[SOLVED] [10v1607b14393 x64] WU no longer working

[bastianr]

Hi,

Installation failed with error message "Error installing Windows 10". Attached the latest CBS.log.

View attachment CBS.zip

PS: I have selected not to install updates right now. I tried that option once as well, but it led to the same result and since there seems to be a problem re. updates anyway I thought it's probably better to upgrade straight away.

 

[Sysnative Windows Update]

Open Command Propmt as Administrator and enter the following:

dism /online /Get-Drivers

Let me know how it goes.

 

[bastianr]

Hi,

here's the output (unfortunately German):

Read More:

Tool zur Imageverwaltung für die Bereitstellung
Version: 10.0.14393.0

Abbildversion: 10.0.14393.0

Liste der Treiber von Drittanbietern wird aus dem Treiberspeicher abgerufen...


Fehler: 126

Fehler: Der Treiberspeicher für das Abbild konnte nicht geöffnet werden.

Die DISM-Protokolldatei befindet sich unter "C:\WINDOWS\Logs\DISM\dism.log".

Logfile attached:

View attachment dism.zip

 

[Sysnative Windows Update]

Could you translate?

 

[bastianr]

Hi,

it would be something like that:

Collecting list of third party drivers from driver storage...


Error: 126

Error: the driver storage for the image couldn’t be opened.

 

[Sysnative Windows Update]

Please zip/attach your c:\windows\system32\config\DRIVERS file.

 

[bastianr]

Please zip/attach your c:\windows\system32\config\DRIVERS file.

pls see attached

View attachment DRIVERS.zip

 

[Sysnative Windows Update]

Okay, please do this again, but run SFC and stop the trace when SFC fails.

[10v1607b14393 x64] WU no longer working

 

[bastianr]

Okay, please do this again, but run SFC and stop the trace when SFC fails.

[10v1607b14393 x64] WU no longer working

ok, pls see on Sendspace

 

[bastianr]

hi, any ideas?

 

[Sysnative Windows Update]

Hi, sorry about the delay. I'm going to need both the CBS.log and the ProcMon log, so please re-do the steps.

 

[bastianr]

Hi, sorry about the delay. I'm going to need both the CBS.log and the ProcMon log, so please re-do the steps.

ok, here we go:

View attachment Logfile and CBS.zip

 

[Sysnative Windows Update]

Step#1 - Export SideBySide

1. Click on the Start button and in the search box, type regedit
2. When you see regedit on the list, right-click on it and select Run as administrator
3. When regedit opens, using the left pane, navigate to the following registry key and select it by clicking on it once.
   
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide
   
4. Once selected, click File > Export....
5. Change the Save as type: to Registry Hive Files (*.*)
6. Name this file SxS (with no file extension) and save it to your Desktop.

Upload it to a filesharing service of your choice and provide the link.

 

[bastianr]

see attached

View attachment SxS.zip

 

[Sysnative Windows Update]

SFCFix Script

Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

1. Download SFCFix.exe (by niemiro) and save this to your Desktop.
2. Download the attached file, SFCFixScript.txt, and save this to your Desktop. Ensure that this file is named SFCFixScript.txt - do not rename it.
3. Save any open documents and close all open windows.
4. On your Desktop, you should see two files: SFCFix.exe and SFCFixScript.txt.
5. Drag the file SFCFixScript.txt onto the file SFCFix.exe and release it.
6. SFCFix will now process the script.
7. Upon completion, a log should be created on your Desktop: SFCFix.txt.
8. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this into your next post for me to analyse please - put [CODE][/CODE] tags around the log to break up the text.

 

[bastianr]

ok, this is done, output see below:

SFCFix version 3.0.0.0 by niemiro.
Start time: 2018-01-29 21:01:37.650
Microsoft Windows 10 Build 14393 - amd64
Using .txt script file at D:\Downloads\SFCFixScript.txt [0]




FileScan::
[0: 1] C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\sqmapi.dll
File is untraceable.
 Found: 77hfOH3qIscINmLj1zwHfFJO+RqzEgILSQVHXdoMHX8=
 Found: 6.1.7600.16385
Trace not available.



[1: 1] C:\ESD\Windows\sources\sqmapi.dll
File is untraceable.
 Found: 3jIj8tcjWPF1tE/wS7uNGCRypEOR+HBP26zLM8JscZQ=
 Found: 10.0.16299.15
Trace not available.



[2: 1] C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\PowerPivot Excel Add-in\sqmapi.dll
File is untraceable.
 Found: 3wkmDo/Jp3FShJZ6uRsxY+VY4cjzh9/7Rqthppy6ZLY=
 Found: 6.0.6000.16386
Trace not available.



[3: 1] C:\Program Files\Internet Explorer\sqmapi.dll
File is untraceable.
 Found: pq/IDvtNlYBgYcuB7lEPa/YeNCtLbSNoHGr+729MvEI=
 Found: 10.0.14393.0
Trace not available.



[4: 2] C:\Windows\WinSxS\amd64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_10.0.14393.0_none_1c00fee806184cf6\bcrypt.dll
File is untraceable.
 Found: 5xtw7AcKw8crpmRgGngXIrV2ek5XER0mLB/YAj6kkkw=
 Found: 10.0.14393.0
Trace not available.

