So anbei nochmal frisch erstellt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2015
Ran by Riehl (administrator) on RIEHL-PC on 11-06-2015 12:02:48
Running from C:\Users\Riehl\Downloads
Loaded Profiles: Riehl & Acronis Agent User (Available Profiles: Riehl & Acronis Agent User)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Acronis) C:\Program Files\Common Files\Acronis\Agent\agent.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Acronis\ARSM\arsm.exe
(AVM Berlin) C:\Program Files\Common Files\AVM\De_serv.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Acronis) C:\Program Files\Acronis\BackupAndRecovery\mms.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Program Files\Acronis\TrayMonitor\TrayMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dropbox, Inc.) C:\Users\Riehl\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVM Berlin) C:\Program Files\Fritz!\FriFax32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\Game til you Die\game_til_you_die_helper_service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Acronis) C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\act.exe
(Acronis) C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\service_process.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [396680 2013-04-04] (Acronis)
HKLM\...\Run: [BackupAndRecoveryMonitor.exe] => C:\Program Files\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe [1562296 2013-04-04] (Acronis)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104608 2013-01-22] (Acronis)
HKLM\...\Run: [TrayMonitor.exe] => C:\Program Files\Acronis\TrayMonitor\TrayMonitor.exe [1492664 2013-04-04] (Acronis)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1505144 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1468256 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2015-01-28] (ESET)
HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6278424 2015-04-23] (Piriform Ltd)
Startup: C:\Users\Riehl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-22]
ShortcutTarget: Dropbox.lnk -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Riehl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!fax.lnk [2014-03-03]
ShortcutTarget: FRITZ!fax.lnk -> C:\Program Files\Fritz!\FriFax32.exe (AVM Berlin)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1956295977-2440402935-1114064478-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKU\S-1-5-21-1956295977-2440402935-1114064478-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-15] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-15] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.77.253
Tcpip\..\Interfaces\{E18D4E09-AD6C-4156-9375-44EDC8C95F81}: [NameServer] 192.168.120.252,192.168.120.253
FireFox:
========
FF ProfilePath: C:\Users\Riehl\AppData\Roaming\Mozilla\Firefox\Profiles\mfu8zyb6.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Users\Riehl\Desktop\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files\Synology\SurveillanceHelper\1.0.0.3\npSurveillanceHelper.dll [2013-11-11] (Synology)
FF Plugin: synology.com/SurveillancePlugin -> C:\Program Files\Synology\SurveillancePlugin\1.0.0.64\npSurveillancePlugin.dll [2013-11-26] (Synology)
FF Extension: Adblock Plus - C:\Users\Riehl\AppData\Roaming\Mozilla\Firefox\Profiles\mfu8zyb6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-30]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\Riehl\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Riehl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-08]
CHR Extension: (Google Drive) - C:\Users\Riehl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-08]
CHR Extension: (YouTube) - C:\Users\Riehl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-08]
CHR Extension: (Google Search) - C:\Users\Riehl\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-08]
CHR Extension: (Bookmark Manager) - C:\Users\Riehl\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Riehl\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Riehl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-08]
CHR Extension: (Gmail) - C:\Users\Riehl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-08]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcronisAgent; C:\Program Files\Common Files\Acronis\Agent\agent.exe [2059256 2012-12-29] (Acronis)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [802272 2013-04-04] (Acronis)
R2 ARSM; C:\Program Files\Acronis\ARSM\arsm.exe [5847944 2013-04-04] (Acronis)
