[SOLVED] Windows Update Corrupted - IE11

davidpp · Nov 28, 2016

Hello everybody!

I would like to help myself out of this, but it don't find the solution. Finally I ask you guys, for you help, as my Windows7 x64 does not update anymore, when it comes to IE11.

This is my CheckSur:

Code:

=================================
Checking System Update Readiness.
Binary Version 6.1.7601.22471
Package Version 26.0
2016-11-24 15:35


Checking Windows Servicing Packages


Checking Package Manifests and Catalogs


Checking Package Watchlist


Checking Component Watchlist


Checking Packages


Checking Component Store
(f)    CSI Missing Identity    0x00000000    appid    d8b60070528..2735db86b13_31bf3856ad364e35_6.1.7601.17856_a85ea1b373d5871f    
(f)    CSI Missing Identity    0x00000000    appid    4156c07627d..3a2ad439558_31bf3856ad364e35_6.1.7600.20771_c96472fac8946394    
(f)    CSI Payload File Missing    0x00000000    wuaueng.dll    amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.3.7600.16385_none_8ca5655e8bc7dae9    


Summary:
Seconds executed: 6704
 Found 3 errors
  CSI Missing Identity Total count: 2
  CSI Payload File Missing Total count: 1

SFCFix didnt work:

Code:

SFCFix version 3.0.0.0 by niemiro.
Start time: 2016-11-26 17:52:16.835
Microsoft Windows 7 Service Pack 1 - amd64
Not using a script file.


AutoAnalysis::
SUMMARY: Some corruptions could not be fixed automatically. Seek advice from helper or sysnative.com.
   CBS & SFC total detected corruption count:     0
   CBS & SFC total unimportant corruption count:  0
   CBS & SFC total fixed corruption count:        0
   SURT total detected corruption count:          3
   SURT total unimportant corruption count:       0
   SURT total fixed corruption count:             0
AutoAnalysis:: directive completed successfully.


Successfully processed all directives.


Failed to generate a complete zip file. Upload aborted.




SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2016-11-26 19:02:39.247
----------------------EOF-----------------------

I will now start to upload the 65GB of CBS, with SFCFix.

The Tutorial is great! Thanks for any time spending on this problem!

Kindly,
David

davidpp · Dec 6, 2016

Hi again.

Upload didnt work. So...seems that i have to find another solution for my problem.

BrianDrab · Dec 12, 2016

Hi and welcome to Sysnative. Sorry for the delay. Do you still need assistance?

davidpp · Dec 13, 2016

Hi BrianDrab,

actually i do. As i dont have even a small glue where to start. But I see that there is a bunch to do for all those great and amazing SysAdmins here, i really appreciate any help...

BrianDrab · Dec 13, 2016

Let's see what we can do. Please start with the following.

Step#1 - SFCFix Script
Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

Download SFCFix.exe (by niemiro) and save this to your Desktop. If you still have this on your desktop from downloading previously, you don't need to re-download.
Download the file below, SFCFix.zip, and save this to your Desktop. Ensure that this file is named SFCFix.zip - do not rename it.
Save any open documents and close all open windows.
On your Desktop, you should see two files: SFCFix.exe and SFCFix.zip.
Drag the file SFCFix.zip onto the file SFCFix.exe and release it.
SFCFix will now process the script.
Upon completion, a file should be created on your Desktop: SFCFix.txt.
Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this file into your next post for me to analyse please

davidpp · Dec 13, 2016

Hi.
Tried it two times. SFCFix always crashed

(send the debug of course)...Hopeless?

SFCFix version 3.0.0.0 by niemiro.
Start time: 2016-12-13 17:00:22.162
Microsoft Windows 7 Service Pack 1 - amd64
Using .txt script file at C:\Users\David\Desktop\SFCFix.txt [1]

SFCFix version 3.0.0.0 by niemiro has encountered an unhandled exception.
Currently storing 0 datablocks.
Finish time: 2016-12-13 17:00:30.945
Script hash: PlN2grhZoLTx8jdZLghGiJtulo/SfsZ9CwbyTijkTAE=
----------------------EOF-----------------------

BrianDrab · Dec 13, 2016

Do you have your Windows 7 x64 with SP1 DVD handy?

davidpp · Dec 13, 2016

Nope

Tried to download Win7 from MS but seems that my Key is OEM.
Would stop here and just buy Win10 and a fresh HD.

BrianDrab · Dec 13, 2016

Up to you on how much time you want to spend. Let me know. We can keep trying or you can call it a day.

davidpp · Dec 13, 2016

Ok. I you have anymore Ideas! Of course, lets give it a try! Thanks!
I listen!

BrianDrab · Dec 13, 2016

Please do the following.

Step#1 - ChkDsk Scan
1. Click your Start Orb in the lower left of your computer and type cmd in the search box.
2. Once the cmd program is found, right-click on it with your mouse and select Run as administrator as shown below.

3. Answer Yes when asked to allow.
4. You should now have a black window open that you can type in to.
5. Please type chkdsk and then press enter.
6. Chkdsk will start to run. Please allow it to finish. You will know it is running when you see text as follows.

7. Download ListChkdskResult.exe by SleepyDude and save it on your desktop. If it's already downloaded to your desktop, just skip this step.
8. Right-click this file and select Run as administrator (Allow if prompted)and a text file will open (and also be saved on the desktop as ListChkdskResult.txt).
Please copy the contents of this file and paste into your next post.

davidpp · Dec 13, 2016

OK. Here we are...
ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013

------ <Log generate on 13.12.2016 18:19:04> ------
Category: 0
Computer name: PC
Event Code: 26212
Record Number: 221906
Source Name: Chkdsk
Time Written: 12-13-2016 @ 17:18:25
Event Type: Information
User:
Message: Chkdsk was run in read-only mode for a volume snapshot.
File system on C: is checked.
The type of the file system is NTFS.
WARNING! The parameter F was not specified.
CHKDSK is executed in read-only mode.
CHKDSK checks files (phase 1 of 3) ...
786432 records processed.

File verification finished.
16646 large records processed.

0 invalid records processed.

2 I / O records processed.

91 processing records processed.

CHKDSK Checks Indices (Phase 2 of 3) ...
944580 Processing index entries.

Index check finished.
0 non-indexed files.

0 non-indexed files restored.

CHKDSK Verifies Safety Descriptions (Phase 3 of 3) ...
786432 SDs / SIDs.

44 unused index entries from index $ SII of file 0x9 are cleared.
44 unused index entries from index $ SDH of file 0x9 are cleaned up.
44 unused security descriptions will be cleaned up.
Verification of the safety descriptions ended.
79075 Files processed.

CHKDSK reviews USN journal ...
35003680 USN bytes processed.

The review of the USN Journal has been completed.
The file system has been checked. No problems were found.
976761544 KB Disk space on the disk total
381487496 KB in 478742 files
264276 KB in 79076 indexes
0 KB in bad sectors
920816 KB is used by the system
65536 KB from the log file
594088956 KB available on the disk
4096 bytes in each allocation unit
244190386 Allocating units on the data carrier total
148522239 Allocating units available on the data carrier

---------------------------------------

Category: 0
Computer name: PC
Event code: 1001
Record Number: 221690
Source Name: Microsoft Windows Wininit
Time Written: 12-13-2016 @ 03:32:51
Event Type: Information
User:
Message:

File system on C: is checked.
The type of the file system is NTFS.

A disk check is planned.
The disk check is now running.

CHKDSK checks files (phase 1 of 5) ...
Instance ID for file 0x143d6 is cleared.
Instance ID for file 0x14434 is cleared.
Instance ID for file 0x14450 is cleared.
Instance ID for file 0x1ea8f is cleared.
786432 records processed.

File verification finished.
7171 large records processed.

0 invalid records processed.

2 I / O records processed.

91 processing records processed.

CHKDSK Checks Indices (Phase 2 of 5) ...
953826 Processing index entries.

Index check finished.
0 non-indexed files.

0 non-indexed files restored.

CHKDSK Verifies Safety Descriptions (Phase 3 of 5) ...
786432 SDs / SIDs.

540 unused index entries from index $ SII of file 0x9 are cleaned up.
540 unused index entries from index $ SDH of file 0x9 are cleaned up.
540 unused security descriptions are cleaned up.
Verification of the safety descriptions ended.
83698 Data files processed.

CHKDSK reviews USN journal ...
33911400 USN bytes are processed.

The review of the USN Journal has been completed.
CHKDSK Checks Date Files (Phase 4 of 5) ...
786416 Files were processed.

Date data check finished.
CHKDSK checks free space (phase 5 of 5) ...
150427040 free clusters processed.

Verification of free space is finished.
Windows has fixed problems in the file system.

976761544 KB Disk space on the disk total
373859772 KB files in 500681 files
274316 KB in 83699 indexes
0 KB in bad sectors
919296 KB used by the system
65536 KB from the log file
601708160 KB available on the disk

4096 bytes in each allocation unit
244190386 Allocating units on the data carrier total
150427040 Allocating units available on the data carrier

Internal information:
00 00 0c 00 9c ea 08 00 e3 2f 0f 00 00 00 00 00 ......... / ......
E1 0e 00 00 5b 00 00 00 00 00 00 00 00 00 00 00 .... [...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

The data carrier check has been completed.
Please wait until the computer has restarted.

----------------------------------------------

Category: 0
Computer name: Dave-PC
Event code: 1001
Record Number: 210287
Source Name: Microsoft Windows Wininit
Time Written: 09-13-2016 @ 02:58:15
Event Type: Information
User:
Message:

File system on C: is checked.
The type of the file system is NTFS.

