Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7: Update nicht möglich Code 80070424 "...kein installierter Dienst..."

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.07.2017, 10:52   #1
Win7-Fehler
 
Windows 7: Update nicht möglich Code 80070424 "...kein installierter Dienst..." - Icon17

Windows 7: Update nicht möglich Code 80070424 "...kein installierter Dienst..."



Zitat:
Zitat von cosinus Beitrag anzeigen
ENTERPRISE Editionen sind normalerweise nur für Firmenkunden mit teuren Volumenlizenzverträgen. Ich hoffe ihr seid da keinem Betrüger auf den Leim gegangen.
Nach meiner Recherche kann man im Netz problemlos eine legale iso finden. Und wie schon erwähnt wurde dazu eine Lizenz erworben. Inwieweit der Verkauf gestattet ist oder nicht kann ich momentan nicht sagen.


Zitat:
Zitat von cosinus Beitrag anzeigen
Ich frage ja auch ob das gewerblich genutzt ist. Dass gewerblich genutzte Rechner in Büros von Admins betreut werden, die nix anderes machen als sich um Rechner und Netzwerke zu kümmern, sollte man eigentlich schon mal gehört haben.
Falls es gewerblich genutzt würde hätte ich es sicher angegeben so wie es in diversen "Info"-Texten hier im Forum zu lesen ist. Also nochmal: Der Rechner wird schon seid Jahren mehr oder minder ohne Probleme mit Win7 Enterprise privat von mehreren Benutzern genutzt. Die Frage nach einer "Admin-Betreuung" ist daher sinnfrei.

Die gewünschten Logs folgen...

Hier der Log der FRST.txt:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
Ran by ***_2 (administrator) on _________ (22-07-2017 10:58:59)
Running from C:\Users\***_2._________\Desktop
Loaded Profiles: *** & Admin2 & ***_2 (Available Profiles: *** & Admin2 & ***_2 & Guest)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Internet Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(ESET) C:\Program Files\ESET\ESET Internet Security\egui.exe
(Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wlms\wlms.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware1\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware1\mbamtray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(SoftPerfect) C:\Program Files\SoftPerfect RAM Disk\ramdisk.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() J:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() J:\Program Files (x86)\SpeedFan\speedfan.exe
(Flux Software LLC) C:\Users\***\AppData\Local\FluxSoftware\Flux\flux.exe
(VideoLAN) J:\Program Files\VideoLAN\VLC\vlc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Internet Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware1\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(SoftPerfect) C:\Program Files\SoftPerfect RAM Disk\ramdisk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() J:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-10-01] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE1\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [SoftPerfectRamDisk] => C:\Program Files\SoftPerfect RAM Disk\ramdisk.exe [3495752 2017-03-15] (SoftPerfect)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395928 2012-05-10] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => J:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2673640 2012-05-10] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\MountPoints2: S - S:\Autorun.exe
HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\MountPoints2: {288d5ebd-6c91-11e7-b2bc-001eecb76515} - W:\setup.exe
HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\MountPoints2: {35702bf7-3ed1-11e7-9985-001eecb76515} - E:\Autorun.exe
HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\MountPoints2: {ae47e01a-417e-11e7-b055-001eecb76515} - K:\Autorun.exe
HKU\S-1-5-21-586602746-3783179535-1032027696-1003\...\Run: [DAEMON Tools Lite Automount] => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
HKU\S-1-5-21-586602746-3783179535-1032027696-1003\...\Run: [Steam] => V:\Steam\Steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-586602746-3783179535-1032027696-1003\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C24].tx
HKU\S-1-5-21-586602746-3783179535-1032027696-1003\...\MountPoints2: {985124f2-fee6-11e5-ac97-806e6f6e6963} - F:\POINTSOFT.EXE
HKU\S-1-5-21-586602746-3783179535-1032027696-1006\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-586602746-3783179535-1032027696-1006\...\MountPoints2: {ae47e01a-417e-11e7-b055-001eecb76515} - E:\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-01-13] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-586602746-3783179535-1032027696-1000] => localhost:8088
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9A5889DC-5673-4F06-BABD-DC893BACD6B9}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131294063067573317&GUID=EB90F46E-5B4F-43CC-A482-3A590FCC37A6
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-586602746-3783179535-1032027696-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131294063067713325&GUID=EB90F46E-5B4F-43CC-A482-3A590FCC37A6
HKU\S-1-5-21-586602746-3783179535-1032027696-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-03-28] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll => No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6brv3jzz.default
FF ProfilePath: C:\Users\***_2._________\AppData\Roaming\Mozilla\Firefox\Profiles\6brv3jzz.default [2017-07-22]
FF Extension: (Adblock Plus) - C:\Users\***_2._________\AppData\Roaming\Mozilla\Firefox\Profiles\6brv3jzz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-14] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2017-07-20] (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2017-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-586602746-3783179535-1032027696-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]