R2 de_serv; C:\Program Files\Common Files\AVM\de_serv.exe [206128 2007-10-25] (AVM Berlin)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2015-01-28] (ESET)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 MMS; C:\Program Files\Acronis\BackupAndRecovery\mms.exe [10349448 2013-04-04] (Acronis)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [296200 2013-08-09] (SafeNet Inc.)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64000 2009-07-14] (AVM GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [193464 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135808 2015-03-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123424 2015-03-10] (ESET)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [559104 2009-07-14] (AVM Berlin)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 NETFRITZ; C:\Windows\System32\DRIVERS\NETFRITZ.SYS [334640 2007-10-25] (AVM Berlin)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736312 2014-03-02] (Acronis)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2014-03-02] (Acronis)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-11 12:02 - 2015-06-11 12:02 - 00000000 ____D C:\Users\Riehl\Downloads\FRST-OlderVersion
2015-06-10 18:49 - 2015-05-28 02:45 - 01763328 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 18:49 - 2015-05-28 02:45 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 18:49 - 2015-05-28 02:45 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 18:49 - 2015-05-28 02:45 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 18:49 - 2015-05-28 02:44 - 14383104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 18:49 - 2015-05-28 02:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 18:49 - 2015-05-28 02:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 18:49 - 2015-05-28 02:44 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 13771776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 18:49 - 2015-05-28 02:43 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 18:49 - 2015-05-28 02:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 18:49 - 2015-05-28 02:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 18:49 - 2015-05-28 01:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 18:49 - 2015-05-28 01:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-06-10 18:43 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 18:43 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 18:43 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 18:43 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 18:43 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:59 - 2015-06-10 15:59 - 00659968 _____ C:\Users\Riehl\Downloads\MicrosoftFixit50195.msi
2015-06-10 15:38 - 2015-06-10 16:17 - 00000000 ____D C:\Users\Riehl\AppData\Roaming\AVAST Software
2015-06-10 15:36 - 2015-06-10 15:36 - 03821240 _____ (AVAST Software) C:\Users\Riehl\Downloads\avast-browser-cleanup-sfx.exe
2015-06-08 09:01 - 2015-06-08 09:01 - 00000348 _____ C:\Windows\PFRO.log
2015-06-03 10:08 - 2015-06-08 09:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-03 08:55 - 2015-06-03 08:55 - 00000000 ____D C:\Users\Riehl\AppData\Local\GWX
2015-06-01 08:55 - 2015-06-11 08:55 - 00001568 _____ C:\Windows\setupact.log
2015-06-01 08:55 - 2015-06-01 08:55 - 00000000 _____ C:\Windows\setuperr.log
2015-05-30 11:09 - 2015-06-11 12:04 - 00017561 _____ C:\Users\Riehl\Downloads\FRST.txt
2015-05-30 11:09 - 2015-06-11 12:03 - 00000000 ____D C:\FRST
2015-05-30 11:09 - 2015-05-30 11:10 - 00037121 _____ C:\Users\Riehl\Downloads\Addition.txt
2015-05-30 11:08 - 2015-06-11 12:02 - 01147904 _____ (Farbar) C:\Users\Riehl\Downloads\FRST.exe
2015-05-30 11:03 - 2015-05-30 11:03 - 00187456 _____ C:\Users\Riehl\Documents\cc_20150530_110320.reg
2015-05-30 10:56 - 2015-05-30 10:56 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-30 10:56 - 2015-05-30 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-30 10:55 - 2015-05-30 10:56 - 00000000 ____D C:\Program Files\CCleaner
2015-05-30 10:54 - 2015-05-30 10:54 - 05248848 _____ (Piriform Ltd) C:\Users\Riehl\Downloads\ccsetup505_slim.exe
2015-05-30 10:53 - 2015-05-30 10:53 - 00000000 ____D C:\Windows\system32\appmgmt
2015-05-30 10:31 - 2015-05-30 10:31 - 00000000 ____D C:\Users\Riehl\AppData\Roaming\WinRAR
2015-05-30 10:31 - 2015-05-30 10:31 - 00000000 ____D C:\Users\Riehl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-30 10:31 - 2015-05-30 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-30 10:30 - 2015-05-30 10:31 - 00000000 ____D C:\Program Files\WinRAR
2015-05-30 10:30 - 2015-05-30 10:30 - 01869952 _____ C:\Users\Riehl\Downloads\wrar521d.exe
2015-05-29 13:59 - 2015-05-29 13:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Riehl\Downloads\revosetup95.exe
2015-05-29 13:59 - 2015-05-29 13:59 - 00000000 ____D C:\Program Files\VS Revo Group
2015-05-29 13:50 - 2015-05-29 14:40 - 00000000 ____D C:\Windows\pss
2015-05-29 13:16 - 2015-05-29 13:16 - 00000207 _____ C:\Windows\tweaking.com-regbackup-RIEHL-PC-Windows-7-Professional-(32-bit).dat
2015-05-29 13:16 - 2015-05-29 13:16 - 00000000 ____D C:\RegBackup
2015-05-29 13:14 - 2015-05-29 13:14 - 02946603 _____ (Thisisu) C:\Users\Riehl\Downloads\JRT681.exe