A disk check is planned.
The disk check is now running.

CHKDSK checks files (phase 1 of 5) ...
786432 records processed.

File verification finished.
12758 large records processed.

0 invalid records processed.

2 I / O records processed.

108 processing records processed.

CHKDSK Checks Indices (Phase 2 of 5) ...
987640 processing index entries.

Index check finished.
0 non-indexed files.

0 non-indexed files restored.

CHKDSK Verifies Safety Descriptions (Phase 3 of 5) ...
786432 SDs / SIDs.

135 unused index entries from index $ SII of file 0x9 are cleared.
135 unused index entries from index $ SDH of file 0x9 are cleaned up.
135 unused security descriptions are cleaned up.
Verification of the safety descriptions ended.
100605 Data files processed.

CHKDSK reviews USN journal ...
34950400 USN bytes processed.

The review of the USN Journal has been completed.
CHKDSK Checks Date Files (Phase 4 of 5) ...
786416 Files were processed.

Date data check finished.
CHKDSK checks free space (phase 5 of 5) ...
40827221 free cluster processing.

Verification of free space is finished.
The file system has been checked. No problems were found.

976761544 KB Disk space on the disk total
812191632 KB in 631001 files
340904 KB in 100606 indexes
0 KB in bad sectors
920124 KB is used by the system
65536 KB from the log file
163308884 KB available on the disk

4096 bytes in each allocation unit
244190386 Allocating units on the data carrier total
40827221 Allocating units available on the data carrier

Internal information:
00 00 0c 00 b6 29 0b 00 13 c3 12 00 00 00 00 00 .....) ..........
F6 35 00 00 6c 00 00 00 00 00 00 00 00 00 00 00 .5..l ...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

The data carrier check has been completed.
Please wait until the computer has restarted.

BrianDrab · Dec 13, 2016

OK, please do the following.

Step#1 - FRST Scan
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.

davidpp · Dec 13, 2016

double post . accident

davidpp · Dec 13, 2016

OK:
FRST.TXT

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
durchgeführt von David (Administrator) auf PC (13-12-2016 19:23:09)
Gestartet von C:\Users\David\Desktop
Geladene Profile: David (Verfügbare Profile: David & Mcx1-DAVID-PC)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
() C:\Program Files (x86)\HDD Health\HDDHealthService.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(G DATA Software) C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] => %windir%\WindowsMobile\wmdc.exe
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [MaxMenuMgr] => "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-10] (Spotify Ltd)
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [921192 2016-11-08] (Google Inc.)
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {03b3ea68-e740-11e3-b51f-902b34ad6226} - X:\autorun.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {03b3eb1e-e740-11e3-b51f-902b34ad6226} - W:\autorun.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {07ba2bcb-62fd-11e3-91c6-902b34ad6226} - V:\setup.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {0e654971-ec5e-11e2-8692-902b34ad6226} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {17a0de0f-1c56-11e4-8301-902b34ad6226} - W:\setup.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {2d70e75b-5c39-11e3-be19-902b34ad6226} - V:\Setup.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {355441e8-49ea-11e3-bd5b-902b34ad6226} - V:\Setup.exe -auto
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {537bfc99-2ba4-11e3-84a3-902b34ad6226} - V:\Setup.exe -auto
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {68850d67-ba89-11e5-a5c9-902b34ad6226} - W:\Autorun.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {691db346-2159-11e5-a828-902b34ad6226} - W:\setup.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {692e5864-d212-11e3-88c2-902b34ad6226} - W:\autostart_DEU.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {7caeb3b4-0551-11e5-a828-902b34ad6226} - W:\SETUP.EXE
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {7caeb685-0551-11e5-a828-902b34ad6226} - X:\SETUP.EXE
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {7caeb688-0551-11e5-a828-902b34ad6226} - W:\SETUP.EXE
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {9028afdc-bb53-11e3-880c-902b34ad6226} - D:\AutoRun.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {9028afea-bb53-11e3-880c-902b34ad6226} - D:\AutoRun.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {9028b08a-bb53-11e3-880c-902b34ad6226} - V:\Autoplay.exe -auto
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {9028b08c-bb53-11e3-880c-902b34ad6226} - W:\autostart_DEU.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {926f9c79-ec6b-11e2-a5a9-902b34ad6226} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {9e02d0a9-8fc5-11e5-a9a0-902b34ad6226} - W:\setup.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {b607e610-6830-11e5-a7c6-902b34ad6226} - W:\LxSetup.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {d285602f-47cb-11e3-b78c-902b34ad6226} - V:\FalloutLauncher.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {dc31f54e-dcf1-11e4-b7fb-902b34ad6226} - W:\SETUP.EXE
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {e650c0db-5d8b-11e3-84ec-902b34ad6226} - V:\Setup.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {eb12d8b2-f421-11e0-91b2-00301bb905d0} - E:\FalloutLauncher.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {eb90a991-43a2-11e3-81c9-902b34ad6226} - V:\setup.exe
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {f7d0c027-0a5d-11e3-be3f-902b34ad6226} - V:\SETUP.EXE
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\MountPoints2: {f7d0c02a-0a5d-11e3-be3f-902b34ad6226} - V:\SETUP.EXE
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2015-09-23]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft)
GroupPolicy: Beschränkung <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{12D73D6C-7AB1-4165-9AEC-97DBB0B4905E}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{96C21F9A-E463-49AF-8A9F-2770412696B6}: [DhcpNameServer] 139.7.30.125 139.7.30.126
Tcpip\..\Interfaces\{B0881732-B571-46E2-A5BD-0FABBDBFFF92}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{EFACB639-7A49-4E1F-BC96-E81F3367EA81}: [NameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001 -> Kein Name - {66BD2442-241B-44CD-8C7A-B51037053CDB} - Keine Datei
Toolbar: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei

FireFox:
========
FF DefaultProfile: x1en2l49.default
FF ProfilePath: C:\Users\David\AppData\Roaming\TomTom\HOME\Profiles\v6kaksb0.default [2015-09-24]
FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\David\AppData\Roaming\ParseHub\parsehub\Profiles\x1en2l49.default [2016-06-27]
FF Extension: (ParseHub) - C:\Users\David\AppData\Roaming\ParseHub\parsehub\Profiles\x1en2l49.default\Extensions\parsehub2@parsehub.com.xpi [2016-06-27] [ist nicht signiert]
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\nwbl5cme.default-1474104736707 [2016-12-13]
FF Extension: (Firebug) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\nwbl5cme.default-1474104736707\Extensions\firebug@software.joehewitt.com.xpi [2016-10-11]
FF Extension: (FirePath) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\nwbl5cme.default-1474104736707\Extensions\FireXPath@pierre.tholence.com.xpi [2016-10-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2681974954-2570966158-2371400285-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-10-22] ()
FF Plugin ProgramFiles/Appdata: C:\Users\David\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-12-01] (Cisco WebEx LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2016-12-13]
CHR Extension: (MediaCore Capture) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\enddmcjcfojolegmdogekfpfbobmkioo [2016-06-22]
CHR Extension: (Selenium Page Object Generator) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\epgmnmcjdhapiojbohkkemlfkegmbebb [2016-07-06]
CHR Extension: (Page Analytics (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-06-09]
CHR Extension: (CSS Selector Helper for Chrome™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gddgceinofapfodcekopkjjelkbjodin [2016-07-06]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2015-04-18]
CHR Extension: (Cisco WebEx Extension) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2016-12-01]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-06-23]
CHR Extension: (Fresh Spell Checker) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgejipejpfecfdlipbdmepblbmiolbae [2016-06-21]
CHR Extension: (Webpage Spell-Check) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdhaoimpabdhmacaclbbjddhngchjik [2016-06-21]
CHR Extension: (PageSpeed Insights Checker for Mobile) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjmodmicmpjedhoekkmafdgpocdkbna [2015-04-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2790368 2016-02-18] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [970872 2016-02-11] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [4068592 2016-02-18] (G Data Software AG)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [3985528 2016-02-16] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [3219872 2016-03-04] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [791160 2016-02-18] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [2455160 2016-02-11] (G Data Software AG)
R2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Lexware_Professional_Datenbank; C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [83248 2011-06-29] (iAnywhere Solutions, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-17] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2117128 2016-11-13] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2178576 2016-11-13] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-12-19] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R3 TSNxGService; C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
S2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1625896 2013-08-03] ()
S3 wampapache; c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe [21504 2011-09-26] (Apache Software Foundation) [Datei ist nicht signiert]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe [9690112 2012-01-25] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AmmyyAdmin; "C:\Users\David\Downloads\AA_v3.exe" -service [X]
S2 NetDrive2_Service_NetDrive2; C:\Program Files\NetDrive2\nd2svc.exe [X]
S2 solrJetty; C:\solr5/apache-solr\scripts\prunsrv.exe //RS//solrJetty [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S3 Envy24HFS; C:\Windows\System32\drivers\Envy24HF.sys [150016 2007-03-15] (VIA - IC Ensemble, Inc.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [413696 2011-04-18] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [160768 2016-03-17] (G Data Software AG)
S3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2014-05-29] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2014-05-29] (G Data Software AG)
R1 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [37400 2016-03-17] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [29720 2016-03-17] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [246272 2016-03-17] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2016-03-17] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [65024 2016-03-17] (G DATA Software AG)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2016-01-21] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [134656 2016-03-17] (G Data Software AG)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [100352 2016-03-17] (G DATA Software AG)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-13 19:23 - 2016-12-13 19:24 - 00028806 _____ C:\Users\David\Desktop\FRST.txt
2016-12-13 19:22 - 2016-12-13 19:23 - 00000000 ____D C:\FRST
2016-12-13 19:21 - 2016-12-13 19:21 - 02420224 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-12-13 18:18 - 2016-12-13 18:19 - 00017696 _____ C:\Users\David\Desktop\ListChkdskResult.txt
2016-12-13 17:58 - 2016-12-13 17:59 - 00197679 _____ C:\Users\David\Desktop\ListChkdskResult.exe
2016-12-13 17:57 - 2016-12-13 17:57 - 00000000 ___HD C:\$Windows.~WS
2016-12-13 17:51 - 2016-12-13 17:51 - 00003178 _____ C:\Windows\System32\Tasks\{EFE9A5FA-63B2-413B-B60A-5F6D22915B0F}
2016-12-13 17:45 - 2016-12-13 17:45 - 00000000 ____D C:\$WINDOWS.~BT
2016-12-13 17:42 - 2016-12-13 17:42 - 18309328 _____ (Microsoft Corporation) C:\Users\David\Downloads\MediaCreationTool.exe
2016-12-13 17:31 - 2016-12-13 17:31 - 00002516 _____ C:\Users\David\Desktop\Windows 7 USB DVD Download Tool.lnk
2016-12-13 17:31 - 2016-12-13 17:31 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-12-13 17:31 - 2016-12-13 17:31 - 00000000 ____D C:\Users\David\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2016-12-13 17:00 - 2016-12-13 17:02 - 00000888 _____ C:\Users\David\Desktop\SFCFix.txt
2016-12-13 16:59 - 2016-12-13 16:59 - 02884096 _____ (niemiro) C:\Users\David\Desktop\SFCFix.exe
2016-12-13 16:59 - 2016-12-13 16:59 - 01041880 _____ C:\Users\David\Downloads\SFCFix.zip
2016-12-13 16:59 - 2016-12-13 16:59 - 01041880 _____ C:\Users\David\Desktop\SFCFix.zip
2016-12-13 11:12 - 2016-12-13 11:12 - 00041671 _____ C:\Users\David\Downloads\RE-Betr-Afwikkeling-OVO.pdf
2016-12-08 10:26 - 2016-12-08 20:29 - 00000000 ____D C:\Users\David\AppData\Local\FileZilla
2016-12-07 14:26 - 2016-12-07 14:26 - 23671348 _____ (Florent BREHERET ) C:\Users\David\Downloads\SeleniumBasic-2.0.9.0(1).exe
2016-12-01 12:13 - 2016-12-12 22:44 - 00000000 ____D C:\Users\David\AppData\Roaming\Callnote
2016-12-01 12:13 - 2016-12-01 12:13 - 00001087 _____ C:\Users\David\Desktop\Callnote.lnk
2016-12-01 12:13 - 2016-12-01 12:13 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Callnote
2016-12-01 12:12 - 2016-12-12 16:59 - 00000000 ____D C:\Users\David\Documents\Callnote
2016-12-01 12:12 - 2016-12-01 12:13 - 00000000 ____D C:\Program Files (x86)\Callnote
2016-12-01 12:10 - 2016-12-01 12:10 - 01014760 _____ (Kandasoft, Inc. ) C:\Users\David\Downloads\callnote_downloader-4.0.0 (1).exe
2016-12-01 12:06 - 2016-12-01 12:06 - 01014760 _____ (Kandasoft, Inc. ) C:\Users\David\Downloads\callnote_downloader-4.0.0.exe
2016-12-01 11:50 - 2016-12-01 13:41 - 00000000 ____D C:\Users\David\AppData\LocalLow\WebEx
2016-12-01 11:50 - 2016-12-01 11:51 - 00000000 ____D C:\ProgramData\WebEx
2016-12-01 11:48 - 2016-12-01 11:48 - 00914312 _____ (Cisco WebEx LLC) C:\Users\David\Downloads\Cisco_WebEx_Add-On(1).exe
2016-12-01 08:54 - 2016-12-10 03:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-26 19:02 - 2016-12-13 17:02 - 00000000 ____D C:\SFCFix
2016-11-26 17:52 - 2016-11-28 09:28 - 00000000 ____D C:\Users\David\AppData\Local\niemiro
2016-11-26 17:51 - 2016-11-26 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Backup and Restore
2016-11-26 17:51 - 2016-11-26 17:51 - 00000000 ____D C:\Program Files\Acelogix
2016-11-26 17:48 - 2016-11-26 17:48 - 00587168 _____ (Acelogix ) C:\Users\David\Downloads\regbak.exe
2016-11-25 13:05 - 2016-11-25 13:05 - 00000861 _____ C:\Users\Public\Desktop\S3 Browser.lnk
2016-11-25 13:05 - 2016-11-25 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S3 Browser
2016-11-25 13:05 - 2016-11-25 13:05 - 00000000 ____D C:\Program Files\S3 Browser
2016-11-25 13:04 - 2016-12-02 07:37 - 00000000 ____D C:\Users\David\AppData\Roaming\S3Browser
2016-11-25 12:58 - 2016-11-25 12:59 - 03151664 _____ (NetSDK Software, LLC ) C:\Users\David\Downloads\s3browser-6-2-7.exe
2016-11-24 11:50 - 2016-11-24 11:51 - 00000000 ____D C:\Users\David\AppData\Local\NVIDIA Corporation
2016-11-24 10:14 - 2016-11-17 03:04 - 01852352 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-11-24 10:14 - 2016-11-17 03:04 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-11-24 10:14 - 2016-11-17 03:04 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-11-24 10:14 - 2016-11-17 03:04 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-11-24 10:14 - 2016-11-17 03:04 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-24 10:13 - 2016-11-24 10:13 - 00003770 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-24 10:11 - 2016-11-24 10:11 - 00003582 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-24 10:10 - 2016-11-24 10:10 - 00003820 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-24 10:10 - 2016-11-24 10:10 - 00003820 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-24 10:10 - 2016-11-24 10:10 - 00003758 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-24 10:10 - 2016-11-24 10:10 - 00003522 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-24 10:08 - 2016-11-17 01:46 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-11-24 10:07 - 2016-11-24 10:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-24 10:07 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-11-24 10:07 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-11-24 10:07 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-11-24 10:07 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-11-24 10:06 - 2016-11-17 02:03 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-11-24 10:06 - 2016-11-17 02:03 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-11-24 10:00 - 2016-11-17 03:04 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-11-24 09:48 - 2016-11-17 03:04 - 40123840 _____ C:\Windows\system32\nvcompiler.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 35224632 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 34704952 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 28140088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 19936464 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 17440392 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 14048312 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-11-24 09:48 - 2016-11-17 03:04 - 10912232 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 10795128 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 10346024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 09150704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 08754160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 03941720 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 03479560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437595.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437595.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 01037248 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00943552 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00520912 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00436088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00388544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00212936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-11-24 09:48 - 2016-11-17 03:04 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00104384 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00094144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-11-24 09:48 - 2016-11-17 03:04 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-24 09:48 - 2016-11-17 03:04 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-11-24 09:48 - 2016-11-17 03:04 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-11-24 09:48 - 2016-11-17 03:04 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-11-24 09:39 - 2016-11-24 09:39 - 00000000 ____D C:\NVIDIA
2016-11-18 11:16 - 2016-12-13 15:35 - 00000000 ____D C:\Users\David\AppData\LocalLow\Mozilla
2016-11-16 13:06 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-16 13:06 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-16 13:06 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-16 13:06 - 2016-10-11 16:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-16 13:06 - 2016-10-11 16:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-16 13:06 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-16 13:06 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-16 13:06 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-16 13:06 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-16 13:06 - 2016-10-11 16:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-16 13:06 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-16 13:06 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-16 13:06 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-16 13:06 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-16 13:06 - 2016-10-11 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-16 13:06 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-11-16 13:06 - 2016-10-11 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-16 13:06 - 2016-10-11 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-16 13:06 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-16 13:06 - 2016-10-11 15:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-16 13:06 - 2016-10-11 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-16 13:06 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-16 13:06 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-16 13:06 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-16 13:06 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-16 13:06 - 2016-10-11 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-16 13:06 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-16 13:06 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-11-16 13:06 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-11-16 13:06 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-16 13:06 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-16 13:06 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-16 13:06 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-16 13:06 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-16 13:06 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-16 13:06 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-16 13:06 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-16 13:06 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-14 10:02 - 2016-11-14 10:02 - 00274112 _____ C:\Users\David\Downloads\cross-browser-grayscale-ie11-v2.zip
2016-11-13 15:34 - 2016-11-13 15:34 - 06316266 _____ C:\Users\David\Downloads\zzquick_contacts_linkedin_update.csv