 [C:\Windows\System32\bcrypt.dll]


[5: 2] C:\Windows\WinSxS\amd64_microsoft-windows-userenv_31bf3856ad364e35_10.0.14393.0_none_bdb4d5ee61f57e09\userenv.dll
File is untraceable.
 Found: lcy09Ui7/0DaeKw8vH69Ze1UvLiVPLD/3sY2Wk4WcDA=
 Found: 10.0.14393.0
Trace not available.

 [C:\Windows\System32\userenv.dll]


[6: 2] C:\Windows\SysWOW64\bcrypt.dll
File is untraceable.
 Found: AC5DeWLqi5/Aa1GIjUN62afpxBXk5g1vqSENISzagtA=
 Found: 10.0.14393.0
Trace not available.

 [C:\Windows\WinSxS\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_10.0.14393.0_none_2655a93a3a790ef1\bcrypt.dll]


[7: 2] C:\Windows\WinSxS\amd64_microsoft-windows-sqmapi_31bf3856ad364e35_10.0.14393.0_none_2bb21e881b80e212\sqmapi.dll
File is untraceable.
 Found: F3/DXeodzi+FG9lKds2ML+WpHknFlqDrhC9q/6cCQ34=
 Found: 10.0.14393.0
Trace not available.

 [C:\Windows\System32\sqmapi.dll]


[8: 1] C:\Program Files\Windows Portable Devices\sqmapi.dll
File is untraceable.
 Found: 71x9aidC+wz3Lv5G7giRkg9ZF+pUi4QSe7+nNBiIcFU=
 Found: 10.0.14393.0
Trace not available.



[9: 2] C:\Windows\WinSxS\wow64_microsoft-windows-i..p-ie-sqmapi-windows_31bf3856ad364e35_10.0.14393.0_none_421e2e920ac6cc50\sqmapi.dll
File is untraceable.
 Found: BauXXs1vJ4rt7FhkhRUjNMarln8El9Lstl61ImqqV8U=
 Found: 10.0.14393.0
Trace not available.

 [C:\Program Files (x86)\Internet Explorer\sqmapi.dll]


[10: 2] C:\Windows\WinSxS\wow64_microsoft-windows-media-format-sqm_31bf3856ad364e35_10.0.14393.0_none_91c4a422ea2472bc\sqmapi.dll
File is untraceable.
 Found: hSbdd4Ip5JkC2wLEU731JVmfvR1EMluZcHvCAyKOeq8=
 Found: 10.0.14393.0
Trace not available.

 [C:\Program Files (x86)\Windows Multimedia Platform\sqmapi.dll]


[11: 2] C:\Windows\SysWOW64\sqmapi.dll
File is untraceable.
 Found: bUmC3KSQYMeYBvThuSVaiTgO0wTBQgulnGvkkBEWMJc=
 Found: 10.0.14393.0
Trace not available.

 [C:\Windows\WinSxS\x86_microsoft-windows-sqmapi_31bf3856ad364e35_10.0.14393.0_none_cf938304632370dc\sqmapi.dll]


[12: 2] C:\Windows\WinSxS\wow64_microsoft-windows-wpd-portabledevicesqm_31bf3856ad364e35_10.0.14393.0_none_8abe8e8b3200295a\sqmapi.dll
File is untraceable.
 Found: llbnQHT2KUMPcB+Ro4keu8LMacQed9mMkXD2/Xt5M/E=
 Found: 10.0.14393.0
Trace not available.

 [C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll]


[13: 1] C:\Program Files\Windows Multimedia Platform\sqmapi.dll
File is untraceable.
 Found: rDkW+NR09oZAUkIFyznQ/vVCY0nCnnmDgjgXFgXOl94=
 Found: 10.0.14393.0
Trace not available.



[14: 2] C:\Windows\SysWOW64\userenv.dll
File is untraceable.
 Found: 9A5GixfltSOaUqNTOEBrDgN1FBdup5AJ6k9QNqC9NHw=
 Found: 10.0.14393.0
Trace not available.

 [C:\Windows\WinSxS\wow64_microsoft-windows-userenv_31bf3856ad364e35_10.0.14393.0_none_c809804096564004\userenv.dll]
FileScan:: directive completed successfully.




Successfully processed all directives.
SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2018-01-29 21:01:41.218
Script hash: aUppOMiKSjQNFHBX1Aew4quVl0ng7+wm91lIOWN7//A=
----------------------EOF-----------------------

 

[Sysnative Windows Update]

Step#1 - FRST Scan
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.