2015-05-29 12:56 - 2015-05-29 13:41 - 00000000 ____D C:\AdwCleaner
2015-05-29 12:55 - 2015-05-29 12:56 - 00000000 ____D C:\Users\Riehl\Downloads\20150304PM
2015-05-29 12:55 - 2015-05-29 12:55 - 02223104 _____ C:\Users\Riehl\Downloads\adwcleaner_4.205 (2).exe
2015-05-29 12:52 - 2015-05-29 12:52 - 02222592 _____ C:\Users\Riehl\Downloads\AdwCleaner_4.205 (1).exe.uy9wy6n.partial
2015-05-29 12:50 - 2015-05-29 12:51 - 02222592 _____ C:\Users\Riehl\Downloads\AdwCleaner_4.205.exe.rsiqstp.partial
2015-05-29 11:57 - 2015-06-11 11:53 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-29 11:56 - 2015-05-29 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-29 11:56 - 2015-05-29 14:40 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-05-29 11:56 - 2015-05-29 11:58 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-29 11:56 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-29 11:56 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-29 11:56 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-28 13:39 - 2015-06-11 08:56 - 00000526 _____ C:\Windows\Tasks\game_til_you_die_helper_service.job
2015-05-28 13:39 - 2015-05-29 14:40 - 00000000 ____D C:\Program Files\Game til you Die
2015-05-26 14:03 - 2015-05-26 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-05-26 14:03 - 2015-05-26 14:03 - 00000000 ____D C:\Program Files\ESET
2015-05-26 09:08 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-19 08:57 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-18 09:04 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-18 09:04 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-18 09:04 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-18 09:04 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-15 18:08 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-15 18:08 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-15 14:30 - 2015-06-11 11:35 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08f0afa90bced.job
2015-05-15 14:30 - 2015-06-11 08:56 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08f0af9fd279c.job
2015-05-15 09:18 - 2015-05-15 09:18 - 00000000 ____D C:\Program Files\Common Files\Java
2015-05-13 18:47 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:41 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 18:41 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 18:41 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 18:40 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 18:40 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 18:40 - 2015-04-04 05:10 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 18:40 - 2015-04-04 05:10 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 18:40 - 2015-04-04 05:05 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 18:40 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 18:40 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 18:40 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 18:40 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 18:40 - 2015-04-04 05:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 18:40 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 18:40 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 18:40 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 18:40 - 2015-04-04 05:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 18:40 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 18:40 - 2015-04-04 05:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 18:40 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 18:40 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 18:40 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 18:38 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-11 11:43 - 2014-03-02 13:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-11 11:35 - 2015-02-05 15:25 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0414743b07c1f.job
2015-06-11 11:32 - 2010-11-20 23:01 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 11:30 - 2014-06-26 09:09 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf910d83c5b24b.job
2015-06-11 10:46 - 2014-03-02 18:37 - 00000000 ____D C:\Users\Riehl\Desktop\Bestellungen,Kasse,Umsatz
2015-06-11 09:03 - 2009-07-14 06:34 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-11 09:03 - 2009-07-14 06:34 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-11 08:56 - 2015-02-05 15:25 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041474328cdaf.job
2015-06-11 08:56 - 2015-01-22 16:01 - 00000000 ___RD C:\Users\Riehl\Dropbox
2015-06-11 08:56 - 2015-01-22 15:58 - 00000000 ____D C:\Users\Riehl\AppData\Roaming\Dropbox
2015-06-11 08:56 - 2014-04-08 10:58 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf5308b6d0df61.job
2015-06-11 08:56 - 2014-03-02 18:02 - 00000000 ____D C:\Users\Riehl\AppData\Local\FRITZ!