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-13 18:48 - 2012-04-22 13:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-13 18:31 - 2013-05-09 16:57 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-13 18:02 - 2009-07-14 05:45 - 00026800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-13 18:02 - 2009-07-14 05:45 - 00026800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-13 17:58 - 2009-07-14 18:58 - 00702154 _____ C:\Windows\system32\perfh007.dat
2016-12-13 17:58 - 2009-07-14 18:58 - 00150820 _____ C:\Windows\system32\perfc007.dat
2016-12-13 17:58 - 2009-07-14 06:13 - 01628962 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-13 17:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-13 17:57 - 2011-10-09 18:20 - 00000000 ____D C:\Windows\Panther
2016-12-13 16:49 - 2013-05-09 16:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-13 16:47 - 2016-04-08 08:26 - 00000000 ____D C:\ProgramData\VMware
2016-12-13 16:46 - 2012-11-20 17:40 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-13 16:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-13 15:35 - 2016-01-05 09:15 - 00000000 ____D C:\Users\David\Documents\Outlook Files
2016-12-13 15:35 - 2011-10-11 18:40 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-12-13 08:14 - 2016-09-08 10:44 - 00000000 ____D C:\Users\David\AppData\Local\Deployment
2016-12-13 04:47 - 2015-06-29 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-12-13 04:32 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-11 01:02 - 2012-07-07 11:32 - 00000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2016-12-10 20:18 - 2014-05-01 10:54 - 00000000 ____D C:\Users\David\AppData\Local\Spotify
2016-12-10 19:42 - 2014-05-01 10:53 - 00000000 ____D C:\Users\David\AppData\Roaming\Spotify
2016-12-10 03:31 - 2012-04-27 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-10 03:29 - 2005-03-16 23:30 - 00000000 ____D C:\Users\David\AppData\Roaming\FileZilla
2016-12-08 10:26 - 2013-11-20 21:57 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2016-12-08 10:26 - 2005-03-16 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-12-07 14:29 - 2016-06-29 11:23 - 00000000 ____D C:\Users\David\AppData\Local\SeleniumBasic
2016-12-07 12:00 - 2014-12-10 13:13 - 00000000 __SHD C:\#GDATA.Trash.Store#
2016-12-06 13:53 - 2012-01-03 18:25 - 00000000 ____D C:\wamp
2016-12-01 13:41 - 2014-10-26 14:10 - 00000000 ____D C:\Users\David\AppData\Roaming\webex
2016-12-01 12:13 - 2015-09-24 07:46 - 00000000 ____D C:\Users\David\.oracle_jre_usage
2016-12-01 11:59 - 2016-10-26 09:15 - 00000000 ____D C:\Users\David\AppData\Roaming\Amolto
2016-12-01 11:51 - 2014-10-26 14:10 - 00000000 ____D C:\Users\David\AppData\Local\WebEx
2016-12-01 08:42 - 2015-09-23 14:41 - 00000000 ____D C:\Users\David\AppData\Roaming\HDDHealth
2016-11-30 01:11 - 2015-04-09 18:29 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-11-26 11:40 - 2016-10-10 08:17 - 00000000 ____D C:\Program Files (x86)\NirSoft
2016-11-26 10:50 - 2015-01-03 16:41 - 00000000 ___RD C:\Users\David\Mediencenter
2016-11-26 08:35 - 2011-12-26 18:52 - 00000000 ____D C:\Windows\pss
2016-11-26 01:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2016-11-25 22:25 - 2016-01-21 14:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-25 22:24 - 2011-10-11 18:40 - 00000000 ____D C:\ProgramData\Skype
2016-11-25 12:17 - 2011-12-25 19:51 - 00000000 ____D C:\Users\David\AppData\Local\Microsoft Help
2016-11-24 10:36 - 2012-09-01 13:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-24 10:14 - 2012-09-01 13:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-24 10:13 - 2012-12-16 18:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-24 10:13 - 2012-11-21 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-17 17:11 - 2012-06-26 17:49 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-17 16:59 - 2012-04-23 17:35 - 00000000 ____D C:\ProgramData\FLEXnet
2016-11-17 13:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-11-17 03:04 - 2013-02-25 23:32 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-11-17 03:04 - 2013-02-25 23:32 - 03645496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-11-17 03:04 - 2013-01-04 20:33 - 01595456 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-11-17 03:04 - 2012-10-10 21:23 - 17361976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-11-17 03:04 - 2012-02-09 21:43 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-11-17 02:03 - 2012-11-20 17:39 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-11-17 02:03 - 2012-11-20 17:39 - 02477624 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-11-17 02:03 - 2012-11-20 17:39 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-11-17 02:03 - 2012-11-20 17:39 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-11-17 02:03 - 2012-11-20 17:39 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-17 00:37 - 2012-10-15 19:08 - 01024105 _____ C:\Windows\SysWOW64\TVersityMediaServer.log.1
2016-11-17 00:25 - 2012-10-15 19:08 - 01024046 _____ C:\Windows\SysWOW64\TVersityMediaServer.log.2
2016-11-17 00:03 - 2012-10-15 18:05 - 01602306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-17 00:02 - 2012-12-30 12:39 - 00000000 ____D C:\Users\David\AppData\Roaming\Origin
2016-11-17 00:02 - 2012-12-30 12:37 - 00000000 ____D C:\ProgramData\Origin
2016-11-16 13:18 - 2005-03-16 23:36 - 00000600 _____ C:\Users\David\AppData\Local\PUTTY.RND
2016-11-16 12:36 - 2011-12-24 08:48 - 00000000 ____D C:\Users\David\AppData\Local\QuickPar
2016-11-16 10:52 - 2013-01-04 20:20 - 07529957 _____ C:\Windows\system32\nvcoproc.bin
2016-11-15 00:34 - 2013-05-09 17:00 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-13 15:36 - 2012-12-30 12:37 - 00000000 ____D C:\Program Files (x86)\Origin
2016-11-13 15:30 - 2012-12-30 12:39 - 00000000 ____D C:\Users\David\AppData\Local\Origin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-03 00:11 - 2015-12-03 00:11 - 0038425 _____ () C:\Users\David\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-09-10 09:52 - 2014-11-16 10:16 - 0000023 _____ () C:\Users\David\AppData\Roaming\EncodingMaster.his
2014-09-10 09:52 - 2014-11-16 10:16 - 0000216 _____ () C:\Users\David\AppData\Roaming\EncodingMaster.xml
2014-09-10 09:52 - 2014-11-16 10:16 - 0000034 _____ () C:\Users\David\AppData\Roaming\EncoMast.prf
2014-12-10 12:33 - 2014-12-10 12:33 - 0000000 _____ () C:\Users\David\AppData\Roaming\gdfw.log
2014-12-10 12:32 - 2014-12-10 12:32 - 0000779 _____ () C:\Users\David\AppData\Roaming\gdscan.log
2012-06-02 11:09 - 2012-06-02 13:35 - 0001188 _____ () C:\Users\David\AppData\Local\crc32list11.txt
2012-10-13 16:45 - 2012-10-13 16:45 - 0003584 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2005-03-16 23:36 - 2016-11-16 13:18 - 0000600 _____ () C:\Users\David\AppData\Local\PUTTY.RND
2012-09-22 14:07 - 2016-10-27 11:23 - 0007664 _____ () C:\Users\David\AppData\Local\resmon.resmoncfg
2012-04-09 15:21 - 2012-04-09 15:21 - 0000011 _____ () C:\ProgramData\.tv6

Einige Dateien in TEMP:
====================
C:\Users\David\AppData\Local\Temp\NVI2_29.DLL
C:\Users\David\AppData\Local\Temp\skype_x861332401594350072674.dll
C:\Users\David\AppData\Local\Temp\sqlite-3.8.10.1-31c4a660-bff5-4057-84a5-b8c50eb21724-sqlitejdbc.dll
C:\Users\David\AppData\Local\Temp\sqlite-3.8.10.1-3c6654f9-0643-4306-a559-59b245654891-sqlitejdbc.dll
C:\Users\David\AppData\Local\Temp\sqlite-3.8.10.1-3db6deda-c101-4793-a349-2cb9c9e640cc-sqlitejdbc.dll
C:\Users\David\AppData\Local\Temp\sqlite-3.8.10.1-7990a3ba-b036-4498-818b-70a9e69c8ced-sqlitejdbc.dll
C:\Users\David\AppData\Local\Temp\sqlite-3.8.10.1-81abaed3-ff15-4f90-b4b6-84af1fbcc8c8-sqlitejdbc.dll
C:\Users\David\AppData\Local\Temp\sqlite-3.8.10.1-fd60c545-0dca-4d58-962d-28a6108b6ecb-sqlitejdbc.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-10 04:26