 

[bastianr]

see below:

FRST.txt

Read More:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
durchgeführt von info (Administrator) auf BASTIANSHP (03-02-2018 19:28:23)
Gestartet von D:\Downloads
Geladene Profile: info (Verfügbare Profile: info)
Platform: Windows 10 Pro Version 1607 14393.351 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows10Upgrade\Windows10UpgraderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.BingFinance_4.22.3254.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Money.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation)
HKLM\...\Run: [DeliveryAndStatusCheck] => C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe [301832 2015-11-10] (HP)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2017-12-21] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2412440 2016-08-16] ()
HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\RunOnce: [Uninstall 17.3.7131.1115\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64"
HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\RunOnce: [Uninstall 17.3.7131.1115] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.7131.1115"
HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\MountPoints2: {d75af832-d9f9-11e7-ba11-441ca8078480} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
Startup: C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-01-22]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2018-01-21]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk [2018-01-21]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume8autocheck autochk *

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5a710125-5ee5-4041-85b3-9ed129e37658}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d8f9f093-2fc5-47ad-9ca0-fe3e4d6fbb4e}: [DhcpNameServer] 172.22.222.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {46A2C0F8-B7F3-434F-9E20-8DBE7F9EA2AE} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3613961117-3782653508-4203305625-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3613961117-3782653508-4203305625-1001 -> {46A2C0F8-B7F3-434F-9E20-8DBE7F9EA2AE} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-23] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-23] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-22] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-22] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-23] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: Firefox
FF ProfilePath: D:\Einstellungen\Bastian\Firefox [2018-02-03]
FF Homepage: D:\Einstellungen\Bastian\Firefox -> hxxps://www.google.de/?gws_rd=ssl
FF NewTab: D:\Einstellungen\Bastian\Firefox -> hxxp://www.google.de
FF NetworkProxy: D:\Einstellungen\Bastian\Firefox -> backup.ftp", ""
FF Extension: (Logitech-Geräteerkennung) - D:\Einstellungen\Bastian\Firefox\Extensions\DeviceDetection@logitech.com [2016-07-08] [Legacy] [ist nicht signiert]
FF Extension: (LastPass: Free Password Manager) - D:\Einstellungen\Bastian\Firefox\Extensions\support@lastpass.com.xpi [2017-12-05]
FF Extension: (Microsoft .NET Framework Assistant) - D:\Einstellungen\Bastian\Firefox\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2016-07-08] [Legacy] [ist nicht signiert]
FF Extension: (Silver Skin) - D:\Einstellungen\Bastian\Firefox\Extensions\{2A10B180-05EF-11D9-8C50-444553540001} [2016-07-08] [Legacy] [ist nicht signiert]
FF SearchPlugin: D:\Einstellungen\Bastian\Firefox\searchplugins\Web Search.xml [2014-08-08]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-07-25] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-23] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128944 2017-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [492560 2018-01-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [492560 2018-01-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1526832 2017-12-13] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [444600 2017-12-21] (Avira Operations GmbH & Co. KG)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7780528 2018-01-15] (Microsoft Corporation)
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-08-18] (Intel Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-24] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2017-01-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-10-28] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [326656 2016-10-14] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-07-07] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-02] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266848 2016-12-27] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7184144 2016-07-06] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-10-28] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-18] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [178840 2017-12-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169376 2017-12-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [104688 2015-09-09] (Realtek Semiconductor Corporation)
S3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-18] (Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [50696 2015-08-18] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-18] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [92992 2018-01-21] (Sysinternals - Windows Sysinternals - Windows Sysinternals | Microsoft Docs)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2016-08-16] (Audials AG)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6895984 2017-08-17] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72792 2016-12-27] (Synaptics Incorporated)
S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [108896 2017-09-12] (Paragon Software GmbH)
S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [44904 2017-09-12] (Paragon Software GmbH)
S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [32832 2016-07-31] (HP)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-02-01 21:06 - 2018-02-01 21:06 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3613961117-3782653508-4203305625-1001
2018-02-01 21:06 - 2018-02-01 21:06 - 000002391 _____ C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-28 20:17 - 2018-01-28 20:17 - 000003238 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForinfo
2018-01-28 20:17 - 2018-01-28 20:17 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForinfo.job
2018-01-26 18:02 - 2018-01-26 18:02 - 000001204 _____ C:\Users\Public\Desktop\Avira.lnk
2018-01-26 16:10 - 2018-01-26 16:10 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-01-25 19:55 - 2018-01-25 19:55 - 000003970 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1508044829
2018-01-25 19:55 - 2018-01-25 19:55 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2018-01-23 15:10 - 2018-01-23 15:10 - 000000822 _____ C:\Users\info\Desktop\Windows 10-Update-Assistent.lnk
2018-01-21 23:54 - 2018-01-21 23:54 - 000092992 ____H (Sysinternals - Windows Sysinternals - Windows Sysinternals | Microsoft Docs) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
2018-01-21 23:54 - 2018-01-21 23:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-21 23:53 - 2018-01-21 23:53 - 000841308 _____ C:\WINDOWS\Minidump\012118-9359-01.dmp
2018-01-21 16:58 - 2018-01-21 16:58 - 000894836 _____ C:\WINDOWS\Minidump\012118-9140-01.dmp
2018-01-16 06:10 - 2018-01-16 06:10 - 000000000 ___HD C:\$Windows.~WS
2018-01-13 04:35 - 2018-01-13 04:35 - 000753844 _____ C:\WINDOWS\Minidump\011218-18265-01.dmp
2018-01-11 03:07 - 2018-01-11 03:07 - 000935484 _____ C:\WINDOWS\Minidump\011018-8921-01.dmp
2018-01-06 09:53 - 2018-01-06 09:53 - 000001457 _____ C:\Users\Public\Desktop\Paragon Festplatten Manager™ 16 Basic.lnk
2018-01-06 09:53 - 2018-01-06 09:53 - 000000000 ____D C:\ProgramData\Paragon
2018-01-06 09:53 - 2018-01-06 09:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Manager 16 Basic
2018-01-05 10:07 - 2018-01-22 00:02 - 000000407 _____ C:\Users\info\Desktop\sendspace.txt
2018-01-04 21:22 - 2018-01-04 21:22 - 000000000 ____D C:\Windows.old