2015-06-11 08:55 - 2014-03-02 12:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-11 08:55 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-10 18:49 - 2014-03-02 14:14 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 18:49 - 2014-02-28 14:48 - 01520747 _____ C:\Windows\WindowsUpdate.log
2015-06-10 18:43 - 2014-03-02 14:14 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 17:27 - 2014-03-02 18:37 - 00000000 ___RD C:\Users\Riehl\Desktop\Fax,Scan,Leasing
2015-06-10 13:38 - 2014-05-05 15:58 - 02609152 ___SH C:\Users\Riehl\Desktop\Thumbs.db
2015-06-10 12:47 - 2014-03-02 18:37 - 00000000 ____D C:\Users\Riehl\Desktop\FIBAK AG
2015-06-10 12:43 - 2014-03-02 13:31 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-10 12:43 - 2014-03-02 13:31 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-09 19:32 - 2014-04-08 10:53 - 00002121 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-08 09:03 - 2014-09-22 10:15 - 00000000 ____D C:\Users\Riehl\AppData\Local\CrashDumps
2015-06-08 09:01 - 2014-03-02 13:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-01 08:55 - 2014-02-28 14:44 - 00000000 ____D C:\Windows\Panther
2015-05-30 11:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-05-30 11:00 - 2014-05-08 09:43 - 00000000 ____D C:\Windows\Minidump
2015-05-30 10:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-05-29 14:40 - 2015-04-09 21:10 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-29 14:40 - 2014-09-01 18:44 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-05-29 14:40 - 2014-02-28 14:50 - 00000000 ____D C:\Users\Riehl
2015-05-29 14:40 - 2011-04-12 03:39 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-05-29 14:40 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-05-27 19:17 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-26 15:32 - 2015-03-21 12:28 - 00000000 ____D C:\Users\Riehl\Desktop\Bayerischer Abend 2008
2015-05-18 09:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-05-16 14:16 - 2014-03-02 13:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-15 18:09 - 2011-04-12 03:39 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 09:15 - 2014-03-02 13:32 - 00000000 ____D C:\ProgramData\Oracle
2015-05-15 09:13 - 2014-03-02 13:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-15 09:04 - 2014-10-10 18:53 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-15 09:03 - 2014-10-10 18:53 - 00000000 ____D C:\Program Files\Java
2015-05-15 08:54 - 2009-07-14 06:33 - 00303888 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-13 18:38 - 2014-03-02 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 18:38 - 2014-03-02 15:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-12 08:52 - 2015-01-22 15:59 - 00000000 ____D C:\Users\Riehl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Files in the root of some directories =======
2014-03-03 10:36 - 2014-03-03 10:36 - 0000057 _____ () C:\ProgramData\Ament.ini
Some files in TEMP:
====================
C:\Users\Riehl\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpflfkqi.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-03 09:36
==================== End of log ============================ --- --- ---
Addition:
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x86) Version: 08-06-2015
Ran by Riehl at 2015-06-11 12:04:42
Running from C:\Users\Riehl\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Acronis Agent User (S-1-5-21-1956295977-2440402935-1114064478-1002 - Administrator - Enabled) => C:\Users\Acronis Agent User
Administrator (S-1-5-21-1956295977-2440402935-1114064478-500 - Administrator - Disabled)
Gast (S-1-5-21-1956295977-2440402935-1114064478-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1956295977-2440402935-1114064478-1004 - Limited - Enabled)
Riehl (S-1-5-21-1956295977-2440402935-1114064478-1000 - Administrator - Enabled) => C:\Users\Riehl
