users\tl\appdata\local\temp\lmicab0.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmicab0.tmp\logmein client.exe
FirewallRules: [TCP Query User{E419FD77-9C7D-4D7E-AD2E-4ADB4108A87C}C:\users\tl\appdata\local\temp\lmif23.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmif23.tmp\logmein client.exe
FirewallRules: [UDP Query User{3B12BFEB-D1A6-4C05-AB44-F7E5AE7885F0}C:\users\tl\appdata\local\temp\lmif23.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmif23.tmp\logmein client.exe
FirewallRules: [{A36AF5E9-B54B-401C-8C74-8DDAE0F34E34}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{34B6B948-E6EF-4939-ACC5-115FAE2B3748}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [TCP Query User{707251A2-5EEA-4852-8AD2-A63E1D4B8576}C:\users\tl\appdata\local\temp\lmi5aef.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi5aef.tmp\logmein client.exe
FirewallRules: [UDP Query User{3FA31B54-B923-4EAF-BCE1-E528B4E38194}C:\users\tl\appdata\local\temp\lmi5aef.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi5aef.tmp\logmein client.exe
FirewallRules: [{96C82587-C833-4619-A865-8DB821473A86}] => (Block) C:\users\tl\appdata\local\temp\lmi5aef.tmp\logmein client.exe
FirewallRules: [{5259C50B-F01E-44BA-B23B-F63A58FAC4B5}] => (Block) C:\users\tl\appdata\local\temp\lmi5aef.tmp\logmein client.exe
FirewallRules: [TCP Query User{9F89E13E-10F4-438F-BFB6-B2CB2A689637}C:\users\tl\appdata\local\temp\temp1_shairport4w73.zip\shairport4w.exe] => (Allow) C:\users\tl\appdata\local\temp\temp1_shairport4w73.zip\shairport4w.exe
FirewallRules: [UDP Query User{DD6C979E-D6AB-4468-A494-1EB3724A599E}C:\users\tl\appdata\local\temp\temp1_shairport4w73.zip\shairport4w.exe] => (Allow) C:\users\tl\appdata\local\temp\temp1_shairport4w73.zip\shairport4w.exe
FirewallRules: [{1B974948-5978-4FB2-9B19-CAB1EC8A8F48}] => (Block) C:\users\tl\appdata\local\temp\temp1_shairport4w73.zip\shairport4w.exe
FirewallRules: [{5262CDE8-5098-48D9-A279-96972AFB16C8}] => (Block) C:\users\tl\appdata\local\temp\temp1_shairport4w73.zip\shairport4w.exe
FirewallRules: [TCP Query User{C319BF7B-A590-4002-8FA0-52FDF68A99A8}C:\users\tl\downloads\shairport4w.exe] => (Allow) C:\users\tl\downloads\shairport4w.exe
FirewallRules: [UDP Query User{9502A222-BF4F-40AE-8B53-7C09D3DB0C1C}C:\users\tl\downloads\shairport4w.exe] => (Allow) C:\users\tl\downloads\shairport4w.exe
FirewallRules: [{F19EEF4A-6688-4593-90E1-CFDC00370D6C}] => (Block) C:\users\tl\downloads\shairport4w.exe
FirewallRules: [{0193E345-477B-4E0C-A87A-4B43F06777BC}] => (Block) C:\users\tl\downloads\shairport4w.exe
FirewallRules: [TCP Query User{C77B61D7-9C05-4127-9A72-7F20F8FDD3F6}C:\users\tl\appdata\local\temp\lmi32fb.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi32fb.tmp\logmein client.exe
FirewallRules: [UDP Query User{78F472D1-F4E2-4130-9F25-BB925EC414DF}C:\users\tl\appdata\local\temp\lmi32fb.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi32fb.tmp\logmein client.exe
FirewallRules: [{1A855937-7B11-4B29-9A59-7E16B0EAB2E2}] => (Block) C:\users\tl\appdata\local\temp\lmi32fb.tmp\logmein client.exe
FirewallRules: [{ECA562BF-1826-4AB0-B99C-8DC1954F0B9F}] => (Block) C:\users\tl\appdata\local\temp\lmi32fb.tmp\logmein client.exe
FirewallRules: [TCP Query User{B1719AC7-0B8A-4952-9EE7-85E10DB80626}C:\users\tl\appdata\local\temp\lmi506b.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi506b.tmp\logmein client.exe
FirewallRules: [UDP Query User{186A7E3E-39F7-409F-AD15-72AA8C7E5BD2}C:\users\tl\appdata\local\temp\lmi506b.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi506b.tmp\logmein client.exe
FirewallRules: [{F7ED78AB-9616-4D0F-9803-E43D4BA8BDA6}] => (Block) C:\users\tl\appdata\local\temp\lmi506b.tmp\logmein client.exe