==================== Services (Whitelisted) ====================

(I
==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Internet Security\ekrn.exe [2836296 2016-12-14] (ESET)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2017-03-28] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware1\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-09-13] (NVIDIA Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [71272 2017-05-09] (Windscribe Limited)
R2 WLMS; C:\Windows\system32\wlms\wlms.exe [19456 2009-07-14] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; "C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe" [X]
S3 GfExperienceService; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" [X]
S3 iReboot; "C:\Program Files (x86)\NeoSmart Technologies\iReboot\iRebootd.exe" [X]
S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
S3 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]
S3 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AF15BDA; C:\Windows\System32\Drivers\AF15BDA.sys [518272 2010-06-22] (ITETech                  ) [File not signed]
R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306688 2016-12-02] (AVerMedia TECHNOLOGIES, Inc.)
S3 cpuz138; no ImagePath
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-05-22] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-05-22] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2016-12-22] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106768 2016-12-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180544 2016-12-22] (ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [49672 2016-12-22] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [77616 2016-12-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [60536 2016-12-22] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [96856 2016-12-22] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-07-12] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-04-20] (REALiX(tm))
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2017-03-29] (IObit.com)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2016-11-29] (JMicron Technology Corp.)
R0 MBAMChameleon; C:\Windows\System32\drivers\MBAMChameleon.sys [188352 2017-07-12] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [101784 2017-07-21] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253856 2017-07-21] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-07-22] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKsl28c6f4f3; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{29440FBD-5AB2-4467-AACF-8C7F3D1CD8E6}\MpKsl28c6f4f3.sys [44928 2017-07-21] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [49208 2017-05-19] (NVIDIA Corporation)
S1 prodrv06; C:\Windows\SysWOW64\drivers\prodrv06.sys [54272 2004-04-08] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [70400 2004-04-08] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28624 2017-05-20] () [File not signed]
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-11-29] (Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2017-04-19] (The OpenVPN Project) [File not signed]
R3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2017-04-21] (The OpenVPN Project)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [121824 2016-07-21] (Oracle Corporation)
S1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [195424 2016-07-21] (Oracle Corporation)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2017-07-21] (Acronis)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-22 11:02 - 2017-07-22 11:18 - 00066605 _____ C:\Users\***_2._________\Desktop\Addition.txt
2017-07-22 10:58 - 2017-07-22 11:19 - 00030546 _____ C:\Users\***_2._________\Desktop\FRST.txt
2017-07-22 10:57 - 2017-07-21 18:55 - 02382336 _____ (Farbar) C:\Users\***_2._________\Desktop\FRST64.exe
2017-07-21 21:03 - 2017-07-21 21:03 - 00000000 ____D C:\Users\Admin2\AppData\Roaming\Acronis
2017-07-21 21:01 - 2017-07-21 21:01 - 00000000 ____D C:\ProgramData\Acronis
2017-07-21 21:00 - 2017-07-21 21:00 - 00971360 _____ (Acronis) C:\Windows\system32\Drivers\timntr.sys
2017-07-21 21:00 - 2017-07-21 21:00 - 00000960 _____ C:\Users\Public\Desktop\Acronis True Image WD*Edition.lnk
2017-07-21 20:59 - 2017-07-21 20:59 - 00275552 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2017-07-21 20:59 - 2017-07-21 20:59 - 00210016 _____ (Acronis) C:\Windows\system32\Drivers\vididr.sys
2017-07-21 20:59 - 2017-07-21 20:59 - 00141920 _____ (Acronis) C:\Windows\system32\Drivers\vsflt53.sys
2017-07-21 20:59 - 2017-07-21 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2017-07-21 20:59 - 2017-07-21 20:59 - 00000000 ____D C:\Program Files (x86)\Acronis
2017-07-21 19:12 - 2017-07-22 11:18 - 00000000 ____D C:\FRST
2017-07-20 16:58 - 2017-07-20 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2017-07-20 16:58 - 2017-07-20 16:58 - 00000000 ____D C:\Program Files (x86)\WinCDEmu
2017-07-20 16:01 - 2017-07-20 16:45 - 00000000 ____D C:\Program Files\NTLite
2017-07-20 16:01 - 2017-07-20 16:01 - 00000768 _____ C:\Users\Admin2\Desktop\NTLite.lnk
2017-07-20 16:01 - 2017-07-20 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTLite
2017-07-18 20:30 - 2017-07-18 20:41 - 00000000 ____D C:\Users\***\AppData\Local\FileZilla
2017-07-11 21:46 - 2017-07-11 21:46 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2017-07-04 11:42 - 2017-07-04 11:44 - 40741560 _____ (IObit ) C:\Users\***_2._________\Downloads\IObit-Malware-Fighter-Setup.exe
2017-07-02 16:37 - 2017-07-02 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect RAM Disk
2017-07-02 16:36 - 2017-07-02 16:37 - 00000000 ____D C:\Program Files\SoftPerfect RAM Disk
2017-07-02 16:36 - 2017-07-02 16:36 - 00000000 ____D C:\ProgramData\SoftPerfect
2017-07-02 16:33 - 2017-07-22 10:53 - 00000648 _____ C:\Windows\Tasks\Wise Memory Optimizer Task.job
2017-07-02 16:33 - 2017-07-02 16:33 - 00003076 _____ C:\Windows\System32\Tasks\Wise Memory Optimizer Task
2017-07-02 16:32 - 2017-07-02 16:32 - 00000000 ____D C:\Users\Admin2\AppData\Roaming\Wise Care 365
2017-07-02 13:44 - 2017-07-02 13:44 - 00000913 _____ C:\Users\Admin2\Desktop\RAMRush.lnk
2017-07-02 13:44 - 2017-07-02 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAMRush
2017-07-02 13:44 - 2017-07-02 13:44 - 00000000 ____D C:\Program Files (x86)\RAMRush
2017-06-30 00:26 - 2017-07-22 09:55 - 00000442 _____ C:\Windows\Tasks\Aktualisierung von Yandex Browser.job
2017-06-30 00:26 - 2017-07-20 16:33 - 00003432 _____ C:\Windows\System32\Tasks\Aktualisierung von Yandex Browser
2017-06-30 00:25 - 2017-06-30 00:25 - 00000000 ____D C:\Users\***\AppData\Local\Yandex
2017-06-29 18:27 - 2017-06-29 18:27 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2017-06-28 17:03 - 2017-06-28 17:03 - 00001338 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-06-23 22:27 - 2017-06-23 22:31 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\44E67552.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-22 10:54 - 2017-02-02 10:58 - 00000000 ____D C:\Users\***_2._________\AppData\LocalLow\Mozilla
2017-07-22 10:53 - 2017-02-02 10:57 - 00000008 __RSH C:\Users\***_2._________\ntuser.pol
2017-07-22 10:53 - 2017-02-02 10:57 - 00000000 ____D C:\Users\***_2._________
2017-07-22 09:56 - 2017-04-20 15:12 - 03108044 _____ C:\Windows\ntbtlog.txt
2017-07-22 09:56 - 2017-02-02 11:35 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-21 21:34 - 2017-02-02 11:35 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-21 21:34 - 2017-02-02 11:35 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-21 21:34 - 2017-02-02 11:34 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-21 21:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-21 21:28 - 2017-01-09 06:23 - 00000008 __RSH C:\Users\***\ntuser.pol
2017-07-21 21:28 - 2017-01-09 05:32 - 00000000 ____D C:\Users\***
2017-07-21 21:27 - 2016-12-10 14:18 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-07-21 21:26 - 2017-02-02 10:57 - 00000000 ____D C:\Users\***_2._________\AppData\LocalLow\IObit
2017-07-21 21:26 - 2017-01-05 19:25 - 00000000 ____D C:\Users\Admin2\AppData\Roaming\IObit
2017-07-21 21:26 - 2016-11-20 22:43 - 00000000 ____D C:\Users\***\AppData\LocalLow\IObit
2017-07-21 21:26 - 2016-11-20 22:43 - 00000000 ____D C:\ProgramData\IObit
2017-07-21 21:14 - 2016-04-10 07:20 - 00000000 ____D C:\AdwCleaner
2017-07-21 21:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-21 17:50 - 2017-01-09 05:32 - 00000000 ____D C:\Users\Admin2
2017-07-20 18:50 - 2017-02-10 18:06 - 00000000 ____D C:\Users\***\AppData\Local\TeamSpeak 3 Client
2017-07-20 18:48 - 2016-08-02 21:28 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-20 17:47 - 2017-04-15 18:46 - 00071608 _____ C:\Users\Admin2\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-20 17:15 - 2016-04-10 06:15 - 00001908 _____ C:\Windows\diagwrn.xml
2017-07-20 17:15 - 2016-04-10 06:15 - 00001908 _____ C:\Windows\diagerr.xml
2017-07-20 17:13 - 2016-12-07 11:41 - 00001472 _____ C:\Windows\CompatibilityIssues.txt
2017-07-18 20:24 - 2017-04-14 19:53 - 00699342 _____ C:\Windows\system32\perfh007.dat
2017-07-18 20:24 - 2017-04-14 19:53 - 00149450 _____ C:\Windows\system32\perfc007.dat
2017-07-18 20:24 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-12 11:54 - 2017-04-12 12:30 - 00307336 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-12 11:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-07-12 11:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-07-12 11:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-07-12 11:20 - 2017-02-02 11:35 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-12 11:19 - 2017-02-02 11:34 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-11 19:38 - 2017-02-02 11:00 - 00071608 _____ C:\Users\***_2._________\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-11 19:33 - 2016-08-24 16:42 - 00000000 ____D C:\temp
2017-07-11 19:19 - 2017-04-12 12:31 - 00071608 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-11 18:19 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-11 18:19 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2017-07-11 18:19 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-07-11 18:19 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-11 18:19 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-11 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2017-07-11 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-07-11 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2017-07-11 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2017-07-11 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2017-07-11 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2017-07-11 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2017-07-11 18:06 - 2009-07-14 04:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2017-07-11 18:06 - 2009-07-14 04:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2017-06-30 10:13 - 2017-05-25 22:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-28 17:05 - 2017-01-19 06:37 - 00000000 ____D C:\ProgramData\ProductData
2017-06-28 17:03 - 2017-03-19 00:49 - 00002908 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_***
2017-06-28 17:03 - 2016-11-20 22:43 - 00001350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-06-28 17:03 - 2016-11-20 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-06-28 01:06 - 2017-05-04 22:01 - 00001055 _____ C:\Users\Public\Desktop\Windscribe.lnk
2017-06-28 01:06 - 2017-05-04 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2017-06-28 01:06 - 2017-05-04 21:58 - 00000000 ____D C:\Program Files (x86)\Windscribe