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Acronis Backup & Recovery 11.5 Agent Core (HKLM\...\{7278E64B-7C80-4480-92F3-D33ED76107EE}) (Version: 11.5.37608 - Acronis)
Acronis Backup & Recovery 11.5 Bootable Media Builder (HKLM\...\{D98390FD-0467-4519-AA0A-CFEC3806C188}) (Version: 11.5.37608 - Acronis)
Acronis Backup & Recovery 11.5 Command-Line Tool (HKLM\...\{08A392E9-1F59-4DD7-B1DE-06EFE35ABE83}) (Version: 11.5.37608 - Acronis)
Acronis Backup & Recovery 11.5 Management Console (HKLM\...\{1D732DB1-5ABF-4B4C-BC7B-53E0932BA470}) (Version: 11.5.37608 - Acronis)
Acronis Backup & Recovery 11.5 Tray Monitor (HKLM\...\{4640CCA0-4964-42C9-8A9F-5634A50DADBD}) (Version: 11.5.37608 - Acronis)
Acronis Backup & Recovery 11.5*Agent für Windows (HKLM\...\{423DD130-33BB-4657-9FA1-8C0B980D9CAC}) (Version: 11.5.37608 - Acronis)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AVM FRITZ! (HKLM\...\FRITZ! 2.0) (Version: - AVM Berlin)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Der Kleine Turnierplaner 7.1.9.1 (HKLM\...\Der_Deploy_0) (Version: 7.1.9.1 - Der Kleine Turnierplaner)
Dropbox (HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
DVSE Updater (HKLM\...\{52167B0C-FB5D-43E7-BEC5-24EE6BEE2BA0}) (Version: 1.5.0.23257 - DVSE GmbH)
ESET NOD32 Antivirus (HKLM\...\{AEB13D48-3CA9-4E04-876C-8E3F40469C0B}) (Version: 8.0.312.3 - ESET, spol s r. o.)
Free YouTube to MP3 Converter version 3.12.0.128 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.0.128 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{7D1EFB03-7D84-446E-8B90-6ECD7EDF4D55}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}) (Version: 7.10.344.0 - Microsoft)
Microsoft IntelliType Pro 7.1 (HKLM\...\{11E94FDB-C895-45F1-B756-1C9B8C36C8F1}) (Version: 7.10.344.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Network Camera View 4S (HKLM\...\{8A27C0FE-87C7-4169-BF5A-05BF94F70A54}) (Version: 4.10.02 - Panasonic System Networks Co.,Ltd.)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OKI Network Extension (HKLM\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Oßwald Online (HKLM\...\Oßwald Online) (Version: 1.0.0.63 - DVSE GmbH)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
SurveillanceHelper (HKLM\...\{E8236305-76A1-4AE2-A35C-2498D6876912}) (Version: 1.0.0.3 - Synology)
SurveillancePlugin (HKLM\...\{BC25A0F6-F466-4B5B-92E6-86D1094FA29D}) (Version: 1.0.0.64 - Synology)
TpmsToolObdUpdater (HKLM\...\InstallShield_{0A7B7D64-1222-49A4-B938-6ED5A532077A}) (Version: 1.00.0000 - cub)
TpmsToolObdUpdater (Version: 1.00.0000 - cub) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZoneAlarm Free Firewall (HKLM\...\ZoneAlarm Free Firewall) (Version: 13.1.211.000 - Check Point)
ZoneAlarm Security Toolbar (HKLM\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar (HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1956295977-2440402935-1114064478-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Riehl\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
05-06-2015 10:03:53 Geplanter Prüfpunkt
05-06-2015 13:59:28 Windows Update
09-06-2015 08:56:39 Windows Update
10-06-2015 16:00:08 Installed Microsoft Fix it 50195
10-06-2015 18:43:09 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0366B356-4748-440C-9E5D-F7F4808CD534} - \sup_games_notification_service No Task File <==== ATTENTION
Task: {0677E1DA-5D81-4B11-B97F-AA3428695E00} - System32\Tasks\8iiAAzJ2kbdtBLQhF => C:\Program Files\globalUpdate\Update\Install\{A76189D2-9D2C-49A4-B088-5A652E8A0BCF}\setup.exe
Task: {0BFAFBB9-4476-44BC-B388-6FBAA998713B} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-3 No Task File <==== ATTENTION
Task: {1162E121-71FA-4D8E-B839-1AFEF199CA98} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f0afa90bced => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-08] (Google Inc.)