FirewallRules: [{7608FBDA-6D5D-44B5-9C03-79FA96955295}] => (Block) C:\users\tl\appdata\local\temp\lmi506b.tmp\logmein client.exe
FirewallRules: [TCP Query User{72C20564-E862-41F1-A0B6-371A98A82A49}C:\users\tl\appdata\local\temp\lmi5479.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi5479.tmp\logmein client.exe
FirewallRules: [UDP Query User{88349468-55F1-484C-A391-84309A0F4898}C:\users\tl\appdata\local\temp\lmi5479.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi5479.tmp\logmein client.exe
FirewallRules: [{48DB220E-ED51-4AFA-BF7D-5BCED6EB8048}] => (Block) C:\users\tl\appdata\local\temp\lmi5479.tmp\logmein client.exe
FirewallRules: [{7E69A0E3-CCED-4D70-86CD-14E41E53509C}] => (Block) C:\users\tl\appdata\local\temp\lmi5479.tmp\logmein client.exe
FirewallRules: [TCP Query User{ACC4ED1D-9534-4E5C-8670-927D64D503A3}C:\users\tl\appdata\local\temp\lmi1c36.tmp\logmein client.exe] => (Block) C:\users\tl\appdata\local\temp\lmi1c36.tmp\logmein client.exe
FirewallRules: [UDP Query User{EEDED9C7-08F7-4893-8F8C-1E6ACA6910EC}C:\users\tl\appdata\local\temp\lmi1c36.tmp\logmein client.exe] => (Block) C:\users\tl\appdata\local\temp\lmi1c36.tmp\logmein client.exe
FirewallRules: [{1F66F25A-757B-4DFE-9C08-D1E1F6A50E2F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{6E88C7C3-54AC-42E8-8FE0-00DCE64F8CCB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{827A314E-31ED-40D8-8BCF-482B9DA3EA6D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D0977BA1-314B-430A-BD6B-CCF77EA42B09}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{DF336DAC-12FE-4959-B746-2453E8B2547D}C:\program files (x86)\vtigercrm600\apache\bin\httpd.exe] => (Allow) C:\program files (x86)\vtigercrm600\apache\bin\httpd.exe
FirewallRules: [UDP Query User{82139993-6DC3-4AFE-9630-542F5B30F7B0}C:\program files (x86)\vtigercrm600\apache\bin\httpd.exe] => (Allow) C:\program files (x86)\vtigercrm600\apache\bin\httpd.exe
FirewallRules: [{5228C92C-C043-40DF-B51D-B8F2B67F9677}] => (Block) C:\program files (x86)\vtigercrm600\apache\bin\httpd.exe
FirewallRules: [{46CEE341-4C5D-4D9C-8D46-A3996BD25CF6}] => (Block) C:\program files (x86)\vtigercrm600\apache\bin\httpd.exe
FirewallRules: [TCP Query User{BDA41A5C-B3D6-44B3-BDB1-7D0267F0167E}\\chpf05\ftp\tools\ftp_server\quick£neasy\ftpserver3lite\ftpserver.exe] => (Allow) \\chpf05\ftp\tools\ftp_server\quick£neasy\ftpserver3lite\ftpserver.exe
FirewallRules: [UDP Query User{A541D71C-AF00-4A4B-8D6B-5A644D3AA46C}\\chpf05\ftp\tools\ftp_server\quick£neasy\ftpserver3lite\ftpserver.exe] => (Allow) \\chpf05\ftp\tools\ftp_server\quick£neasy\ftpserver3lite\ftpserver.exe
FirewallRules: [{D50BDBEC-8A14-49A9-9275-9643A3A4AD8B}] => (Block) \\chpf05\ftp\tools\ftp_server\quick£neasy\ftpserver3lite\ftpserver.exe
FirewallRules: [{17C20F44-8078-4325-82BA-756CC9A9EA25}] => (Block) \\chpf05\ftp\tools\ftp_server\quick£neasy\ftpserver3lite\ftpserver.exe
FirewallRules: [TCP Query User{F1A9A991-2331-4446-A176-70B983378FAD}C:\users\tl\appdata\local\temp\lmi4d14.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi4d14.tmp\logmein client.exe
FirewallRules: [UDP Query User{01372AB0-BE78-4978-8269-2D750A4D7965}C:\users\tl\appdata\local\temp\lmi4d14.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi4d14.tmp\logmein client.exe
FirewallRules: [{D064D779-2ACB-4411-B478-5CA6F4D39D80}] => (Block) C:\users\tl\appdata\local\temp\lmi4d14.tmp\logmein client.exe
FirewallRules: [{84F39603-F78D-4747-A2DC-3057524C00F3}] => (Block) C:\users\tl\appdata\local\temp\lmi4d14.tmp\logmein client.exe
FirewallRules: [TCP Query User{CA4FDDC9-5233-4EFA-8102-27AF1ADEBEA5}E:\dart\apps\nirsoft\netbscanner.exe] => (Allow) E:\dart\apps\nirsoft\netbscanner.exe
FirewallRules: [UDP Query User{89B348B1-96D1-451B-9F0D-13C7DE53C22E}E:\dart\apps\nirsoft\netbscanner.exe] => (Allow) E:\dart\apps\nirsoft\netbscanner.exe