==================== Files in the root of some directories =======

2017-06-15 21:05 - 2017-06-15 21:05 - 0001368 _____ () C:\Program Files\PDFXEdit.exe.lnk

Files to move or delete:
====================
C:\Users\***\grub.exe
C:\Users\***\rescue2usb.exe
C:\Users\***\syslinux.exe


Some files in TEMP:
====================
2006-01-25 16:37 - 2006-01-25 16:37 - 1404928 ____R () C:\Users\Admin2\AppData\Local\Temp\RDtemp.exe
2017-06-24 01:59 - 2017-07-21 23:19 - 0192512 _____ () C:\Users\Admin2\AppData\Local\Temp\sfamcc00001.dll
2017-06-24 02:01 - 2017-07-11 20:09 - 0192512 _____ () C:\Users\Admin2\AppData\Local\Temp\sfamcc00002.dll
2017-06-29 18:39 - 2017-07-21 23:19 - 0158720 _____ () C:\Users\Admin2\AppData\Local\Temp\sfareca00001.dll
2017-06-16 14:43 - 2017-06-16 14:58 - 0012305 _____ () C:\Users\Admin2\AppData\Local\Temp\SIntf16.dll
2017-06-16 14:43 - 2017-06-16 14:58 - 0020020 _____ () C:\Users\Admin2\AppData\Local\Temp\SIntf32.dll
2017-06-16 14:43 - 2017-06-16 14:58 - 0024744 _____ () C:\Users\Admin2\AppData\Local\Temp\SIntfNT.dll
2017-07-21 16:54 - 2014-05-23 04:08 - 11313360 _____ (Microsoft Corporation) C:\Users\Admin2\AppData\Local\Temp\WindowsUpdateAgent-7.6-x64.exe
2006-01-25 16:37 - 2006-01-25 16:37 - 1404928 ____R () C:\Users\Guest\AppData\Local\Temp\RDtemp.exe
2017-06-16 18:11 - 2017-06-17 09:16 - 0012305 _____ () C:\Users\***\AppData\Local\Temp\SIntf16.dll
2017-06-16 18:11 - 2017-06-17 09:16 - 0020020 _____ () C:\Users\***\AppData\Local\Temp\SIntf32.dll
2017-06-16 18:11 - 2017-06-17 09:16 - 0024744 _____ () C:\Users\***\AppData\Local\Temp\SIntfNT.dll
2017-07-20 18:41 - 2017-07-20 18:43 - 15301888 _____ (Microsoft Corporation) C:\Users\***\AppData\Local\Temp\vcredist_x64.exe
2017-07-20 16:41 - 2017-07-20 16:41 - 0000000 _____ () C:\Users\***\AppData\Local\Temp\vlc-2.2.6-win64.exe
2004-06-09 19:38 - 2004-06-09 19:38 - 0626688 ____R () C:\Users\***_2._________\AppData\Local\Temp\RDtemp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-30 12:34