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-02-03 19:28 - 2018-01-02 15:51 - 000000000 ____D C:\FRST
2018-02-03 19:28 - 2016-07-16 12:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-01 22:43 - 2016-11-19 19:54 - 000000000 ____D C:\Users\info\AppData\LocalLow\Mozilla
2018-02-01 22:43 - 2016-07-11 18:32 - 000000000 ____D C:\Users\info\AppData\Local\ElevatedDiagnostics
2018-02-01 21:50 - 2017-12-12 09:33 - 000000000 ____D C:\WINDOWS\Panther
2018-02-01 21:50 - 2017-09-30 16:15 - 000000000 ___HD C:\$WINDOWS.~BT
2018-02-01 21:48 - 2016-10-02 22:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-01 21:14 - 2016-10-02 22:27 - 010703630 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-01 21:14 - 2016-07-16 23:51 - 005309660 _____ C:\WINDOWS\system32\perfh007.dat
2018-02-01 21:14 - 2016-07-16 23:51 - 001456908 _____ C:\WINDOWS\system32\perfc007.dat
2018-02-01 21:06 - 2016-07-07 20:25 - 000000000 ___RD C:\Users\info\OneDrive
2018-02-01 21:04 - 2016-11-22 22:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-02-01 21:00 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-31 17:34 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-31 17:26 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-30 22:52 - 2017-03-20 14:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-30 22:52 - 2016-07-07 22:36 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-01-30 22:52 - 2016-07-07 22:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-29 21:01 - 2018-01-02 15:27 - 000008698 _____ C:\Users\info\Desktop\SFCFix.txt
2018-01-29 21:01 - 2018-01-02 15:27 - 000000000 ____D C:\SFCFix
2018-01-29 21:01 - 2018-01-02 15:23 - 000000000 ____D C:\Users\info\AppData\Local\niemiro
2018-01-28 21:47 - 2016-07-08 05:39 - 000000000 ____D C:\Users\info\AppData\Local\CloudStation
2018-01-26 22:28 - 2016-07-07 20:20 - 000000000 ____D C:\Users\info\AppData\Local\Packages
2018-01-26 18:02 - 2016-07-07 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-01-26 18:02 - 2016-02-22 07:25 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-26 16:13 - 2017-10-15 08:52 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-26 16:13 - 2016-07-08 05:46 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-26 16:13 - 2016-07-08 05:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-26 16:10 - 2017-08-21 19:36 - 000000000 ____D C:\Program Files\rempl
2018-01-26 15:29 - 2016-12-27 22:52 - 000000000 ____D C:\Users\info\AppData\Local\CrashDumps
2018-01-26 15:15 - 2016-07-16 12:45 - 000000000 ____D C:\WINDOWS\INF
2018-01-25 19:55 - 2017-10-15 06:20 - 000000000 ____D C:\Program Files\Opera
2018-01-23 21:27 - 2016-07-10 12:31 - 000000600 _____ C:\Users\info\AppData\Local\PUTTY.RND
2018-01-23 17:37 - 2017-12-12 09:14 - 000000000 ___HD C:\$GetCurrent
2018-01-23 17:37 - 2016-10-02 22:37 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2018-01-23 17:37 - 2016-10-02 22:37 - 000001908 _____ C:\WINDOWS\diagerr.xml
2018-01-23 15:52 - 2017-12-12 09:28 - 000000036 _____ C:\WINDOWS\progress.ini
2018-01-23 15:52 - 2017-12-12 09:14 - 000000000 ____D C:\Windows10Upgrade
2018-01-23 15:27 - 2016-07-16 12:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-23 15:25 - 2016-02-22 07:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-23 15:10 - 2017-12-12 09:14 - 000000834 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Update-Assistent.lnk
2018-01-22 06:18 - 2016-07-08 21:54 - 000000000 ____D C:\Users\info\AppData\Roaming\vlc
2018-01-21 23:54 - 2016-10-02 22:27 - 000000000 ____D C:\Users\info
2018-01-21 23:54 - 2016-07-07 20:20 - 000000000 __SHD C:\Users\info\IntelGraphicsProfiles
2018-01-21 23:53 - 2016-12-13 21:39 - 000000000 ____D C:\WINDOWS\Minidump
2018-01-21 23:53 - 2016-10-02 22:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-17 05:54 - 2016-07-16 07:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-01-16 06:21 - 2016-07-08 18:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-01-10 02:29 - 2016-10-02 22:36 - 000004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-01-10 02:29 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-10 02:29 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-09 03:27 - 2016-10-02 22:26 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-01-08 05:30 - 2016-10-02 22:25 - 000360712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-06 09:53 - 2016-07-14 11:18 - 000000000 ____D C:\Program Files\Paragon Software
2018-01-06 09:05 - 2017-12-28 12:04 - 000000000 ____D C:\ESD
2018-01-04 22:16 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-08-10 22:07 - 2017-08-10 22:07 - 000000061 _____ () C:\Users\info\AppData\Roaming\advinator.ini
2016-01-30 20:22 - 2017-08-10 22:07 - 000009923 _____ () C:\Users\info\AppData\Roaming\advo.tmp
2016-07-10 19:55 - 2016-07-10 20:31 - 000000166 _____ () C:\Users\info\AppData\Roaming\pdfshaper.ini
2016-05-11 06:57 - 2016-05-11 06:57 - 000001510 _____ () C:\Users\info\AppData\Roaming\tiers3.dat
2016-07-07 20:20 - 2018-02-03 19:25 - 020720403 _____ () C:\Users\info\AppData\Local\BTServer.log
2016-07-10 12:31 - 2018-01-23 21:27 - 000000600 _____ () C:\Users\info\AppData\Local\PUTTY.RND
2016-07-13 21:47 - 2016-07-13 21:47 - 000007621 _____ () C:\Users\info\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
2017-12-27 13:59 - 2018-01-23 15:10 - 006242320 _____ (Microsoft Corporation) C:\Users\info\AppData\Local\Temp\Windows10Upgrade.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-01-28 21:03