FirewallRules: [{CEFCBAB9-6067-4A31-8A7A-BEA675D712AB}] => (Block) E:\dart\apps\nirsoft\netbscanner.exe
FirewallRules: [{B5083C7A-5234-4C8E-82D0-C579B18A17CF}] => (Block) E:\dart\apps\nirsoft\netbscanner.exe
FirewallRules: [TCP Query User{469E45CD-3341-43E3-BFDF-F80D4F861B7E}C:\users\tl\appdata\local\temp\lmi59c2.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi59c2.tmp\logmein client.exe
FirewallRules: [UDP Query User{FE697957-28B8-4EF9-97A9-972124ACC2E8}C:\users\tl\appdata\local\temp\lmi59c2.tmp\logmein client.exe] => (Allow) C:\users\tl\appdata\local\temp\lmi59c2.tmp\logmein client.exe
FirewallRules: [{46128B36-356E-4F9C-B3D0-134419AA4721}] => (Block) C:\users\tl\appdata\local\temp\lmi59c2.tmp\logmein client.exe
FirewallRules: [{D90E0E14-F3FF-4219-85D6-4CFD47254AD4}] => (Block) C:\users\tl\appdata\local\temp\lmi59c2.tmp\logmein client.exe
FirewallRules: [TCP Query User{BF17F129-A741-40B3-9997-E04D5A5C1C01}C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-1-0-204.exe] => (Allow) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-1-0-204.exe
FirewallRules: [UDP Query User{3307843B-D079-4A5D-8C8F-7F87CDC288B6}C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-1-0-204.exe] => (Allow) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-1-0-204.exe
FirewallRules: [{D01E3058-FB68-42CA-8F2A-EF4B5F06C2E6}] => (Block) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-1-0-204.exe
FirewallRules: [{F7A2F2C4-EC7C-4FAC-9D81-141AB3C6AAD7}] => (Block) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-1-0-204.exe
FirewallRules: [TCP Query User{A4497331-DA1D-44FF-9469-13D0A4BECB48}C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-2-0-203.exe] => (Allow) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-2-0-203.exe
FirewallRules: [UDP Query User{E45321EF-1E1E-4DC8-AEB5-46FA47CC3676}C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-2-0-203.exe] => (Allow) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-2-0-203.exe
FirewallRules: [{8C71A085-33E9-472E-8EC4-D5C8BF5B3BB9}] => (Block) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-2-0-203.exe
FirewallRules: [{AF0DE006-A96A-4194-9578-80E5174A3CED}] => (Block) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-2-0-203.exe
FirewallRules: [TCP Query User{8F7B07BB-B4C6-4DD2-AC5C-AB42B12B5E17}C:\users\tl\appdata\local\logmein client\lmiignition.exe] => (Allow) C:\users\tl\appdata\local\logmein client\lmiignition.exe
FirewallRules: [UDP Query User{414D4EB2-359C-40DB-96D2-5C50A05ACFBA}C:\users\tl\appdata\local\logmein client\lmiignition.exe] => (Allow) C:\users\tl\appdata\local\logmein client\lmiignition.exe
FirewallRules: [{784740AB-C5F0-4198-A245-9E991C3F7150}] => (Block) C:\users\tl\appdata\local\logmein client\lmiignition.exe
FirewallRules: [{3FD46780-447D-4F4A-93DB-24C97A43EFCC}] => (Block) C:\users\tl\appdata\local\logmein client\lmiignition.exe
FirewallRules: [TCP Query User{71B48C9A-3DE3-4A50-AB2D-209752523850}C:\program files (x86)\logmein\ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein\ignition\lmiignition.exe
FirewallRules: [UDP Query User{0A6E9E96-C9D4-4870-8651-DF917046C45A}C:\program files (x86)\logmein\ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein\ignition\lmiignition.exe
FirewallRules: [{81F33B51-E452-40A7-B2AF-924EE237644D}] => (Block) C:\program files (x86)\logmein\ignition\lmiignition.exe
FirewallRules: [{4B1A6B12-3CDD-41B4-847D-44659325D312}] => (Block) C:\program files (x86)\logmein\ignition\lmiignition.exe
FirewallRules: [TCP Query User{A358574F-D9F3-43AF-8F7C-C76C8F52489D}C:\program files (x86)\matx software\planetview_030006\planetview.exe] => (Allow) C:\program files (x86)\matx software\planetview_030006\planetview.exe