Task: {1CAA77A8-88C0-4CEB-8D76-CC7CACDF7B24} - System32\Tasks\SPq3T8LSOGLXNt1ekaL => C:\Program Files\globalUpdate\Update\Install\{E1FF3CE3-0466-4B6C-A997-CD6E83F6B38A}\setup.exe
Task: {29807771-471E-4D61-A107-2DB1874F58D9} - System32\Tasks\kE5fzeb2UrBnFlljD => C:\Program Files\globalUpdate\Update\Install\{8F6B32A4-E44F-48BD-93F0-3F6582952912}\setup.exe
Task: {312065A4-853C-49F8-9F9B-35DEDD6F4645} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-11-05] (Microsoft Corporation)
Task: {3795D49F-97B0-428A-886A-C92EB64C6C40} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-5 No Task File <==== ATTENTION
Task: {39F0F3BF-D883-4CCA-8264-590938A64CCA} - System32\Tasks\GoogleUpdateTaskMachineUA1d0414743b07c1f => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-08] (Google Inc.)
Task: {46691910-4FE7-4445-9BBC-01B8C2D2C1BA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {51E1844E-BF83-4BE9-AA68-DA7A60DC61CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {555A8D29-D39F-4A1B-A219-B2EA7937E52E} - System32\Tasks\bbJyVGId5N57Do => C:\Program Files\globalUpdate\Update\Install\{071FB2A5-77A9-403D-99C8-08ECBBCF0F01}\setup.exe
Task: {5AB37152-38BA-43EC-86FC-8AC2A07EE949} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-4 No Task File <==== ATTENTION
Task: {638C2D8B-7A12-489D-A448-A1BAF5B2A928} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {6AFC5F90-E679-4FAB-8B65-D316511B3CB0} - System32\Tasks\Lzm69bNmOQgc => C:\Program Files\globalUpdate\Update\Install\{8C2DAB7A-32F5-4326-83EA-F7477C969F83}\setup.exe
Task: {6D018C04-BA92-438F-B948-5E6C52A19302} - System32\Tasks\GoogleUpdateTaskMachineCore1d041474328cdaf => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-08] (Google Inc.)
Task: {79E8FB62-8F8F-4E33-A5C6-E3754453793A} - System32\Tasks\zBR9RnMFABBly => C:\Program Files\globalUpdate\Update\Install\{C610B48B-8F55-43C6-8959-9BCCD65557A6}\setup.exe
Task: {7F518518-A311-4B68-B794-ED9613E95D7E} - System32\Tasks\Jy8MZXjijH5Lkv => C:\Program Files\globalUpdate\Update\Install\{9D949B8D-D7B8-491F-8909-930B142FF299}\setup.exe
Task: {80638E9C-F5D5-48F9-9BE1-A57E80E8EEE4} - System32\Tasks\DZgUJOe9YH4Co => C:\Program Files\globalUpdate\Update\Install\{C23C161F-B80E-4D93-8D43-9CC319838755}\setup.exe
Task: {8D60A84D-35FA-49E9-85DB-1CE67679987D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
Task: {8E8D44DA-EA84-4DC0-950D-A90970DF8874} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-1 No Task File <==== ATTENTION
Task: {9F932E9A-1292-4D47-B9A3-4526FAE82086} - System32\Tasks\s2z1jRR48pztYsu => C:\Program Files\globalUpdate\Update\Install\{E0BB54F1-CC21-4BF4-8425-C9E98730F570}\setup.exe
Task: {A124CEB7-5720-470A-BAC1-6CFF0650E714} - System32\Tasks\D7c2LJWPBGhX => C:\Program Files\globalUpdate\Update\Install\{95D33456-FE22-4D8C-BCA6-76A27040A22B}\setup.exe
Task: {A285E65C-471A-4D8F-9EDA-7E0AD01A617D} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION
Task: {A2CDB62F-33DC-450C-9CF6-BAC9CF71F177} - System32\Tasks\tBZ7SlUPAfZzA => C:\Program Files\globalUpdate\Update\Install\{20AAECAC-BC36-46E1-A2BD-C9689C5AF470}\setup.exe
Task: {B0E6F674-2BAD-4AD7-B732-6899FD184654} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {B9207C0B-71B2-441E-9785-DBAE4317E0EF} - \temp_66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION
Task: {C481625F-35CD-4375-A4F5-1EAD7BE814E2} - System32\Tasks\game_til_you_die_helper_service => C:\Program Files\Game til you Die\game_til_you_die_helper_service.exe [2015-05-28] ()
Task: {C508157A-7365-4A74-ADCB-1B8AA11EF585} - System32\Tasks\GoogleUpdateTaskMachineCore1cf5308b6d0df61 => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-08] (Google Inc.)