==================== End of FRST.txt ============================
         
--- --- ---

--- --- ---


Hier der Log der Addition.txt
[CODE]Additional
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2017
Ran by ***_2 (22-07-2017 11:19:51)
Running from C:\Users\***_2._________\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2017-01-09 04:23:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin2 (S-1-5-21-586602746-3783179535-1032027696-1003 - Administrator - Enabled) => C:\Users\Admin2
Administrator (S-1-5-21-586602746-3783179535-1032027696-500 - Administrator - Disabled)
Guest (S-1-5-21-586602746-3783179535-1032027696-501 - Limited - Enabled) => C:\Users\Guest
*** (S-1-5-21-586602746-3783179535-1032027696-1000 - Limited - Enabled) => C:\Users\***
***_2 (S-1-5-21-586602746-3783179535-1032027696-1006 - Administrator - Enabled) => C:\Users\***_2._________

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Acronis True Image WD*Edition (HKLM-x32\...\{9B683A28-2172-4CF1-B85D-41375E80652A}) (Version: 13.0.14189 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Advanced SystemCare 10 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 10.3.0 - IObit)
BitTorrent (HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\BitTorrent) (Version: 7.9.9.43389 - BitTorrent Inc.)
BleachBit (HKLM-x32\...\BleachBit) (Version: 1.6 - BleachBit)
Colin McRae Rally 04 (HKLM-x32\...\{F8718F95-21A1-44B9-97EC-679C93020BAE}) (Version: 1.00.000 - )
Colin McRae Rally 2 (HKLM-x32\...\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Desktop-Wecker (HKLM-x32\...\{1DC996A1-B1D1-46C5-B8C9-A936E7649329}) (Version: 1.0.0 - ROBL - PC - WARE)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
diabolo® (HKLM-x32\...\{1CC5C0F8-0051-4CBB-B3BA-1858905DED79}) (Version: 3.32.002.1706 - Moser GmbH & Co. KG) Hidden
diabolo® (HKLM-x32\...\InstallShield_{1CC5C0F8-0051-4CBB-B3BA-1858905DED79}) (Version: 3.32.002.1706 - Moser GmbH & Co. KG)
Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit)
EasyBCD 2.3 (HKLM-x32\...\EasyBCD) (Version: 2.3 - NeoSmart Technologies)
ESET Internet Security (HKLM\...\{40B1A12D-96E0-4A14-ABDF-84C77B461346}) (Version: 10.0.386.5 - ESET, spol. s r.o.)
etope Lister 2 (HKLM-x32\...\etope Lister_is1) (Version:  - Freshworx GmbH & Co.KG)
f.lux (HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\Flux) (Version:  - )
Folder Colorizer version 1.3.3 (HKLM\...\{A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1) (Version: 1.3.3 - Softorino)
Folderico 4.0 RC12 (HKLM-x32\...\Folderico) (Version: 4.0 RC12 - Shedko ( www.softq.org ))
HashTab 6.0.0.28 (HKLM\...\HashTab) (Version: 6.0.0.28 - Implbits Software)
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.4.0.2119 - IObit)
iReboot 2.0 (HKLM-x32\...\iReboot) (Version: 2.0 - NeoSmart Technologies)
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KeePass Password Safe 2.35 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.35 - Dominik Reichl)
Le Mans 24 Hours (HKLM-x32\...\Le Mans 24 Hours) (Version:  - )
Malwarebytes Activation (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 3.0.6.1469 - Malwarebytes)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM\...\Office14.OMUI.de-de) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version: 1.2 - Electronic Arts)
nGlide 1.05 (HKLM-x32\...\nGlide) (Version: 1.05 - Zeus Software)
NTLite v1.3.1.5060 (HKLM\...\NTLite_is1) (Version: 1.3.1.5060 - Nlitesoft)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 42.0.2393.94 (HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software)
Opera Stable 45.0.2552.812 (HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\Opera 45.0.2552.812) (Version: 45.0.2552.812 - Opera Software)
Oracle VM VirtualBox 5.1.2 (HKLM\...\{629314D8-8CB7-45F4-8C48-20EF2E330430}) (Version: 5.1.2 - Oracle Corporation)
PDF-XChange Editor (HKLM\...\{B7E5844A-B8ED-4F27-A3C8-966114DCB007}) (Version: 6.0.319.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{e44f0a83-eeaa-471b-8e1e-5475e4183164}) (Version: 6.0.319.0 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Lite V6 Home (HKLM\...\{4915A924-5CEF-493D-BAC8-5062CBE9D062}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Lite V6 Home (HKLM-x32\...\{a4ec71d6-f09f-4c77-b9f9-d82d7beedb7a}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.)
PhraseExpress v12.0.128 (HKLM-x32\...\PhraseExpress_is1) (Version: 12.0.128 - Bartels Media GmbH)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
qTox (HKLM-x32\...\qTox) (Version:  - The qTox Project)
Race Driver 2 (HKLM-x32\...\{D474A0E8-4421-43C0-BE8E-F454F91E2E2A}) (Version: 1.01.0000 - Codemasters) Hidden
Race Driver 2 (HKLM-x32\...\InstallShield_{D474A0E8-4421-43C0-BE8E-F454F91E2E2A}) (Version: 1.01.0000 - Codemasters)
Race Driver 3 (HKLM-x32\...\{0297C87B-CC40-446F-865A-031B4FC0CF22}) (Version: 1.00.0000 - Codemasters)
RAMRush 1.0.6.917 (HKLM-x32\...\RAMRush_is1) (Version:  - FTweak, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.5.1 - IObit)
SoftPerfect RAM Disk version 4.0.2 (HKLM\...\{33A14ED9-0340-4193-BEDB-B95BC8196182}_is1) (Version: 4.0.2 - SoftPerfect)
Sonic the Hedgehog 3 (HKLM-x32\...\Sonic the Hedgehog 3_is1) (Version:  - GameFabrique)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.27.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\TeamSpeak 3 Client) (Version: 3.1.0 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Telegram Desktop Version 1.0.27 (HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.0.27 - Telegram Messenger LLP)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TreeSize Free V4.0.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.3 - JAM Software)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.19 - Tweaking.com)
UltraISO Premium V9.5 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
VG JPEG-Repair (HKLM-x32\...\{0DF16447-2C77-4413-BB51-1CF29C6AFD4D}) (Version: 2.1.1 - VG Solutions)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windscribe Version 1.70 build 4 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Yandex (HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\YandexBrowser) (Version: 17.6.1.749 - YANDEX)
zebNet® Office Keyfinder 2.0.0.0 (HKLM\...\{C11E490F-63AB-49B4-900B-FE9400057322}) (Version: 2.0.0.0 - zebNet® Ltd)
zebNet® Windows Keyfinder 6.0.0.0 (HKLM\...\{BA76A2F4-88E2-4232-BAB9-DA12DDFD03CC}) (Version: 6.0.0.0 - zebNet® Ltd)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-586602746-3783179535-1032027696-1000_Classes\CLSID\{0207CA76-8233-4478-9A40-607AC304C435}\InprocServer32 -> C:\Users\***\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx => No File
CustomCLSID: HKU\S-1-5-21-586602746-3783179535-1032027696-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-586602746-3783179535-1032027696-1000_Classes\CLSID\{2BB2DE4F-FCDF-46F2-9723-5B1959E1BDE0}\InprocServer32 -> C:\Users\***\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx => No File
CustomCLSID: HKU\S-1-5-21-586602746-3783179535-1032027696-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-586602746-3783179535-1032027696-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-586602746-3783179535-1032027696-1000_Classes\CLSID\{95775FC2-FFFA-4432-A4BC-352AB1A84581}\InprocServer32 -> C:\Users\***\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx => No File
CustomCLSID: HKU\S-1-5-21-586602746-3783179535-1032027696-1000_Classes\CLSID\{BE892433-7479-4231-AB95-A313BDA3D409}\InprocServer32 -> C:\Users\***\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx => No File
CustomCLSID: HKU\S-1-5-21-586602746-3783179535-1032027696-1000_Classes\CLSID\{D0E9EEAE-9AC7-4204-BA07-B72DD6077E82}\InprocServer32 -> C:\Users\***\AppData\Roaming\Avery\Avery Wizard 5.0\AvWizRes.dll => No File
CustomCLSID: HKU\S-1-5-21-586602746-3783179535-1032027696-1000_Classes\CLSID\{D2776BCC-5F09-4068-B4E2-7EE1202F95CF}\InprocServer32 -> C:\Users\***\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers01: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> No File
ContextMenuHandlers01: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers01: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Internet Security\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers01: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-03-28] (IObit)
ContextMenuHandlers01: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers01: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2016-11-28] (Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers01: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers01: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers02: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers02: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Internet Security\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers02: [Record To CD] -> {34F4B935-17DC-4885-8BC9-CCD1ADF42F93} => C:\Program Files\ISO Recorder\ISORecorder.dll [2010-06-08] (Alex Feinman)
ContextMenuHandlers02: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers02: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers02: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware1\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers04: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers04: [FolderColorize] -> {3443FE61-F294-403D-A4A6-53E034FC9B3F} => C:\Program Files\Folder Colorizer\FolderColorShlExt.dll [2014-06-10] ()
ContextMenuHandlers04: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-03-28] (IObit)
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers04: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers06: [Create ISO Image from directory] -> {34F4B935-17DC-4885-8BC9-CCD1ADF42F93} => C:\Program Files\ISO Recorder\ISORecorder.dll [2010-06-08] (Alex Feinman)
ContextMenuHandlers06: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Internet Security\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers06: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-03-28] (IObit)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware1\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers06: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers06: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers06: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03A0E4B2-6271-4349-B7D5-1F0937C3AF86} - System32\Tasks\{E794A664-DDE1-4F94-82A9-1FA66D4783F3} => C:\Windows\system32\pcalua.exe -a C:\Users\***\Downloads\OODiskRecovery1164Ger.exe -d C:\Users\***\Downloads
Task: {0FF82144-6D0E-4697-BA8D-3F0ADA06CDBB} - System32\Tasks\Wunsypizadom Server => C:\Program Files (x86)\Mobeing\woight.exe
Task: {15F5A037-CEDF-4515-884E-A7423349AF4C} - System32\Tasks\{567815F2-08D0-4A0D-AE0F-7C409C2A16BB} => F:\pointsoft.exe
Task: {2615D2D1-826E-40F8-8AF1-97551F673F4C} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\Scheduler.exe
Task: {28DA5947-0C89-47D5-914C-493097F3E872} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe
Task: {2B10C223-E8AF-4598-AF1D-39C28EED1BBA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-19] (Adobe Systems Incorporated)
Task: {2B8C09F2-6077-469B-A9A6-ACDFBC311D85} - System32\Tasks\{4E75EA29-A0B8-4862-9992-74DB90923358} => C:\Windows\system32\pcalua.exe -a C:\Users\***\Downloads\vcredist_x64.exe -d C:\Users\***\Downloads
Task: {51D98F69-8A98-4CF0-982C-215F06F3B0DD} - System32\Tasks\Aktualisierung von Yandex Browser => C:\Users\***\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2017-06-14] (YANDEX LLC)