FirewallRules: [UDP Query User{E1DD3D6B-EE6E-438E-A6F1-872EA56930AA}C:\program files (x86)\matx software\planetview_030006\planetview.exe] => (Allow) C:\program files (x86)\matx software\planetview_030006\planetview.exe
FirewallRules: [{41F66AE3-DB6D-4A3A-A8F5-015BD4ABC803}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{1A994E50-837E-4938-8538-5AACE1B135BE}C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-0-0-109.exe] => (Block) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-0-0-109.exe
FirewallRules: [UDP Query User{E1A2DADE-FBF5-40A6-9733-B50FF69586F4}C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-0-0-109.exe] => (Block) C:\pfisterwaagengmbh\winweighplus\bin\wiegen-6-0-0-109.exe
FirewallRules: [{EB52EE57-B11B-48B8-8064-F54907EA5FFF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C9FC595C-1F39-41A6-B017-BCCA3E1C7DBE}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{1F50B441-33B9-46BF-86F2-CA3E6AC7AD98}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{16AB997B-042A-4CC5-ABB1-FEE60CB7D897}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{31451F06-5738-4726-B13D-E776482E8E11}C:\program files (x86)\linphone\bin\linphone.exe] => (Allow) C:\program files (x86)\linphone\bin\linphone.exe
FirewallRules: [UDP Query User{C4071F1C-BC52-403E-BB26-D2C40E860E41}C:\program files (x86)\linphone\bin\linphone.exe] => (Allow) C:\program files (x86)\linphone\bin\linphone.exe
FirewallRules: [TCP Query User{8CD46B07-3048-44E2-8A63-8E4B40F0C5CD}C:\program files (x86)\phonerlite\phonerlite.exe] => (Allow) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [UDP Query User{749C1348-45B0-46E2-A807-CA11757C211C}C:\program files (x86)\phonerlite\phonerlite.exe] => (Allow) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [TCP Query User{6FD97CB3-59B4-42B2-99D2-9C9BA1B8D5D7}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe
FirewallRules: [UDP Query User{4732951F-D02B-440C-ABCA-3713D2DDCDC0}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe
FirewallRules: [{E6972F3F-1171-4E19-B89E-4142D3D960A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2015 11:41:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/15/2015 11:41:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Bei der Aktivierung der App „Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/15/2015 11:41:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/15/2015 11:27:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: twinui.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54503c45
Ausnahmecode: 0x80270249
Fehleroffset: 0x00000000002f497f
ID des fehlerhaften Prozesses: 0x1334
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/15/2015 10:29:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: twinui.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54503c45
Ausnahmecode: 0x80270249
Fehleroffset: 0x00000000002f497f
ID des fehlerhaften Prozesses: 0x1184
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/15/2015 10:25:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Bei der Aktivierung der App „Microsoft.BingSports_8wekyb3d8bbwe!AppexSports“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/15/2015 10:10:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: twinui.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54503c45
Ausnahmecode: 0x80270249
Fehleroffset: 0x00000000002f497f
ID des fehlerhaften Prozesses: 0x1344
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/15/2015 09:44:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/15/2015 09:44:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/15/2015 09:44:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Bei der Aktivierung der App „Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (06/15/2015 11:38:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: Microsoft.BingFoodAndDrink