Task: {D1A42269-89B3-4F3C-881A-87E4FAC27DB4} - System32\Tasks\ifxvojzhwaBmllw => C:\Program Files\globalUpdate\Update\Install\{38460921-1DCE-441B-8AA9-13C516DAF390}\setup.exe
Task: {D74044CA-3857-477C-AF4F-3AD24E4F1A08} - System32\Tasks\lOmAARxJsL886T3sK => C:\Program Files\globalUpdate\Update\Install\{C037EB90-F8B5-4D4A-8ADF-20C0052B39E0}\setup.exe
Task: {D9950ACC-46BE-4F3C-8D02-D131D705BD62} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f0af9fd279c => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-08] (Google Inc.)
Task: {DE553256-F265-4148-8AF2-6616D5F17835} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {E1C66C93-2615-4E82-9C97-3AB8FA4570CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E3F4F692-3A0E-4C7F-880C-07C9DB5DAE34} - System32\Tasks\GoogleUpdateTaskMachineUA1cf910d83c5b24b => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-08] (Google Inc.)
Task: {E957A4BD-9ECD-402A-96A8-C22C09307848} - System32\Tasks\HP AR Program Upload - 8686b7cdf63f4dde92f9d1c4acfaeb6f06c0c3779b404f5bb7e9c4f60b219fa3 => C:\Program Files\HP\HP Officejet 6700\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {EB26C3F7-9F11-488E-A561-637E6A383ABE} - System32\Tasks\aVbUPQzJsiOXOMtvfTo => C:\Program Files\globalUpdate\Update\Install\{A0AB269F-F434-46AC-9A4E-DC628793FEE9}\setup.exe
Task: {EF4B680F-F524-4379-9225-D375752ABC57} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {F491E90A-EB7C-4B00-BF81-5BE3F4A7D7E3} - System32\Tasks\YsmXSoDbJeX0eU7 => C:\Program Files\globalUpdate\Update\Install\{AE76D993-33F9-45B0-911D-D496A663E039}\setup.exe
Task: {F8C67DA2-85EA-4F5B-8906-3C3957540876} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\game_til_you_die_helper_service.job => C:\Program Files\Game til you Die\game_til_you_die_helper_service.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf5308b6d0df61.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041474328cdaf.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08f0af9fd279c.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf910d83c5b24b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0414743b07c1f.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08f0afa90bced.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-04-04 01:58 - 2013-04-04 01:58 - 00285384 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\fnls.dll
2013-04-04 01:58 - 2013-04-04 01:58 - 00327840 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\events_trace.dll
2013-04-04 01:58 - 2013-04-04 01:58 - 00438360 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\FileTrace.dll
2013-04-04 02:01 - 2013-04-04 02:01 - 00917768 _____ () C:\Program Files\Acronis\BackupAndRecovery\human_resolving_mms.dll
2014-03-02 12:55 - 2014-02-08 19:11 - 00107808 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-01-22 14:30 - 2013-01-22 14:30 - 00013120 _____ () C:\Program Files\Common Files\Acronis\TibMounter\icudt38.dll
2015-06-11 08:56 - 2015-06-11 08:56 - 00043008 _____ () c:\users\riehl\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpflfkqi.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Riehl\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Riehl\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Riehl\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Riehl\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-28 13:39 - 2015-05-28 13:39 - 00191719 _____ () C:\Program Files\Game til you Die\game_til_you_die_helper_service.exe
2014-01-10 14:33 - 2014-01-10 14:33 - 00282312 _____ () C:\Program Files\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Riehl\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.120.252 - 192.168.120.253
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{633B765C-6183-42BE-A6FD-CED1E5A6F97F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{AC73F88E-6011-4F30-A660-D3EDF468C155}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7A95EAED-FCA8-40C6-ABE8-74391B05A3E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{750FB317-E726-4EC3-8543-4B2EE52EE4F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{797F5325-E206-4C35-8D17-C7AE1A9C5569}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1E17896E-B05C-42D2-9EAD-7847DC786B9B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D96FD511-CA50-4DDF-955D-599CD755AE58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F16091E9-E996-499F-B347-F549CFF35E10}] => (Allow) C:\Program Files\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{E447730D-8589-4DF7-BD29-520B1C958713}] => (Allow) C:\Program Files\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{B7D5BCA8-3B26-45CD-A13F-08D326D4B422}] => (Allow) C:\Program Files\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{FC0A5C16-0DAD-4817-8A54-F3642A579994}] => (Allow) C:\Program Files\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{AE428443-F0E0-4146-8269-3013C3FDB48C}] => (Allow) C:\Program Files\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [{7DF475AD-6A65-423E-ACA4-60216777C684}] => (Allow) C:\Program Files\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [{28C91716-73ED-4B0E-81F7-0EB00AF64BE0}] => (Allow) C:\Program Files\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [{0B56BB75-BDD2-408A-8AD4-E855B673D236}] => (Allow) C:\Program Files\Acronis\BackupAndRecovery\mms.exe