Task: {54B16038-0F4F-4D2B-9452-5947631CC1FA} - System32\Tasks\Opera scheduled Autoupdate 1483642252 => H:\Users\***\AppData\Local\Programs\Opera\launcher.exe [2017-05-15] (Opera Software)
Task: {5674C138-48DE-4312-A1FF-1AE294353AAE} - System32\Tasks\{4964F158-A79F-4E49-A51F-588F8E43764D} => C:\Windows\system32\pcalua.exe -a C:\Users\***\Downloads\gdbsimsetup_CB-DL-Manager.exe -d C:\Users\***\Downloads
Task: {594631A9-69F9-48B3-91F5-FACC4FDDD569} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe
Task: {5BC7517A-5558-4346-8E2B-7349F55DF6DE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-14] (Adobe Systems Incorporated)
Task: {5FDAFACD-0D83-48B9-B185-515F77B67ECD} - System32\Tasks\{E83CC923-D99E-459E-B101-1A4575EDCF75} => C:\Users\***\Downloads\swftools-0.9.0.exe
Task: {6F42917C-84B7-4CC1-A695-83F0BDE21E7D} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {7FF7264A-C0B6-4A35-8044-A8F2B4AB7B1E} - System32\Tasks\Opera scheduled Autoupdate 1479692968 => C:\Users\***\AppData\Local\Programs\Opera\launcher.exe
Task: {81C52812-1571-41DD-83BD-816B51E0B242} - System32\Tasks\SmartDefrag_Defrag => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
Task: {8FA9BD28-B27F-4060-9B84-77FFCF6C23EE} - \ASC10_SkipUac_Admin2 -> No File <==== ATTENTION
Task: {9E2C8931-084D-452F-8205-B249AD71D84C} - System32\Tasks\{B78A185C-424C-4333-8B91-6F2C4BA3BB15} => F:\pointsoft.exe
Task: {A341730A-05AE-4427-AB1A-22E040844C6F} - System32\Tasks\Driver Booster SkipUAC (Admin2) => J:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)
Task: {AF5C9135-1E30-4E0A-A89E-50897C2ACF5A} - System32\Tasks\Wise Memory Optimizer Task => C:\Users\***\AppData\Local\Temp\Temp1_Wise Memory Optimizer 3.37.zip\Wise Memory Optimizer\WiseMemoryOptimzer.exe [2017-07-02] (WiseCleaner.com) <==== ATTENTION
Task: {D5D0704A-481E-4156-AB94-2A32F34D9C1E} - System32\Tasks\{B52009E6-8C13-499A-ABE2-225AC2889921} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{B1371574-4B13-4D3E-8F47-48C698732B00}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {D659EB9A-B454-4BEB-B72D-36CC5C34E97F} - System32\Tasks\Uninstaller_SkipUac_*** => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-05-26] (IObit)
Task: {EA64F494-7038-448E-BF05-7E92144A683C} - \ASC10_PerformanceMonitor -> No File <==== ATTENTION
Task: {F082C782-4217-4664-B7DF-D10EBFE784F3} - System32\Tasks\ASCU10_SkipUac_*** => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASC.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Aktualisierung von Yandex Browser.job => C:\Users\***\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
Task: C:\Windows\Tasks\Wise Memory Optimizer Task.job => C:\Users\***\AppData\Local\Temp\Temp1_Wise Memory Optimizer 3.37.zip\Wise Memory Optimizer\WiseMemoryOptimzer.exe-a C:\Users\***\AppData\Local\Temp\Temp1_Wise Memory Optimizer 3.37.zip <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-01-09 05:26 - 2016-11-14 13:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-02-25 20:48 - 2014-06-10 13:53 - 00137528 _____ () C:\Program Files\Folder Colorizer\FolderColorShlExt.dll
2017-02-02 14:18 - 2017-07-12 11:19 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE1\MwacLib.dll
2017-07-02 16:36 - 2017-03-06 16:15 - 00159160 _____ () C:\Program Files\SoftPerfect RAM Disk\vvlib.dll
2012-05-10 16:16 - 2012-05-10 16:16 - 02673640 _____ () J:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2016-06-29 20:01 - 2016-06-29 20:01 - 08166536 _____ () J:\Program Files (x86)\SpeedFan\speedfan.exe
2016-06-01 16:45 - 2016-06-01 16:45 - 00152000 _____ () J:\Program Files\VideoLAN\VLC\libvlc.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 02763200 _____ () J:\Program Files\VideoLAN\VLC\libvlccore.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00626624 _____ () J:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00046016 _____ () J:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00042944 _____ () J:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00091072 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00083392 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 02568640 _____ () J:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00118720 _____ () J:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00267712 _____ () J:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00091072 _____ () J:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00059328 _____ () J:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00074176 _____ () J:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00684480 _____ () J:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00833984 _____ () J:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00140224 _____ () J:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00055232 _____ () J:\Program Files\VideoLAN\VLC\plugins\access\librar_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00026560 _____ () J:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00150464 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 01605056 _____ () J:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00349120 _____ () J:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 01487808 _____ () J:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00068032 _____ () J:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00051648 _____ () J:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 12298176 _____ () J:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00238016 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00108992 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00108992 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00049600 _____ () J:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00094144 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00039872 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00034240 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00027584 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00094144 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00033728 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00033216 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 01070016 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00144320 _____ () J:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 01429952 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00027072 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00397248 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00821184 _____ () J:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00034752 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00537024 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00037312 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00027072 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00032192 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00029632 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00027072 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00030656 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00028096 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00030144 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00174528 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00661952 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00049088 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00046016 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libty_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00032192 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00026560 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00063936 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00026048 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00029120 _____ () J:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 15975872 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00330688 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00031168 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00347584 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 01521088 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00844736 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00339392 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00032704 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00049600 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00056256 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00437696 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00038848 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00028096 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00199616 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 03009472 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00426432 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00031680 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00031168 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00035264 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00455616 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00135104 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00032192 _____ () J:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00916928 _____ () J:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00051136 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00037824 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00816576 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00041920 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00133056 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00068032 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00033216 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00046528 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00030656 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00059840 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00042944 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00053696 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00043456 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00026560 _____ () J:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00034240 _____ () J:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00067520 _____ () J:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00028608 _____ () J:\Program Files\VideoLAN\VLC\plugins\audio_filter\libnormvol_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 01515456 _____ () J:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00027072 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00027072 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00026560 _____ () J:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2012-05-10 16:23 - 2012-05-10 16:23 - 01233528 _____ () J:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2016-10-13 00:51 - 2016-09-13 23:08 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2012-05-10 16:16 - 2012-05-10 16:16 - 00071008 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll
2017-06-29 18:39 - 2017-07-21 23:19 - 00158720 _____ () C:\Users\Admin2\AppData\Local\Temp\sfareca00001.dll
2017-06-24 01:59 - 2017-07-21 23:19 - 00192512 _____ () C:\Users\Admin2\AppData\Local\Temp\sfamcc00001.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:60466E88 [127]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-586602746-3783179535-1032027696-1000\...\localhost -> localhost