Error: (06/15/2015 11:38:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: PONS.Wrterbuch

Error: (06/15/2015 11:38:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: WildTangentGames.-GamesApp-

Error: (06/15/2015 11:38:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: Microsoft.Reader

Error: (06/15/2015 11:38:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: Microsoft.BingNews

Error: (06/15/2015 11:38:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: Microsoft.BingTravel

Error: (06/15/2015 11:38:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: Microsoft.FreshPaint

Error: (06/15/2015 11:38:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: Microsoft.MicrosoftSolitaireCollection

Error: (06/15/2015 11:38:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: Microsoft.SkypeApp

Error: (06/15/2015 11:38:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80072ee4 fehlgeschlagen: Microsoft.ZuneMusic


Microsoft Office:
=========================
Error: (06/15/2015 11:41:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (06/15/2015 11:41:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel-2144927148

Error: (06/15/2015 11:41:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148

Error: (06/15/2015 11:27:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2twinui.dll6.3.9600.1741554503c458027024900000000002f497f133401d0a74d6ac59514C:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\twinui.dllb0c85038-1340-11e5-bee5-2cd05a90f365

Error: (06/15/2015 10:29:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2twinui.dll6.3.9600.1741554503c458027024900000000002f497f118401d0a745541daccbC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\twinui.dll98b83a3d-1338-11e5-bee4-2cd05a90f365

Error: (06/15/2015 10:25:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148

Error: (06/15/2015 10:10:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2twinui.dll6.3.9600.1741554503c458027024900000000002f497f134401d0a742bdb0842eC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\twinui.dll003bdf5b-1336-11e5-bee4-2cd05a90f365

Error: (06/15/2015 09:44:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (06/15/2015 09:44:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148

Error: (06/15/2015 09:44:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PFISTERWAAGEN)
Description: Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel-2144927148