FirewallRules: [TCP Query User{5B34309F-7BFD-4F27-9AD6-688E832E8F95}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{EE984205-5200-4F2C-BD34-75202E2B5754}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{C04EFB09-2985-429C-96F8-DF94E8C43F95}] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{839EBEA1-CFA2-424E-90A1-32F3197DB0EE}] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{D40C63F2-FA73-40EA-9059-80BBF970F593}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{6D93064E-8D9A-46EE-AF28-EFD45CE8043F}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{1EC67071-3CA3-4D4C-9202-54A34EA2DC7E}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{F0678BEA-77ED-4DDE-8931-D3A9179D70A1}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{1F5D6495-81CF-474D-9EEA-1CFFA9CB3418}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E61598D2-344D-438E-9B59-AA2E72D9AAA8}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3F1BCBC2-9E5D-43B3-9683-38B7B84C32D4}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{67EF60F9-A485-4596-BA1B-C3DF4AA7CB9F}] => (Allow) LPort=2869
FirewallRules: [{5A8A9672-49DB-410C-A8D8-B5CD13CA1634}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{C74CCA33-AAE9-4E4A-860C-EFCA22965D78}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{869C619F-7996-40EC-AECD-CB45E18C61B7}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{C124699E-B79F-44D6-8977-31EB626343A1}] => (Allow) C:\Users\Riehl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CB2A5013-5126-4736-933C-07A77F69FD47}] => (Allow) C:\Users\Riehl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9854E37A-26FD-4BD1-9A45-422FCAEE4A82}] => (Allow) C:\Users\Riehl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5CE62F45-9F85-40D5-9C5A-B644538598E3}] => (Allow) C:\Users\Riehl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EA745AE4-9DCB-4DED-8197-21A71A36BAA7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{525795E1-20E7-4477-B36F-659885684A71}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4B3BCFEB-CFB4-4D1A-8502-A9616BF9E85D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/11/2015 08:56:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/10/2015 02:04:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/10/2015 08:56:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/09/2015 08:53:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/08/2015 06:04:21 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (06/08/2015 10:43:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/08/2015 09:49:50 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/08/2015 09:03:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/08/2015 09:03:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x1000c292
ID des fehlerhaften Prozesses: 0xb10
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3
Error: (06/08/2015 09:03:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x100c9860
ID des fehlerhaften Prozesses: 0xb10
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3
System errors:
=============
Error: (06/11/2015 11:30:55 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.
Error: (06/10/2015 03:52:28 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2015 03:52:27 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2015 03:52:27 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2015 03:52:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2015 03:52:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2015 03:47:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2015 03:47:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2015 03:47:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2015 03:47:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-03-02 21:19:19.874
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-02 21:10:54.808
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-02 20:49:08.629
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 84%
Total physical RAM: 3323.49 MB
Available physical RAM: 511.56 MB
Total Pagefile: 6645.28 MB
Available Pagefile: 2142.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.24 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:354.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 12B8B796)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of log ============================ --- --- --- |