==================== Ende von FRST.txt ============================

Addition.txt

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-12-2016
durchgeführt von David (13-12-2016 19:25:38)
Gestartet von C:\Users\David\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-10-09 17:00:45)
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-2681974954-2570966158-2371400285-500 - Administrator - Disabled)
David (S-1-5-21-2681974954-2570966158-2371400285-1001 - Administrator - Enabled) => C:\Users\David
Gast (S-1-5-21-2681974954-2570966158-2371400285-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2681974954-2570966158-2371400285-1010 - Limited - Enabled)
Mcx1-DAVID-PC (S-1-5-21-2681974954-2570966158-2371400285-1004 - Limited - Enabled) => C:\Users\Mcx1-DAVID-PC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA TOTAL PROTECTION (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA TOTAL PROTECTION (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version: - )
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS4 (HKLM-x32\...\Adobe_ccb135070a90ff24d6e7cc4bc5a59cb) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bananatag Outlook 2010 Add-in (x86) (HKLM-x32\...\{4E0C25F5-443C-42B4-9133-1B1CEC1D0152}) (Version: 1.5.5 - Bananatag Systems Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Callnote Version 4.0.0.0 (HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\{048CD767-219E-4F04-AA84-3128F6A35948}_is1) (Version: 4.0.0.0 - Kanda Software)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Cisco WebEx Meetings (HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crayon Physics Deluxe (HKLM-x32\...\Steam App 26900) (Version: - Kloonigames)
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 3.0.0.0 - devolo AG)
dLAN Cockpit (HKLM-x32\...\Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1) (Version: 3 (23.12.2010) - devolo AG)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.0.18598 - Landesfinanzdirektion Thüringen)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
G DATA TOTAL PROTECTION (HKLM-x32\...\{2A1FF304-D778-49F1-B340-E4BF4CDA2EB0}) (Version: 25.1.0.12 - G DATA Software AG)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.32.000 - Runtime Software)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.30.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.30.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Git version 1.8.1.2-preview20130201 (HKLM-x32\...\Git_is1) (Version: 1.8.1.2-preview20130201 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GrabIt 1.7.3 Beta (build 1010) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
HDD Health v4.2 (HKLM-x32\...\HDD Health_is1) (Version: - )
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
K-Lite Mega Codec Pack 8.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.0.0 - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Lexware Elster (HKLM-x32\...\{95EFD16D-3A38-4E7A-901A-24A92399547C}) (Version: 10.25.00.0003 - Haufe-Lexware GmbH & Co.KG)
Lexware financial office pro 2012 (HKLM-x32\...\{002C9FA8-ED6A-4B44-883A-29A5EEE3A7F6}) (Version: 12.00.00.0124 - Haufe-Lexware GmbH & Co.KG)
Lexware financial office pro 2012 (x32 Version: 12.00.00.0124 - ) Hidden
Lexware Info Service (HKLM-x32\...\{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}) (Version: 2.80.00.0007 - Haufe-Lexware GmbH & Co.KG)
Lexware professional Datenbank 2012 (HKLM-x32\...\{FDC5E0B1-2739-48A1-8027-F76F2E68AC84}) (Version: 12.00.00.0115 - Haufe-Lexware GmbH & Co.KG)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visio Standard 2013 (HKLM-x32\...\Office15.VISSTD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ Build Tools (HKLM-x32\...\{321f09f3-c00b-40b4-b3aa-9cc927ee6e4e}) (Version: 14.0.25123.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MobaXterm (HKLM-x32\...\{9963467B-FD4D-4139-BAA9-44BCD52AD129}) (Version: 8.5.0.0 - Mobatek)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.2.2.60207 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PASW Statistics 18 (HKLM-x32\...\{C25215FC-5900-48B0-B93C-8D3379027312}) (Version: 18.0.0 - SPSS Inc.)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
PDFtk - The PDF Toolkit version 2.02 (HKLM-x32\...\{C65EA7B8-FC21-4896-AD44-9CE952BB1255}_is1) (Version: 2.02 - PDF Labs)
PDFtk Server version 2.02 (HKLM-x32\...\{E3617D29-6D71-4B5C-B9E2-C927C705E317}_is1) (Version: 2.02 - PDF Labs)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PNGGauntlet (HKLM-x32\...\{B2D251E2-A78B-42C2-9D94-695A8CCC17E9}) (Version: 3.1.1 - Ben Hollis)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Python 3.5 pywin32-220 (HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\pywin32-py3.5) (Version: - )
Python 3.5.1 (32-bit) (HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Add to Path (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Registry Backup and Restore (HKLM\...\Registry Backup and Restore_is1) (Version: - Acelogix)
S3 Browser version 6.2.7 (HKLM\...\S3 Browser_is1) (Version: 6.2.7.0 - NetSDK Software, LLC)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.6 - Seagate Technology)
Selenium Basic (HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\{0277FC34-FD1B-4616-BB19-1FDB7381B291}_is1) (Version: 2.0.9.0 - Florent BREHERET)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
TVersity Codec Pack 1.7 (HKLM-x32\...\TVersity Codec Pack) (Version: 1.7 - TVersity Inc.)
TVersity Media Server 2.6 (HKLM-x32\...\TVersity Media Server) (Version: 2.6 - TVersity)
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for Skype for Business 2015 (KB3127976) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISSTD_{7CBB5B61-6821-4B11-9640-A04ABF78630F}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM\...\{57AA4E8A-E2C9-4F1C-B3F1-762C36E34472}) (Version: 12.1.0 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WampServer 2.2 (HKLM-x32\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL))
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{BC49C330-D3D0-4040-9F9C-7488A143E396}) (Version: 21.01.8499 - Buhl Data Service GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-0809389E78C4}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-14DB1E4916D4}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-3C406728F1A2}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-44A424DB3F50}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-5D556733E8C9}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-5DB46A739EEA}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-6AAF7EDD33D6}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-7D30CBC3F6BB}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-80B2B91F0D44}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-9E7F9EF1D002}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-A34FCBA29598}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-B0C8C528C673}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-B719752452AA}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-BE75D14E7B41}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-CDCD9EB97FD6}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-CEA7D8FD6954}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-E3CCFFAB4234}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-E9AAFA695FFB}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{0277FC34-FD1B-4616-BB19-EED04A1E4CD1}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D225FEB-6371-4E92-964D-CE01444D4A05} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {10B9BEF5-A304-43B8-B7F8-DD231211B057} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {1921EB37-1CB4-4288-86CF-B13FE900E2BB} - System32\Tasks\{811122EF-99C0-45EC-8231-97945EFC44FB} => pcalua.exe -a "C:\Users\David\Downloads\GrabIt Downloads\Return.to.Castle.Wolfenstein.ger.uncut.nfo\Return.to.Castle.Wolfenstein.ger.uncut\Setup.exe" -d "C:\Users\David\Downloads\GrabIt Downloads\Return.to.Castle.Wolfenstein.ger.uncut.nfo\Return.to.Castle.Wolfenstein.ger.uncut"
Task: {2B4B187A-7420-44B4-953B-0D86EB30AD93} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-DAVID-PC => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {3C220013-0F7F-4B99-B357-D62EA49871C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {45071BE4-F15E-487D-A905-689491E9CD20} - System32\Tasks\{5A2F9C22-D1D2-42E9-BAF6-27030E4F8275} => pcalua.exe -a "C:\Users\David\Downloads\GrabIt Downloads\Adobe Fireworks CS4 v10 0 Multilingual Incl Keymaker CORE\keygen.exe" -d "C:\Users\David\Downloads\GrabIt Downloads\Adobe Fireworks CS4 v10 0 Multilingual Incl Keymaker CORE"
Task: {54338762-0F07-4C57-98C0-8B573197968D} - System32\Tasks\{E30834F1-70B0-4E50-8B3E-CD098DC9F588} => pcalua.exe -a "C:\Users\David\Downloads\WISO Steuer-Sparbuch 2011 Setup.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {56183DDE-86C9-4225-8347-2767AA140460} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5A660623-4037-4213-A0FE-212F2778EC9C} - System32\Tasks\{D8FAB2D3-E28D-45C4-B63F-64745CD4FE23} => pcalua.exe -a D:\directx\dxsetup.exe -d D:\directx
Task: {5DB5554A-A975-4BEC-931D-48C4C633E0CB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {60C4D5FF-9DC2-41E1-A878-00861F00A019} - System32\Tasks\{B7459355-E4CD-41D7-858F-1A1EA29B5DF0} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.119.259/de/abandoninstall?source=lightinstaller&page=tsPlugin&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chromeffered-installed;madedefault
Task: {69B11572-CA44-4520-AE15-B7E07C10B173} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {75A725D6-6DEB-4336-BD8C-C66430F224E0} - System32\Tasks\{EF570E05-E531-4E3E-94FD-E58F33092D48} => pcalua.exe -a "C:\Program Files (x86)\hMailServer\Bin\DBSetup.exe" -d "C:\Program Files (x86)\hMailServer\Bin"
Task: {7C907C60-A613-4AAB-B590-55743B4F673B} - System32\Tasks\{548261DE-00B1-4B9F-BFA3-7F03FF9BA026} => pcalua.exe -a "C:\Users\David\Downloads\GrabIt Downloads\adobe DW\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\acce07fd2c8fe7f9e3f26243e626578" -c -silent
Task: {9868E34F-6900-4B03-BC2A-BBE8619EBDD8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {A6059601-D18C-4766-97BF-1463ABEF5149} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {ADF68320-D254-4527-B769-2049470A800C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {AF360F90-A40C-47A7-A56D-971B5EA2306F} - System32\Tasks\{EFE9A5FA-63B2-413B-B60A-5F6D22915B0F} => pcalua.exe -a C:\Users\David\Downloads\Downloads\WinSetupFromUSB_0-2-3.exe -d C:\Users\David\Downloads\Downloads
Task: {B254D4C9-2373-433A-9DD5-58F66DE2A509} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {C9E197AD-C2DF-4E38-BF5E-AD8DF0837474} - System32\Tasks\{367ED73A-0A88-4700-8DFB-BFD5E0FC25CB} => pcalua.exe -a C:\Users\David\Downloads\wmcsetup2.exe -d C:\Users\David\Downloads
Task: {D9F38FFF-CBEF-49FF-BFE4-19DBA8489FAC} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {DD800584-D118-44A4-A809-6329C9D76387} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {E50B7771-E29D-459B-BBE7-20B03CDE351F} - System32\Tasks\{AB12E4A6-00B2-4261-8A26-3AAEDE11EE15} => pcalua.exe -a "C:\Users\David\Downloads\GrabIt Downloads\Return.to.Castle.Wolfenstein.ger.uncut.nfo\Return.to.Castle.Wolfenstein.ger.uncut\uncut_patch\RtCW-GOLDUCPF.exe" -d "C:\Users\David\Downloads\GrabIt Downloads\Return.to.Castle.Wolfenstein.ger.uncut.nfo\Return.to.Castle.Wolfenstein.ger.uncut\uncut_patch"
Task: {F0B48A80-A502-4F29-8ED3-0FCAAC59D301} - System32\Tasks\{375CAE14-0EBB-4383-885C-BD385D56E847} => pcalua.exe -a C:\Users\David\Downloads\pywin32-220.win32-py3.5.exe -d C:\Users\David\Downloads
Task: {F4C66F71-EBBB-47C1-98D0-39731CCB502F} - System32\Tasks\{40EE59C5-B648-4C75-9A7A-3687A66187C6} => pcalua.exe -a "C:\Users\David\Downloads\GrabIt Downloads\ADOBE PHOTOSHOP CS4 EXTENDED V11 0 GERMAN INCL KEYMAKER-CORE.NFO\Setup.exe" -d "C:\Users\David\Downloads\GrabIt Downloads\ADOBE PHOTOSHOP CS4 EXTENDED V11 0 GERMAN INCL KEYMAKER-CORE.NFO"
Task: {FF9FBBAA-4EAD-4229-B5CE-05FB6BB8DC15} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Selenium Basic\Start Chrome.lnk -> C:\Users\David\AppData\Local\SeleniumBasic\Scripts\StartChrome.vbs ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-03-04 18:17 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2015-09-23 14:41 - 2013-03-08 08:54 - 00017760 _____ () C:\Program Files (x86)\HDD Health\HDDHealthService.exe
2012-11-20 17:39 - 2016-11-17 02:03 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-19 23:33 - 2015-12-19 23:33 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-02-11 04:43 - 2016-02-11 04:43 - 00387704 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-12-06 17:17 - 2016-12-06 17:17 - 00052400 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-10-11 21:12 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-05-03 20:20 - 2013-02-01 09:27 - 00718322 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-11-25 17:10 - 2015-11-25 17:10 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-11-15 00:33 - 2016-11-08 21:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-15 00:33 - 2016-11-08 21:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AmmyyAdmin => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\...\sony.com -> sony.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-12-16 17:49 - 00002874 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 on4u3.buhl.de
127.0.0.1 zend2.localhost localhost
127.0.0.1 zendm.localhost localhost
127.0.0.1 localhost