CodeIntegrity Errors:
===================================
  Date: 2015-06-12 14:09:09.954
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-12 14:09:09.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-12 14:09:09.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-12 14:09:07.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-12 14:09:06.875
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-12 14:09:06.719
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-12 14:09:06.579
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-12 14:09:06.422
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-12 14:09:06.282
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-12 14:09:06.125
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 34%
Total physical RAM: 8143.22 MB
Available physical RAM: 5329.54 MB
Total Pagefile: 9423.22 MB
Available Pagefile: 6432.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (TI31025900A) (Fixed) (Total:454.36 GB) (Free:286.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================
--- --- ---


So nun ist es glaub übersichtlicher. Sorry.

Antwort

Themen zu CloudScout bringt immer Werbung
ausgeführt, betriebssystem, chrome, cloudscout, diverse, einstellungen, fehler, gen, google, google chrome, installer, links, thomas, tritt, webseite, werbun, werbung, werbungen, windows, zurückgesetzt


« DHL Trojaner-Virus | WIN7: Mbam entdeckt PUP.Optional.RegCleanPro.C, C:\Windows\System32\roboot.exe »


Ähnliche Themen: CloudScout bringt immer Werbung


  1. Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-(
    Plagegeister aller Art und deren Bekämpfung - 30.10.2015 (20)
  2. Windows 8.1: Ads by CloudScout und Audio-Werbung
    Log-Analyse und Auswertung - 07.07.2015 (29)
  3. Twunk_32 bringt mir Werbung als .avi/mp4 auf den PC
    Plagegeister aller Art und deren Bekämpfung - 12.07.2014 (3)
  4. Windows 7 Firefox bringt immer wieder "Dieser Verbindung wird nicht vertraut"
    Log-Analyse und Auswertung - 21.03.2014 (15)
  5. Windows 7 Firefox läd selbständig websiten und bringt kleines Feld mit Werbung
    Log-Analyse und Auswertung - 22.01.2014 (11)
  6. Werbung öffnet sich Immer
    Plagegeister aller Art und deren Bekämpfung - 24.07.2013 (7)
  7. Explorer. exe bringt Cpu Last fast immer auf 100%
    Log-Analyse und Auswertung - 15.12.2011 (5)
  8. Google bringt mich immer auf falsche Seiten...habe ich einen Trojaner?
    Log-Analyse und Auswertung - 02.05.2011 (27)
  9. trojaner bringt immer fehlermeldung
    Plagegeister aller Art und deren Bekämpfung - 21.03.2011 (15)
  10. Plötzliche Werbung immer und immer wieder
    Plagegeister aller Art und deren Bekämpfung - 06.03.2011 (5)
  11. Trojaner auf dem Rechnern, Virenscan bringt immer wieder selbe Ergebnisse
    Plagegeister aller Art und deren Bekämpfung - 16.08.2010 (30)
  12. Google suche bringt werbung, bestimmte Programme lassen sich nicht öffen
    Log-Analyse und Auswertung - 24.11.2008 (1)
  13. IE öffnet immer Werbung!!
    Log-Analyse und Auswertung - 28.07.2008 (1)
  14. IE macht immer Werbung auf
    Log-Analyse und Auswertung - 21.06.2008 (1)
  15. Bei mir kommt immer diese IE Werbung.
    Log-Analyse und Auswertung - 29.05.2008 (8)
  16. IE öffnet immer Werbung
    Log-Analyse und Auswertung - 16.07.2006 (3)
  17. es kommt immer werbung
    Plagegeister aller Art und deren Bekämpfung - 24.02.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema CloudScout bringt immer Werbung - [CODE]Additional FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015 Ran by TL at 2015-06-15 11:43:30 Running from C:\Users\tl\Desktop\Virenschutz Boot Mode: Normal ========================================================== - CloudScout bringt immer Werbung...
Archiv
Du betrachtest: CloudScout bringt immer Werbung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131