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-02-02 14:17 - 00000979 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
127.0.0.1 www.google-analytics.com
127.0.0.1 google-analytics.com
0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-586602746-3783179535-1032027696-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-586602746-3783179535-1032027696-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-586602746-3783179535-1032027696-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\***_2._________\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Fax => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "c:\program files\daemon tools lite\dtagent.exe" -autorun
MSCONFIG\startupreg: VirtualCloneDrive => "c:\program files (x86)\virtualclonedrive\vcddaemon.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3F534A76-A8E8-448F-9BEF-1597B192B549}] => (Allow) LPort=1900
FirewallRules: [{4AB4E963-1C2D-409A-910F-FF34120EE901}] => (Allow) LPort=2869
FirewallRules: [{822A5DE5-7E81-4B40-A6A7-163DA20DC8E2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1F14184E-4DE5-4DE6-8196-B02E24F72EB9}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe
FirewallRules: [{1490703F-E26D-455B-ACA2-A1B3DEC3C121}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{91CDE436-0DC9-4F1C-A223-768E0700113E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{749A781C-D87F-4DA9-8FB5-AFD55E6C767B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B32340B3-7FBC-452C-BFF6-34FA4D3B1777}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A6FA2805-1455-4DEA-8285-184D29CBBC8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BEB30D47-FE68-4338-9E42-2D12F880EC9D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{82BAC8C9-54AE-4126-AFC2-CA7D2D8CF7CF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B5F875B3-5C0B-42B4-BBD5-1D6F4FFA9DEB}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B514ADD8-72E6-4563-9431-ABA3664B5432}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4AB6FEDB-2805-410B-A5BF-5B006B666601}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9DCCDE2F-A819-411E-ABCE-D3BCC62C8A3D}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{38FD2499-4580-4F6A-8E33-73D5214ADA24}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{0C8AA0DB-7D92-404A-B635-31E285A379CD}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{95723219-E25D-4749-8316-47D937BDE8E5}] => (Allow) LPort=1688
FirewallRules: [{0D3319EB-B58A-4B5B-8CF2-0DFC4164A591}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{636BDD45-EE0D-4ABC-A707-50764A704872}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4BF95259-3592-4581-BB14-2A3835C98FFA}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe
FirewallRules: [{5B6F957A-ACBA-4BA9-9497-4CE32FB0B410}] => (Allow) C:\Program Files (x86)\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{ED2B1004-FAB3-40B8-82DA-FE5FA3287D2B}] => (Allow) C:\Program Files (x86)\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{99CE74C4-6C8A-4717-903C-23EB8F4E93DC}] => (Allow) C:\Program Files (x86)\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{BE239240-181E-4D74-B317-170C22B10F79}] => (Allow) C:\Program Files (x86)\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{54EBB861-F488-480C-90D1-5A97D628D511}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{814AA13E-A72D-4968-AC4F-DE258844553A}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{81B75C32-F5D5-488D-BAE9-AB01A7BF06D8}] => (Block) LPort=445
FirewallRules: [{DD0D7BDD-B448-4CCA-A5E0-F063743B3EEB}] => (Block) LPort=445
FirewallRules: [TCP Query User{9C8CF56C-F363-4E9C-A468-DB90875EB28F}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe
FirewallRules: [UDP Query User{B70DA7E1-0CC4-4BD4-BF75-E408EFD0AE8D}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe
FirewallRules: [{59987711-7F7D-4D7E-88B8-8A4AFA3463CC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{5DF03CEB-C155-415D-8A5A-D6CFDB55DB5F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{EE2D37F0-CFC9-4B37-A243-8458CC23888E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{AEFB6CAD-DB74-4DE6-868F-037AE66E30C1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{DA4B9FA0-6080-4104-93A8-744D21CDB1E7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{A31AF97D-E530-48BB-9427-81D926B34A17}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{562A3260-999A-49EE-A2E0-61FAF07A1ACA}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{F513292F-F653-423B-8D15-8107450EEBED}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{18B325B7-D119-4DCB-98B3-0A191359811D}] => (Allow) M:0\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F7E8C1CE-15B0-42A0-8232-5770DB14B693}] => (Allow) M:0\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7F410697-D9DC-40B1-A48D-805E40711EF5}] => (Block) M:0\Steam\Steam.exe
FirewallRules: [{E9A901E0-99BD-4895-8C91-7D28F936C4C0}] => (Block) M:0\Steam\Steam.exe
FirewallRules: [{C94F088C-CA90-450E-A46C-33B13A63FF1A}] => (Allow) J:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{5D2F2089-F402-4B96-A279-A8215AFF80AD}] => (Allow) J:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{0F8CDA7E-5A39-4BF0-BF58-F284FB30B5D2}] => (Allow) J:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{5633B313-DB98-48A5-8321-DA01A53AF585}] => (Allow) J:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{1442C884-50C1-4517-BBDA-1485092FFD35}] => (Allow) J:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{E84CE93D-CE6F-4371-A0D4-FD168AF3F3C0}] => (Allow) J:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe

==================== Restore Points =========================

21-07-2017 16:55:20 Windows Update
21-07-2017 16:57:06 Windows Update
21-07-2017 17:23:12 Windows Update
21-07-2017 20:56:40 Acronis True Image wird installiert

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Webcam 
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN-Miniport (IPv6)
Description: WAN-Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom 4321AG 802.11a/b/g/n Wi-Fi Adapter
Description: Broadcom 4321AG 802.11a/b/g/n Wi-Fi Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Windscribe VPN
Description: Windscribe VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Windscribe.com
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/22/2017 10:53:27 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.

Error: (07/22/2017 10:53:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Event-ID 8198

Error: (07/22/2017 01:48:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm egui.exe, Version 10.0.386.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a24

Startzeit: 01d30258231210bc

Endzeit: 60000

Anwendungspfad: C:\Program Files\ESET\ESET Internet Security\egui.exe

Berichts-ID: c402f646-6e6e-11e7-9e52-001eecb76515

Error: (07/21/2017 09:33:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Event-ID 8193

Error: (07/21/2017 05:28:00 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Event-ID 8193

Error: (07/21/2017 05:05:12 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Event-ID 8193

Error: (07/21/2017 12:03:19 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Event-ID 8193

Error: (07/20/2017 03:20:58 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.

Error: (07/20/2017 03:20:58 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Event-ID 8198

Error: (07/19/2017 04:49:13 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Event-ID 8193


System errors:
=============
Error: (07/22/2017 01:00:41 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/21/2017 11:20:07 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 1.249.47.0

	Update Source: Microsoft Update Server

	Update Stage: Search

	Source Path: hxxp://www.microsoft.com

	Signature Type: AntiVirus

	Update Type: Full

	User: NT-AUTORITÄT\SYSTEM

	Current Engine Version: 

	Previous Engine Version: 1.1.14003.0

	Error code: 0x80070424

	Error description: Der angegebene Dienst ist kein installierter Dienst.

Error: (07/21/2017 09:33:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
prodrv06
prohlp02
prosync1
sfhlp01
VBoxNetAdp
VBoxNetLwf

Error: (07/21/2017 09:32:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/21/2017 09:29:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMService erreicht.