Da befinden sich 37 zusätzliche Einträge.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2681974954-2570966158-2371400285-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: AmmyyAdmin => 2

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{ABC69CEA-DEBD-49B7-B6C0-98DD15C71672}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0E9F63B6-D898-4791-8307-CF2CD3D4C04B}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{8A59AADC-23C5-4303-9DB5-C5C220ECA525}C:\spiele\dead island\deadislandgame.exe] => C:\spiele\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{6FF19570-CD96-4821-928A-C689572C4E37}C:\spiele\dead island\deadislandgame.exe] => C:\spiele\dead island\deadislandgame.exe
FirewallRules: [{87A22AE2-7289-49AB-8AAC-12B640E9EEDB}] => C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{11402EFA-DB33-47FE-82F6-81D99687EEA0}] => C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{BF89AC8B-6D21-4CF6-B0F8-E890FF2F4057}] => %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{71B144AA-7BF5-49A8-8129-2032B65D436F}] => %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{7C60F51D-3245-494C-B1E1-2045931823F9}] => LPort=26675
FirewallRules: [{8CE8EF7B-D836-498B-A126-0DF56EBDACFB}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F6850B68-C039-4640-8F36-F3E0C41A8C2A}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D10AD3BC-86D9-427F-95CF-9F299320B28A}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F53AA8D3-A722-4B60-86B5-84417DD168AA}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{836A94E7-F224-405A-B463-201AFE7F30F6}C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe] => C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
FirewallRules: [UDP Query User{3CD1C0F4-0310-4AD6-A00A-D086217E4798}C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe] => C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
FirewallRules: [{723C8BC6-5B9F-4E82-AC5B-EF5B7102EBE4}] => C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe
FirewallRules: [{3FFBC15D-F336-46AF-8DC5-ED9AF101BDF0}] => C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe
FirewallRules: [{0450DD3D-A3CF-4BAF-B39E-CEFE46F15583}] => C:\Program Files (x86)\TwonkyMedia\twonkymediaserver.exe
FirewallRules: [{43D906E4-F773-44F2-89C4-7AF0D884E0B0}] => C:\Program Files (x86)\TwonkyMedia\twonkymediaserver.exe
FirewallRules: [{6002D11B-9C93-49CC-AA88-496907B3823C}] => C:\Program Files (x86)\TwonkyMedia\MediaManager\TwonkyMediaManager.exe
FirewallRules: [{6ACE954F-C41B-4F9C-8084-71D28679C5CE}] => C:\Program Files (x86)\TwonkyMedia\MediaManager\TwonkyMediaManager.exe
FirewallRules: [{71FA6030-1FBA-49CA-80A8-A27925819CFF}] => LPort=5353
FirewallRules: [{117F7BFE-F418-4BAB-BE14-AA2F18B485A5}] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{A8B208F2-30B9-4F2C-8E17-04D9CBCD6DC6}] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [TCP Query User{095507F1-7B6D-4908-9D2C-6D9204DA7E63}C:\program files (x86)\mirc\mirc.exe] => C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{EC8A8179-7440-4CCD-BE8C-A0CF2A912A99}C:\program files (x86)\mirc\mirc.exe] => C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{84636BE5-9BB4-47F6-B36D-39017EAD7F2D}] => C:\Program Files (x86)\SPSSInc\PASWStatistics18\paswstat.exe
FirewallRules: [{FB0F2EB8-0E31-4FD3-BB27-19DB8FD00BC0}] => C:\Program Files (x86)\SPSSInc\PASWStatistics18\WinWrapIDE.exe
FirewallRules: [{59FABC49-8135-488F-919E-B3845833AC19}] => C:\Program Files (x86)\SPSSInc\PASWStatistics18\paswstat.com
FirewallRules: [{B0FEA7D3-E09F-4514-B0F2-2B358731F585}] => C:\Program Files (x86)\SPSSInc\PASWStatistics18\paswstat.exe
FirewallRules: [{8BB49445-7F53-4B74-94B6-60D2FB9C74DE}] => C:\Program Files (x86)\SPSSInc\PASWStatistics18\WinWrapIDE.exe
FirewallRules: [{9B8C4239-2602-4DD9-9DA2-CFA75CE38079}] => C:\Program Files (x86)\SPSSInc\PASWStatistics18\paswstat.com
FirewallRules: [{8D0239B2-0788-45CC-AB9E-3EE21CF8ECCA}] => C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{A9B1A26B-71E6-426E-AF3A-D39C076D7C69}] => C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MP.exe
FirewallRules: [{4FA17434-783F-4E9B-B33A-10787F27A316}] => C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{4FA9692F-0658-47D2-B758-2D893A328C7F}] => C:\Program Files (x86)\Activision\Wolfenstein\MP\Wolf2MPLite.exe
FirewallRules: [{2646F729-84CA-412D-910D-9E84B5702676}] => C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{85988B03-EE96-4AFC-B7B8-52B18A05743F}] => C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{5F5750D9-35F8-45F4-AAF1-7D60DDF9566F}] => C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{B9E339CE-7CE1-4A24-9F8C-39EF392AC604}] => C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{41F26EFF-F099-4A89-A302-126F2DE10C41}] => LPort=5900
FirewallRules: [{E7A01A83-7A99-4A18-9355-9281EAA488B9}] => LPort=5800
FirewallRules: [{DB753CFF-9DA4-45B8-9EB3-7A0747302D30}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{613E48B3-8151-4AB6-94A6-A9DA426F77D4}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{92D85A45-A5DA-43D9-BC5A-8E5704D2E84E}] => C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D10993FA-90E1-4D54-AF4B-9EA1A587F89C}] => C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{26162B4F-37E3-4671-8799-C95AEBC0A12D}] => C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{4025CD3D-9E69-4E61-B942-EEF642211143}] => C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{49BEEC3A-BA9A-49BB-8400-8C9CD7BC0499}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{C562B8FD-4732-48D4-A6F3-0BF20542612B}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{D062D4A9-0298-4CFE-AE6E-FAED87CA0194}] => C:\ProgramData\TVersity\Media Server\MediaServer.exe
FirewallRules: [{84A8A3B9-50F9-4F13-86FF-E154D3459825}] => C:\Program Files (x86)\Steam\SteamApps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{67636DA8-901C-4032-9CF3-06087E4CCF0A}] => C:\Program Files (x86)\Steam\SteamApps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{975EFB55-B09D-4970-9884-51B64B32AB1C}] => C:\Program Files (x86)\Steam\SteamApps\common\Crayon Physics Deluxe\launcher.exe
FirewallRules: [{1C354A53-4EEA-494B-880B-74A3D391EFE1}] => C:\Program Files (x86)\Steam\SteamApps\common\Crayon Physics Deluxe\launcher.exe
FirewallRules: [{7458F50D-BB7C-4C02-9089-1DB72D8672D0}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{680A335F-EEC4-42D5-9037-22B2EC56638D}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1C703FC2-C7E0-4EC2-B063-CEC198C765EF}] => C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{FAFB5682-D754-4B42-BE08-C101FEFEC213}] => C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{43D5A47D-41C8-4AC7-86A7-F35C757725F7}] => C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{3E31DAD6-D705-4020-AC5C-12BBF45EFBEC}] => C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{EF1D4725-F3D8-4BAA-941A-44E855F1B3AF}] => C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{2453346B-E4BD-41D0-8331-8DBF65083039}] => C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{7A581017-ACC4-4F68-93D5-6BC27D5E8A56}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{480278FD-3D86-4C81-A6D2-BCC0CDA0424B}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{80A703A8-8800-4D1A-B9B3-C8753CF447DF}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CF45145E-295C-4CAD-9B7E-06ED60CC6BE3}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C376AA18-12F2-4535-A593-8380BFBFF098}] => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{72084CD6-C899-4C66-912F-804E0DF0E590}] => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DE1C78D3-8CC9-46FE-A71D-89EBA28B385D}] => C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CE4F24B3-666A-43BA-BAD4-161D1B1696C9}] => C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0A931CE8-D490-4DB4-A5CF-95A602E041B5}] => C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{4E382BA9-EF7E-4304-BABF-2C2B8F4592A9}] => C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{87C45687-DC72-4D1B-BD23-7B8DA0D10707}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D780A8D5-4F86-4356-9B61-10B50B46C849}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8AF0457F-A943-4728-A290-C53E87261C4D}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DE0F0902-55FA-4D38-958B-BC9C5CF5B091}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C6A47469-FB84-408E-8D41-9C26B02B6568}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8C917E1D-4D04-4C8D-BC73-F64DA7C67FC8}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6FCA2EBB-B0F2-41E7-A446-786D77354FBE}] => C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
FirewallRules: [{D4D14E61-9777-487D-A162-77639BEB9689}] => C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
FirewallRules: [{ACACB573-92F8-434E-A2BF-8B36D68824BF}] => LPort=5353
FirewallRules: [{6DE266AA-AE1D-4D19-9B1F-238BFB3D1A8E}] => LPort=9322
FirewallRules: [{588F721B-4EBE-46E2-B2DC-074301AA5A1B}] => LPort=5353
FirewallRules: [{D63D3195-2FC7-41A5-83F0-360ED64848C8}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5D5B25C0-C37A-4493-8877-D4D557D0E982}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3AE2E6D4-90E0-4A37-871A-E4C36B0F4552}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F8E1F81-7392-4D4C-8630-DAA9DDB6447F}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{66361B9F-CF35-4B9D-AC08-FBE17D4709AA}] => C:\Program Files (x86)\Steam\SteamApps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{5099B1B5-C815-4E97-A30D-0E079994D5E6}] => C:\Program Files (x86)\Steam\SteamApps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{5393093F-3EA3-4D3B-97FD-FE77BF5CDABD}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{58032AEE-2C7A-4A9B-8170-49F4ED3C2001}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{63EFB67B-50D6-420F-9431-CAEBEFAB9980}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5769AF42-BA4C-432A-937E-7DCEB1591A4F}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{27A3D950-5342-4F51-9B4C-E6FF44304A19}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{89841656-2129-4FCF-A02E-7D0469A3EA9F}] => C:\Program Files\WebDrive\WebDrive.exe
FirewallRules: [{14502342-6BC6-4292-AE53-7BBE0CA8C405}] => C:\Program Files\WebDrive\WebDrive.exe
FirewallRules: [{7BE7D5D6-03FD-4E94-9A2E-D524AAAA5C54}] => C:\Program Files\WebDrive\wdService.exe
FirewallRules: [{9E0FE29D-7812-46B4-9499-755525963137}] => C:\Program Files\WebDrive\wdService.exe
FirewallRules: [{4B7AC7C8-C4BD-4B07-A2F6-5B1E0173D2A1}] => C:\Program Files\NetDrive2\nd2svc.exe
FirewallRules: [{F00FF191-4690-4F8A-B373-91F4FFCE4A50}] => C:\Program Files\NetDrive2\NetDrive2.exe
FirewallRules: [{390AA613-EBF7-4383-A777-49BFBA0D48B9}] => C:\Program Files\NetDrive2\nd2cmd.exe
FirewallRules: [{810D6218-7801-4AE1-AE72-64F9FA66377E}] => C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{5EA8BCCA-8143-42A5-9DE3-FFC9131FD652}] => C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{69678700-34A4-4D16-8338-7641CFCA5C5D}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{ABE58B34-9A38-4330-A8DE-096C3F7B9653}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CD678C4B-2F47-40D2-A73A-060A5C80E2DE}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{545C107A-0BCF-4CCC-BCBF-7298C61DEB29}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4183282B-9A40-4BC4-AFDE-28137DC95419}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{085DB667-80FB-4542-A786-432A4D1C53C4}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{907EE7AD-B748-428F-9D67-FAE98AE5C702}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1B696BBA-F726-465A-9AAE-3FDCC837551A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8D10C0D1-81F3-4679-82C1-CFCB94D30E32}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6B8C0145-B1EC-40D5-BBD7-87DE1C6D877D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Wiederherstellungspunkte =========================