==================== Ende von FRST.txt ============================

Addition.txt

Read More:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27.01.2018
durchgeführt von info (03-02-2018 19:29:31)
Gestartet von D:\Downloads
Windows 10 Pro Version 1607 14393.351 (X64) (2016-10-02 21:37:50)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3613961117-3782653508-4203305625-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3613961117-3782653508-4203305625-503 - Limited - Disabled)
Gast (S-1-5-21-3613961117-3782653508-4203305625-501 - Limited - Disabled)
info (S-1-5-21-3613961117-3782653508-4203305625-1001 - Administrator - Enabled) => C:\Users\info

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat XI Standard (HKLM-x32\...\{AC76BA86-1033-FFFF-BA7E-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Audials (HKLM-x32\...\{CD32693F-B911-4A01-9B7C-8045728EEFA4}) (Version: 12.1.10800.0 - Audials AG)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira (HKLM-x32\...\{518c54f5-fd43-4aa6-936b-8d7fd8c85cbd}) (Version: 1.2.103.26908 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{E3F659C3-7936-4321-B886-4DA527DA72FE}) (Version: 1.2.103.26908 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.34.17 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - Ihr Firmenname) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - Ihr Firmenname) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4627 - CyberLink Corp.)
Debugging Tools for Windows (x86) (HKLM-x32\...\{48F95CE7-69D9-4967-81F7-D763CABFBD53}) (Version: 6.10.3.233 - Microsoft Corporation)
Deutsche Post E-Porto (HKLM\...\{3EE2A98B-F08D-4B38-8C02-85FEFC0111D0}) (Version: 3.0.0 - Deutsche Post AG)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Discover HP Touchpoint Manager (HKLM-x32\...\{0B100034-B9FF-4F2E-8DF2-EC2E77FB2916}) (Version: 1.0.17.1 - Hewlett-Packard Company)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
G-DRG-Report-Browser 2016 (HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\8388a01718040237) (Version: 1.0.0.2 - Institut für das Entgeltsystem im Krankenhaus GmbH (InEK))
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.8.47.1 - HP)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{9f63698a-6f92-4dd3-be96-6a75e3672dae}) (Version: 18.30.0000.3514 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{a47edec4-fa11-4d02-b329-4424d0197af8}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Microsoft Access Runtime 2013 (HKLM\...\Office15.AccessRT) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8827.2148 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 58.0.1 (x64 de) (HKLM\...\Mozilla Firefox 58.0.1 (x64 de)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.1.6602 - Mozilla)
Mozilla Thunderbird 52.5.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.5.2 (x86 de)) (Version: 52.5.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
Paragon Festplatten Manager™ 16 Basic (HKLM-x32\...\{fe943fbc-c476-4a8f-8192-34a6b0fcc930}) (Version: 10.9.0.1557 - Paragon Software GmbH)
Paragon Hard Disk Manager™ 16 Basic (HKLM\...\{D6539454-2F18-4E92-ACAB-1DB963C4C531}) (Version: 10.9.0.1557 - Paragon Software) Hidden
Paragon UIM (HKLM\...\{31A11F5B-6A59-4096-8248-61F4C66DAC18}) (Version: 22.14.0.111 - Paragon Software) Hidden
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 7 - Philipp Winterberg)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.48 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.64 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung )
Studie zur Verbesserung von HP Officejet 6700 Produkten (HKLM\...\{4EE2A4CB-47B0-4412-808C-D556E3940598}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.45 - Synaptics Incorporated)
Synology Cloud Station Drive (HKLM-x32\...\{57ECBC60-8BFC-43C2-8C9C-5EF3B098A323}) (Version: 4.1.4224 - Synology)
TAXMAN 2017 (HKLM-x32\...\{BBF23ABC-E31E-4DAA-B2AA-8B660C5A6D45}) (Version: 22.30.70 - Haufe-Lexware GmbH & Co.KG)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.62308 - TeamViewer)
Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - )
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Update for Skype for Business 2015 (KB4011284) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.AccessRT_{0CFCD910-8950-4626-80EB-AA0B64A186E8}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
USB/DVD-Downloadtool für Windows 7 (HKLM-x32\...\{7D6DDE45-FE2F-4D11-A7E7-BC2C2910536C}) (Version: 1.0.30 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinDirStat 1.1.2 (HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\WinDirStat) (Version: - )
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3613961117-3782653508-4203305625-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3613961117-3782653508-4203305625-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3613961117-3782653508-4203305625-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3613961117-3782653508-4203305625-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3613961117-3782653508-4203305625-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3613961117-3782653508-4203305625-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-07-08] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-07-08] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-07-08] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-07-08] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-07-08] (TODO: <Company name>)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-13] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-13] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-13] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3613961117-3782653508-4203305625-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll [2016-07-08] ()
ContextMenuHandlers6_S-1-5-21-3613961117-3782653508-4203305625-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll [2016-07-08] ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02FBC8C7-3C61-4680-93C0-72BD490E1E7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-01-10] (HP Inc.)
Task: {0691E5A2-9FC3-4A2A-987B-7D8860333D87} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {2445003E-B318-4CFB-ACEA-D6CFCCEA3495} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-18] ()
Task: {4BD0870C-5DD2-4A3F-B8F5-CD9187D72720} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-23] (Microsoft Corporation)
Task: {4D4B51FA-8C50-418B-80FC-6BEC4FE1A11B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {5148310D-2EC0-407E-B072-6029897B4D50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {64DACA48-A28D-4419-80D8-2BE32BF6EC02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {6F66ADBF-B737-4283-AC9F-3F7B72AC3016} - System32\Tasks\HPCeeScheduleForinfo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {712E0325-0EB9-48D7-81E9-B1EA6E998F73} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {73A8EFE0-320B-4DED-8883-CC5F338BB922} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {86D56271-BD53-4CCB-9CE1-92DD9D92EB7E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-07-07] (AVAST Software)
Task: {8BD71426-91EE-4E6B-940C-33BE5405C4C3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-23] (Microsoft Corporation)
Task: {9919BADF-429F-49C5-8A98-B77EC3DF8689} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-12-13] (Avira Operations GmbH & Co. KG)
Task: {9EAE30F9-0F94-4B85-8B2B-FD0E0E4733CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {9FA40F96-265B-4BEC-9F78-C5A60975DF8D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {A8E6A70D-04E0-43D7-8956-2FD9689F1CEF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-23] (Microsoft Corporation)
Task: {B35F205B-1C87-434F-8205-C45B656D4D3E} - System32\Tasks\Rechnungsinfo => D:\Dokumente\Bastian\Versicherungen\Krankenversicherung\#Rechnungsverwaltung\reminder.vbs [2016-07-18] ()
Task: {C491CCC7-D0E8-449D-85A7-667DB9C38DAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {D24D1756-DE33-48BE-AE37-DC67AD87FF39} - System32\Tasks\Opera scheduled Autoupdate 1508044829 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
Task: {F2DFAEAE-ABD2-4D0A-98A2-F969C34A8269} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-10-29] (CyberLink Corp.)
Task: {F56B21EF-3510-4585-8434-9B7F2AD587B0} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-07-07] (AVAST Software)
Task: {FA10186A-718A-495E-99F9-2C353743B951} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-23] (Microsoft Corporation)
Task: {FB5B6FE1-4061-477C-BAE0-8D59F73AA151} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForinfo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.booking.com/index.html?aid=398438&label=square