Error: (07/21/2017 09:27:24 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (07/21/2017 09:26:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/21/2017 09:26:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Acronis Scheduler2 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/21/2017 09:26:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/21/2017 09:26:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WindscribeService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-05-22 13:16:40.682
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\Codemasters\Race Driver 2\StarFuck\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2017-05-22 13:16:40.602
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\Codemasters\Race Driver 2\StarFuck\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2017-05-22 13:14:22.027
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\Codemasters\Race Driver 2\StarFuck\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2017-05-22 13:14:21.932
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\Codemasters\Race Driver 2\StarFuck\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2017-05-22 13:09:15.106
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\Codemasters\Race Driver 2\StarFuck\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2017-05-22 13:09:14.790
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\Codemasters\Race Driver 2\StarFuck\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2017-01-10 15:10:02.618
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume15\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18741_none_b54e921cc8e1f204\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-10 15:10:02.559
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume15\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18741_none_b54e921cc8e1f204\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-10 15:10:02.507
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume15\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18741_none_b54e921cc8e1f204\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-10 15:10:02.454
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume15\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18741_none_b54e921cc8e1f204\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 4092.96 MB
Available physical RAM: 1071.68 MB
Total Virtual: 8184.11 MB
Available Virtual: 4699.58 MB

==================== Drives ================================

Drive c: (***) (Fixed) (Total:60 GB) (Free:5.54 GB) NTFS
Drive d: (***) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (***) (Fixed) (Total:50 GB) (Free:16.48 GB) NTFS
Drive h: (***) (Fixed) (Total:47 GB) (Free:17.94 GB) NTFS
Drive i: (***) (Fixed) (Total:50 GB) (Free:10.96 GB) NTFS
Drive j: (***) (Fixed) (Total:47 GB) (Free:36.96 GB) NTFS
Drive m: (***) (Fixed) (Total:1.1 GB) (Free:0.72 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive v: (***) (Fixed) (Total:77.52 GB) (Free:53.28 GB) NTFS
Drive y: (***) (Fixed) (Total:50 GB) (Free:15.87 GB) NTFS
Drive z: (***) (Fixed) (Total:40 GB) (Free:11.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9BA8CFD1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450.2 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 0001242E)
Partition 1: (Active) - (Size=1.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=47 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=50.9 GB) - (Type=05)

==================== End of Addition.txt ============================
         
--- --- ---

--- --- ---

Antwort

Themen zu Windows 7: Update nicht möglich Code 80070424 "...kein installierter Dienst..."
andere, anfrage, auftrag, bezüglich, bild, code, diverse, fehler, fehlermeldung, forum, frage, hinweise, neuinstallation, nicht mehr, problem, rechners, recht, seite, seiten, suche, unterstützung, update, versuche, windows, windows 7, zweck




Ähnliche Themen: Windows 7: Update nicht möglich Code 80070424 "...kein installierter Dienst..."


  1. Offtopic zu " Keine WLAN verbindung mehr möglich nach Update auf Windows 10 1703! Schreibe vom Handy!"
    Mülltonne - 22.04.2017 (14)
  2. Offtopic2 zu " Keine WLAN verbindung mehr möglich nach Update auf Windows 10 1703! Schreibe vom Handy!"
    Mülltonne - 21.04.2017 (0)
  3. Der Dienst "Designs" auf "Lokaler Computer" konnte nicht gestartet werden. Fehler 1075: Der Abhängigkeitsdienst ist nicht vorhnanden ...
    Alles rund um Windows - 02.12.2016 (81)
  4. Google Chrome Erweiterung installieren nicht möglich: "Download interrupted", "Netzwerkfehler"
    Log-Analyse und Auswertung - 15.08.2016 (36)
  5. der angegeben dienst ist kein installierter dienst
    Plagegeister aller Art und deren Bekämpfung - 14.11.2015 (11)
  6. "Windows 7, Virenbefall, Internet Explorer 11 kein Update möglich,Spiele bei Origin stürzen ab
    Log-Analyse und Auswertung - 01.04.2015 (18)
  7. Kunden PC Virus *Der angegebene Dienst ist kein Installierter Dienst*
    Plagegeister aller Art und deren Bekämpfung - 11.03.2015 (16)
  8. Windows 7: "Windows-Verwaltungsinstrumentation"-Dienst startet nicht nach Trojanerbefall
    Log-Analyse und Auswertung - 15.06.2014 (15)
  9. Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"
    Log-Analyse und Auswertung - 15.04.2014 (17)
  10. Der Dienst "Arbeitssatationdienst" auf lokalen Computer konnte nicht gestartet werden. Fehler 2: Das System kann die angegebende Datei nicht
    Plagegeister aller Art und deren Bekämpfung - 30.07.2013 (2)
  11. Der angegebene Dienst ist kein installierter Dienst.
    Plagegeister aller Art und deren Bekämpfung - 07.03.2013 (29)
  12. Dienst "Windows-Sicherheitscenter" lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 21.06.2011 (21)
  13. Kein internet mehr nach automatisch installierter "anti"-virus software
    Plagegeister aller Art und deren Bekämpfung - 10.07.2010 (1)
  14. Windows Update Dienst bleibt im Status "wird gestartet" stehen
    Alles rund um Windows - 05.06.2010 (0)
  15. "Der angegebene Dienst ist kein istallierter Dienst."
    Plagegeister aller Art und deren Bekämpfung - 29.07.2009 (0)
  16. kein windows & antivir update mehr möglich - antivir findet nichts "böses"
    Plagegeister aller Art und deren Bekämpfung - 02.12.2008 (1)
  17. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)

Zum Thema Windows 7: Update nicht möglich Code 80070424 "...kein installierter Dienst..." - Zitat: Zitat von cosinus ENTERPRISE Editionen sind normalerweise nur für Firmenkunden mit teuren Volumenlizenzverträgen. Ich hoffe ihr seid da keinem Betrüger auf den Leim gegangen. Nach meiner Recherche kann man - Windows 7: Update nicht möglich Code 80070424 "...kein installierter Dienst..."...
Archiv
Du betrachtest: Windows 7: Update nicht möglich Code 80070424 "...kein installierter Dienst..." auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.