12-12-2016 03:00:10 Windows Update
13-12-2016 04:36:59 Windows Update
13-12-2016 12:41:05 Windows Modules Installer
13-12-2016 17:28:32 Installed Windows 7 USB/DVD Download Tool

==================== Fehlerhafte Geräte im Gerätemanager =============

==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/13/2016 05:24:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\David\Downloads\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/13/2016 10:06:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Fireworks.exe, Version 10.0.3.11 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 25b0

Startzeit: 01d2551fd31fdf04

Endzeit: 5

Anwendungspfad: C:\Program Files (x86)\Adobe\Adobe Fireworks CS4\Fireworks.exe

Berichts-ID: 5b50bb10-c113-11e6-8d4d-005056c00008

Error: (12/13/2016 09:51:55 AM) (Source: Apache Service) (EventID: 3299) (User: )
Description: The Apache service named reported the following error:
>>> Warning: DocumentRoot [C:/Apache2/docs/dummy-host2.example.com] does not exist .

Error: (12/13/2016 09:51:55 AM) (Source: Apache Service) (EventID: 3299) (User: )
Description: The Apache service named reported the following error:
>>> Warning: DocumentRoot [C:/Apache2/docs/dummy-host.example.com] does not exist .

Error: (12/13/2016 04:57:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.14913.1002, Zeitstempel: 0x57d1070d
Name des fehlerhaften Moduls: devinv.dll, Version: 10.0.14913.1002, Zeitstempel: 0x57d10950
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023c00
ID des fehlerhaften Prozesses: 0x1008
Startzeit der fehlerhaften Anwendung: 0x01d254f1f2131ee5
Pfad der fehlerhaften Anwendung: C:\Windows\system32\CompatTelRunner.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\devinv.dll
Berichtskennung: 351c3ba4-c0e8-11e6-8d4d-005056c00008

Error: (12/12/2016 06:31:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Excessive name conflicts (19) for A.B.9.A.D.4.0.B.B.2.4.A.6.E.1.B.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. (PTR); rate limiting in effect

Error: (12/12/2016 06:31:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 12 A.B.9.A.D.4.0.B.B.2.4.A.6.E.1.B.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PC-2.local.

Error: (12/12/2016 06:31:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.159.1:5353 10 A.B.9.A.D.4.0.B.B.2.4.A.6.E.1.B.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PC.local.

Error: (12/12/2016 06:31:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Excessive name conflicts (18) for 1.159.168.192.in-addr.arpa. (PTR); rate limiting in effect

Error: (12/12/2016 06:31:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 12 1.159.168.192.in-addr.arpa. PTR PC-2.local.

Systemfehler:
=============
Error: (12/13/2016 05:18:03 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PC-25",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{12D73D6C-7AB1-4165-9AEC-97DBB0B4905E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (12/13/2016 04:49:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer erreicht.

Error: (12/13/2016 04:47:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
VBoxNetAdp

Error: (12/13/2016 04:47:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TVersity Media Server erreicht.

Error: (12/13/2016 04:46:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "solrJetty" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (12/13/2016 04:46:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/13/2016 04:46:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (12/13/2016 04:46:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetDrive2_Service_NetDrive2" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (12/13/2016 04:38:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "G DATA Personal Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/13/2016 04:38:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G DATA Personal Firewall erreicht.

CodeIntegrity:
===================================
Date: 2012-11-10 12:23:46.756
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-11-10 12:23:46.583
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-11-10 12:23:46.378
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-11-10 12:23:46.203
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-11-10 12:23:20.104
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-11-10 12:23:19.926
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-11-10 12:23:19.733
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-11-10 12:23:19.576
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-11-10 12:23:19.354
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-11-10 12:23:19.180
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

==================== Speicherinformationen ===========================

Prozessor: AMD Athlon(tm) II X4 640 Processor
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8189.43 MB
Verfügbarer physikalischer RAM: 4888.02 MB
Summe virtueller Speicher: 16377.04 MB
Verfügbarer virtueller Speicher: 12205.41 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:574.75 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:446.23 GB) (Free:295.99 GB) NTFS
Drive e: () (Fixed) (Total:144.25 GB) (Free:124.13 GB) NTFS
Drive f: (INTENSO) (Removable) (Total:14.44 GB) (Free:14.43 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 5F245B03)
Partition 1: (Not Active) - (Size=4.8 GB) - (Type=27)
Partition 2: (Active) - (Size=144.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: BBE32E14)
Partition 1: (Active) - (Size=446.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=19.5 GB) - (Type=BC)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 56BABC5C)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 14.5 GB) (Disk ID: 17FE539B)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

Needed to delete some thinks (created Files in least Months and vhosts)..but should be ok now...

BrianDrab · Dec 15, 2016

OK, please do the following.

AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool. Click I agree if you agree with the terms of use.
4. Click on Scan.
5. After the scan is complete, if you get a message that states "AdwCleaner found no malicious program on your computer!" then you can click OK and then click the Logfile button. Notepad will open with some information. Copy/Paste this into your next reply. No need to continue with the rest of the steps for AdwCleaner.
6. If you don't get that message then click on "Clean"
7. Confirm each time with Ok.
8. Your computer will be rebooted automatically. A text file will open after the restart.
9. Please post the content of that logfile with your next answer.
10. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner
Danger
.txt

Danger

as well.

davidpp · Dec 15, 2016

OK, here we are:

# AdwCleaner v6.041 - Report generated on 16/12/2016 at 01:22:18
# Updated on 16/12/2016 by Malwarebytes
# Database: 2016-12-15.1 [server]
# Operating System: Windows 7 Professional Service Pack 1 (X64)
# Username: David - PC
# Started by: C: \ Users \ David \ Desktop \ adwcleaner_6.041.exe
# Mode: search
# Support: Malwarebytes | Customer Support & Help Center

***** [ Services ] *****

No harmful services found.