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-02 23:19 - 2016-10-02 23:19 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-08 23:44 - 2017-05-08 23:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-08 23:44 - 2017-05-08 23:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-22 07:29 - 2015-11-19 15:44 - 000127192 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-07-04 09:17 - 2016-07-04 09:17 - 000287256 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2016-07-07 20:23 - 2016-07-07 20:24 - 000592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-02-22 07:49 - 2014-04-14 18:59 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-12-06 17:17 - 2016-12-06 17:17 - 000052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-07-08 05:39 - 2016-07-08 05:39 - 001249792 _____ () C:\Users\info\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll
2017-04-23 11:55 - 2017-04-23 11:55 - 002151632 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-04-23 11:55 - 2017-04-23 11:55 - 000381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2016-10-02 23:19 - 2016-10-02 23:19 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-11 22:15 - 2016-10-05 10:35 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-11 22:15 - 2016-10-05 10:34 - 000693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-05-09 02:05 - 2017-05-09 02:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-09 02:05 - 2017-05-09 02:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2016-08-16 15:25 - 2016-08-16 15:25 - 002412440 _____ () C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
2018-01-25 19:56 - 2018-01-25 19:56 - 000017408 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.22.3254.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Money.exe
2018-01-25 19:56 - 2018-01-25 19:56 - 018060288 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.22.3254.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Money.dll
2018-01-25 19:58 - 2018-01-25 19:58 - 005176200 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1801.1.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-07-08 05:55 - 2016-07-08 05:55 - 000291328 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.22.3254.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-10-27 22:34 - 2016-10-15 04:41 - 009760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-27 22:35 - 2016-10-15 04:34 - 001401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-27 22:34 - 2016-10-15 04:34 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-27 22:34 - 2016-10-15 04:34 - 002424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-27 22:34 - 2016-10-15 04:38 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2018-01-31 17:34 - 2018-01-31 17:34 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-31 17:34 - 2018-01-31 17:34 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-31 17:34 - 2018-01-31 17:34 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-31 17:34 - 2018-01-31 17:34 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-31 17:34 - 2018-01-31 17:34 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000361984 _____ () C:\WINDOWS\SYSTEM32\HrtfApo.dll
2017-08-17 20:05 - 2017-08-17 20:05 - 000019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-08-17 20:05 - 2017-08-17 20:05 - 028986880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-08-17 20:05 - 2017-08-17 20:05 - 000428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-08-17 20:05 - 2017-08-17 20:05 - 020510208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-08-17 20:05 - 2017-08-17 20:05 - 002339328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-08-17 20:05 - 2017-08-17 20:05 - 003041792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-06-08 20:08 - 2017-06-08 20:08 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-16 21:34 - 2017-06-16 21:35 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-08-17 20:05 - 2017-08-17 20:05 - 001361920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2016-08-16 15:25 - 2016-08-16 15:25 - 000049424 _____ () C:\Program Files (x86)\Audials\Audials 12\boost_thread-vc90-mt-1_39.dll
2016-08-16 15:25 - 2016-08-16 15:25 - 000048400 _____ () C:\Program Files (x86)\Audials\Audials 12\boost_date_time-vc90-mt-1_39.dll
2016-08-16 15:25 - 2016-08-16 15:25 - 000068504 _____ () C:\Program Files (x86)\Audials\Audials 12\CrashRpt.dll
2016-08-16 15:25 - 2016-08-16 15:25 - 000580504 _____ () C:\Program Files (x86)\Audials\Audials 12\SQLite3.dll
2016-08-16 15:25 - 2016-08-16 15:25 - 000545176 _____ () C:\Program Files (x86)\Audials\Audials 12\StreamingClient.dll
2016-08-16 15:25 - 2016-08-16 15:25 - 000618256 _____ () C:\Program Files (x86)\Audials\Audials 12\boost_regex-vc90-mt-1_39.dll
2016-08-16 15:25 - 2016-08-16 15:25 - 000016144 _____ () C:\Program Files (x86)\Audials\Audials 12\boost_system-vc90-mt-1_39.dll
2016-10-07 06:26 - 2016-10-07 06:26 - 000314880 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\c729a142a6f50d63a8e98a908b443ce5\Utils.ni.dll
2016-10-07 06:26 - 2016-10-07 06:26 - 000650752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\fb0cfd1170efe3e4d89b43ab7772abe5\ManagedInterfaces.ni.dll
2016-10-14 23:22 - 2016-10-14 23:22 - 003792384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsComponents\99cdc5b365c9ef65a2a446ccd2dbc419\AudialsComponents.ni.dll
2016-10-07 06:26 - 2016-10-07 06:26 - 000692736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RSControls\9bf3711c0f8de8f0010d580568f0a910\RSControls.ni.dll
2016-10-07 06:26 - 2016-10-07 06:26 - 000177152 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\328057f119e0af2c92c44a475fdda04d\fastJSON.ni.dll
2016-10-07 06:26 - 2016-10-07 06:26 - 000062464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CrashHandlerNET\a68af5e6e5d69b9e255d6b41d82c7688\CrashHandlerNET.ni.dll
2016-08-16 15:25 - 2016-08-16 15:25 - 000040856 _____ () C:\Program Files (x86)\Audials\Audials 12\CrashHandlerNET.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2017-06-07 06:52 - 2013-07-24 08:24 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-12-06 17:17 - 2016-12-06 17:17 - 000048304 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\sharepoint.com -> hxxps://westpharmaceutical-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKU\S-1-5-21-3613961117-3782653508-4203305625-1001\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4DBC1C73-A4C4-4E63-8743-FA03154C6EDE}] => (Allow) LPort=31931
FirewallRules: [{69484464-664E-42B0-BEDC-983DDD2CDB2F}] => (Allow) LPort=14714
FirewallRules: [{CA29AF0C-57DB-4A24-8A8A-3DEC8A54C7E4}] => (Allow) LPort=12972
FirewallRules: [{B592A81C-4829-4877-B3AF-1FFE66896453}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{A39E0303-A483-41DE-A568-B5FED4DC8A23}] => (Block) C:\program files\tftpd64\tftpd64.exe
FirewallRules: [{B102037B-BAA1-4446-878D-23C3CD3F4F52}] => (Block) C:\program files\tftpd64\tftpd64.exe
FirewallRules: [UDP Query User{8C843249-EBF2-4189-84A6-ADEF84F0D394}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe
FirewallRules: [TCP Query User{2186B838-FAF3-46B6-8ABA-4143C4E159CC}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe
FirewallRules: [{486F70E2-A405-4EFC-A171-44054EDC6243}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{BA9B7E2E-5651-49F9-A64C-180BC0F05F39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{80E146F9-0EE9-4A0E-BBF6-214411E1B0DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FA73504B-5C59-464C-9A19-1F79810F14EE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{15072161-D24D-4F04-AC2F-4177B5F6484C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{78765D0A-8C4A-4336-AA79-8FE766DE5D89}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A1EA0371-80F2-4A46-8019-2003F3C81B1C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA83AE2E-F87E-423A-B6C2-172187498314}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{882610F4-E56A-4DEF-A47C-E343F7340A0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6BE9CBC7-917B-4757-BFF8-45AA90AD6E76}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D14DB801-C25E-4949-B7BF-AC877E05C95A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1824F625-CEB4-4F29-9F2E-BDB34723CD9E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D78902A8-CBF0-4668-A32B-FF04847D2586}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [TCP Query User{EF9B293E-9993-49B5-8A98-DB4632604CB8}C:\users\info\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\info\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [UDP Query User{32B8CA92-C24A-4090-96F0-1FEF81E28E94}C:\users\info\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\info\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [{906CB555-9369-44BF-9B88-F3D33D7AF0AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8C7BA1FF-7DE6-4D4A-8BBF-BD8E35B491E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CBC7133B-FE5A-4168-AF94-2532ACAE35B5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D4B604B1-622A-4179-9493-8FC8E58BE6D4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{569A3E13-448A-4323-9D12-9DFC7FE52931}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [UDP Query User{FB5DEE2D-460C-4593-9204-5E4118278750}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [{F4CFBFEC-BD7D-4F94-9702-BB700B80C56A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C45CCEFE-502E-47A3-97CD-251E93323152}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{497F1B4A-80B8-4B7B-A480-2D2346988808}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6E3190BA-9613-419B-AC9C-7FC10115F545}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0956EE21-5DB7-405C-9DCB-082396E1E1CC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1126A94D-3CEF-4D9E-A6F0-DCD2DEE5E879}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{12714A66-4AA0-488B-A543-1A276439903C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{B2FE93CD-43B4-43CD-9516-91570672A8DA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{ECA13554-2E5D-417B-BF7F-CDDC0163D99C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{AEA4ECC8-D095-49A9-AA1E-77C5CF8E4304}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{8674F9C8-8846-4404-B7DF-51C08324218D}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{C84F5229-3B77-4FA9-B0A9-7F1BF61586A4}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{2AA29A24-2DDF-4513-A4C9-BDF24AC29A35}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{043121D9-847C-44C7-BFBF-F73E4BB0F06D}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{7E8BA21B-12B0-49F2-82BA-C7C80C4F1F64}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{DB6AF0F2-9F38-452F-BE78-CC38629DA37E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{40CEEA16-744A-486F-929B-57563EE78DEB}] => (Allow) C:\Program Files\Opera\49.0.2725.64\opera.exe
FirewallRules: [TCP Query User{7A943625-9625-4161-A7B5-53BC2F67DF07}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{141B3509-B5A6-40AD-B0E9-63DB0FAE2CDC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5F41447D-B7D3-422A-B7A2-44CE845D3B0C}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe

==================== Wiederherstellungspunkte =========================

26-01-2018 16:10:03 Windows Update
29-01-2018 20:29:40 Windows Update
01-02-2018 21:20:02 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/01/2018 09:20:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/30/2018 10:05:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASTIANSHP)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/29/2018 08:29:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/28/2018 10:23:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/28/2018 10:23:50 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (01/28/2018 10:23:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/28/2018 10:23:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/28/2018 10:23:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/28/2018 10:23:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/28/2018 10:23:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst ".NETFramework" in der DLL "C:\WINDOWS\system32\mscoree.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


Systemfehler:
=============
Error: (02/03/2018 07:25:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/01/2018 09:50:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Update für Windows 10 Version 1607 für x64-Systeme (KB4033631)

Error: (02/01/2018 09:50:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007007e fehlgeschlagen: Funktionsupdate für Windows 10, Version 1709

Error: (02/01/2018 09:20:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Update für Windows 10 Version 1607 für x64-Systeme (KB4033631)

Error: (02/01/2018 09:19:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Funktionsupdate für Windows 10, Version 1709

Error: (02/01/2018 09:00:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/31/2018 05:25:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/30/2018 10:04:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Update für Windows 10 Version 1607 für x64-Systeme (KB4033631)

Error: (01/30/2018 10:04:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007007e fehlgeschlagen: Funktionsupdate für Windows 10, Version 1709

Error: (01/30/2018 09:22:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Update für Windows 10 Version 1607 für x64-Systeme (KB4033631)


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 82%
Installierter physikalischer RAM: 4011.39 MB
Verfügbarer physikalischer RAM: 690.09 MB
Summe virtueller Speicher: 7908.41 MB
Verfügbarer virtueller Speicher: 2471.86 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:106.92 GB) (Free:13.54 GB) NTFS
Drive d: (Daten) (Fixed) (Total:357.06 GB) (Free:126.05 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F320F94F)

Partition: GPT.

==================== Ende von Addition.txt ============================

 

[Sysnative Windows Update]

OK. When you check for updates, what updates show up as needed to be installed?

 

[bastianr]

seems to be always the same two that it tries to install alternately

• KB4049411
• KB4033631