***** [ Folder ] *****

Folder Found: C: \ Users \ David \ AppData \ Local \ DownloadGuide
Folder Found: C: \ Users \ David \ AppData \ LocalLow \ SimplyTech
Folder Found: C: \ Users \ David \ AppData \ Roaming \ download manager
Folder Found: C: \ Program Files (x86) \ WinZip Registry Optimizer

***** [files] *****

No malicious files found.

*** [DLL] *****

No infected DLLs found.

***** [WMI] *****

No harmful keys found.

***** [ Connections ] *****

No infected links found.

***** [Task Scheduling] *****

No harmful tasks found.

***** [Registration database] *****

Key Found: HKLM \ SYSTEM \ CurrentControlSet \ Services \ EventLog \ Application \ SearchAnonymizer
Key Found: [x64] HKLM \ SYSTEM \ CurrentControlSet \ Services \ EventLog \ Application \ SearchAnonymizer
Key Found: HKLM \ SOFTWARE \ Classes \ CLSID \ {35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found: HKLM \ SOFTWARE \ Classes \ CLSID \ {3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Key Found: HKLM \ SOFTWARE \ Classes \ CLSID \ {61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Key Found: HKLM \ SOFTWARE \ Classes \ CLSID \ {E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Key Found: HKLM \ SOFTWARE \ Classes \ Interface \ {3F607E46-0D3C-4442-B1EN-EN7FA4768F5C}
Key Found: HKLM \ SOFTWARE \ Classes \ Interface \ {FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found: HKLM \ SOFTWARE \ Classes \ TypeLib \ {93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found: HKU \ .DEFAULT \ Software \ Microsoft \ Internet Explorer \ InternetRegistry \ REGISTRY \ USER \ S-1-5-18 \ Software \ StartNow Toolbar
Data Found: HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ AboutURls [newtab] - C: \ Users \ David \ AppData \ Roaming \ SimplyTech \ home \ home.htm
Data Found: [x64] HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ AboutURls [newtab] - C: \ Users \ David \ AppData \ Roaming \ SimplyTech \ home \ home.htm

***** [ Web browser ] *****

No harmful elements found in Firefox based browsers.
No harmful items found in Chrome based browsers.

*************************

C: \ AdwCleaner \ AdwCleaner [S0] .txt - [2595 Bytes] - [16/12/2016 01:22:18]

########## EOF - C: \ AdwCleaner \ AdwCleaner [S0] .txt - [2668 bytes] ##########

davidpp · Dec 15, 2016

After Restart:

# AdwCleaner v6.041 - Report created on 16/12/2016 at 01:28:33
# Updated on 16/12/2016 by Malwarebytes
# Database: 2016-12-15.1 [server]
# Operating System: Windows 7 Professional Service Pack 1 (X64)
# Username: David - PC
# Started by: C: \ Users \ David \ Desktop \ adwcleaner_6.041.exe
#Mode: Delete
# Support: Malwarebytes | Customer Support & Help Center
***** [ Services ] *****
***** [ Folder ] *****
[-] Folder deleted: C: \ Users \ David \ AppData \ Local \ DownloadGuide
[-] Folder deleted: C: \ Users \ David \ AppData \ LocalLow \ SimplyTech
[-] Folder deleted: C: \ Users \ David \ AppData \ Roaming \ download Manager
[-] Folder deleted: C: \ Program Files (x86) \ WinZip Registry Optimizer
[#] Deleted folder with restart: C: \ Users \ David \ AppData \ Local \ DownloadGuide
[#] Folder rebooted: C: \ Users \ David \ AppData \ LocalLow \ SimplyTech
[#] Folder rebooted: C: \ Users \ David \ AppData \ Roaming \ download Manager
[#] Folder rebooted: C: \ Program Files (x86) \ WinZip Registry Optimizer
***** [files] *****
*** [DLL] *****
***** [WMI] *****
***** [ Connections ] *****
***** [Task Scheduling] *****
***** [Registration database] *****
[-] Key deleted: HKLM \ SYSTEM \ CurrentControlSet \ Services \ EventLog \ Application \ SearchAnonymizer
[#] Key rebooted with reboot: [x64] HKLM \ SYSTEM \ CurrentControlSet \ Services \ EventLog \ Application \ SearchAnonymizer
[-] Key cleared: HKLM \ SOFTWARE \ Classes \ CLSID \ {35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Key cleared: HKLM \ SOFTWARE \ Classes \ CLSID \ {3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key cleared: HKLM \ SOFTWARE \ Classes \ CLSID \ {61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key cleared: HKLM \ SOFTWARE \ Classes \ CLSID \ {E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key deleted: HKLM \ SOFTWARE \ Classes \ Interface \ {3F607E46-0D3C-4442-B1EN-EN7FA4768F5C}
[-] Key cleared: HKLM \ SOFTWARE \ Classes \ Interface \ {FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key cleared: HKLM \ SOFTWARE \ Classes \ TypeLib \ {93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Key deleted: HKU \ .DEFAULT \ Software \ Microsoft \ Internet Explorer \ InternetRegistry \ REGISTRY \ USER \ S-1-5-18 \ Software \ StartNow Toolbar
[-] Data recovered: HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ AboutURls [newtab]
[-] Data recovered: [x64] HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ AboutURls [newtab]
[#] Deleted key with restart: HKLM \ SYSTEM \ CurrentControlSet \ Services \ EventLog \ Application \ SearchAnonymizer
[#] Key rebooted with reboot: [x64] HKLM \ SYSTEM \ CurrentControlSet \ Services \ EventLog \ Application \ SearchAnonymizer
[#] Key cleared with reboot: HKLM \ SOFTWARE \ Classes \ CLSID \ {35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[#] Key cleared with reboot: HKLM \ SOFTWARE \ Classes \ CLSID \ {3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[#] Key cleared with reboot: HKLM \ SOFTWARE \ Classes \ CLSID \ {61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[#] Key cleared with reboot: HKLM \ SOFTWARE \ Classes \ CLSID \ {E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[#] Key cleared with reboot: HKLM \ SOFTWARE \ Classes \ Interface \ {3F607E46-0D3C-4442-B1EN-EN7FA4768F5C}
[#] Cleared with reboot: HKLM \ SOFTWARE \ Classes \ Interface \ {FE0273D1-99DF-4AC0-87D5-1371C6271785}
[#] Key cleared with reboot: HKLM \ SOFTWARE \ Classes \ TypeLib \ {93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[#] Key rebooted with reboot: HKU \ .DEFAULT \ Software \ Microsoft \ Internet Explorer \ InternetRegistry \ REGISTRY \ USER \ S-1-5-18 \ Software \ StartNow Toolbar
[-] Data recovered: HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ AboutURls [newtab]
[-] Data recovered: [x64] HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ AboutURls [newtab]
***** [Browser] *****
*************************
:: "Tracing" key deleted
:: Winsock settings reset
:: "Tracing" key deleted
:: Winsock settings reset
*************************
C: \ AdwCleaner \ AdwCleaner [C0] .txt - [2555 bytes] - [16/12/2016 01:27:53]
C: \ AdwCleaner \ AdwCleaner [C2] .txt - [4137 Bytes] - [16/12/2016 01:28:33]
C: \ AdwCleaner \ AdwCleaner [S0] .txt - [2755 bytes] - [16/12/2016 01:22:18]
########## EOF - C: \ AdwCleaner \ AdwCleaner [C2] .txt - [4283 bytes] ##########

BrianDrab · Dec 15, 2016

OK, please perform a Clean Boot following instructions at the following link and then attempt the steps in Post#5 again.

davidpp · Dec 16, 2016

Ok, seems it really worked out...infected system? What do i pay gdata for?...

SFCFix version 3.0.0.0 by niemiro.
Start time: 2016-12-16 08:59:12.808
Microsoft Windows 7 Service Pack 1 - amd64
Using .zip script file at C:\Users\David\Desktop\SFCFix.zip [0]

PowerCopy::
Successfully took permissions for file or folder C:\Windows\Winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.3.7600.16385_none_8ca5655e8bc7dae9

Successfully copied file C:\Users\David\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.3.7600.16385_none_8ca5655e8bc7dae9\wuaueng.dll to C:\Windows\Winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.3.7600.16385_none_8ca5655e8bc7dae9\wuaueng.dll.

Successfully restored ownership for C:\Windows\Winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.3.7600.16385_none_8ca5655e8bc7dae9
Successfully restored permissions on C:\Windows\Winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.3.7600.16385_none_8ca5655e8bc7dae9
PowerCopy:: directive completed successfully.

Successfully processed all directives.
SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 1 datablocks.
Finish time: 2016-12-16 08:59:13.588
Script hash: QcYXIsIpIv6FUq3pL3MVLCea2qcZ4uLxLWsnLfwOlTE=
----------------------EOF-----------------------

[SOLVED] Windows Update Corrupted - IE11

Member

Member

Emeritus

Member

Emeritus

Attachments

Member

Emeritus

Member

Emeritus

Member

Emeritus

Member

Emeritus

Member

Member

Emeritus

Member

Member

Emeritus

Member