Ja sofort.
Bei mir stellt sich gerade die Frage, ob möglicherweise mein Modem irgendwie anderweitig defekt möglicherweise etwas ist, da sich auch mein Handy sehr schwer damit tut genügend m/bits zu laden.
Aber ich denke, es könnte nicht schaden, wenn ich hier dennoch die Anweisungen befolge, um ein möglichst sauberes System zu erlangen.
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2015
Ran by James at 2015-01-11 19:12:38
Running from C:\Users\James\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
EA SPORTS FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.3.0.58666 - Electronic Arts, Inc.)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.92 - Symantec Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.4.0.0 - Electronic Arts)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Spotify (HKU\S-1-5-21-571201042-708639023-1526785000-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-571201042-708639023-1526785000-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
02-01-2015 16:20:29 Windows Update
09-01-2015 17:30:28 Geplanter Prüfpunkt
11-01-2015 18:01:33 Removed Microsoft Silverlight
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {5585100E-D077-4406-9EB1-79C107D30A73} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {9FF769C2-4BE0-421D-867F-17ED294C162E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-05] (Google Inc.)
Task: {A1E10CDD-763E-42A3-89A3-3595902D72A2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C0B9C60A-5D24-4EE0-9E08-E1F78DA53E2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-05] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-09-05 16:48 - 2014-11-29 15:51 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-12-31 03:35 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-11 17:20 - 2014-11-11 19:48 - 01171456 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2015-01-11 17:20 - 2014-11-11 19:48 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2015-01-11 17:20 - 2014-11-11 19:48 - 00442368 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2015-01-11 17:20 - 2014-11-11 19:47 - 00774656 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-01-11 17:20 - 2014-11-18 21:23 - 02227904 _____ () D:\Program Files (x86)\Steam\video.dll
2015-01-11 17:20 - 2014-11-11 19:48 - 00403968 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2015-01-11 17:20 - 2014-11-11 19:48 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-11 17:20 - 2014-11-18 21:23 - 00690880 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-01-11 17:20 - 2014-11-11 19:48 - 34589888 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-11 17:20 - 2014-11-11 19:48 - 00837824 _____ () D:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-12-11 12:02 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 12:02 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 12:02 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 12:02 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\James\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "BeatsOSDApp"
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKU\S-1-5-21-571201042-708639023-1526785000-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-571201042-708639023-1526785000-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-571201042-708639023-1526785000-1001\...\StartupApproved\Run: => "Spotify Web Helper"
========================= Accounts: ==========================
Administrator (S-1-5-21-571201042-708639023-1526785000-500 - Administrator - Disabled)
Gast (S-1-5-21-571201042-708639023-1526785000-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-571201042-708639023-1526785000-1003 - Limited - Enabled)
James (S-1-5-21-571201042-708639023-1526785000-1001 - Administrator - Enabled) => C:\Users\James
==================== Faulty Device Manager Devices =============
Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/11/2015 06:01:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/11/2015 05:16:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{ed39f7b8-4f58-4602-881c-734db2d911a3}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/11/2015 05:16:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b20683b6-09a1-4996-8f40-2a577d41ecaf}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/11/2015 05:16:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b20683b6-09a1-4996-8f40-2a577d41ecaf}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/11/2015 05:16:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{961b3944-c334-4cde-8453-ab9ad286d509}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/11/2015 05:16:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (01/11/2015 01:52:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2f4c
Startzeit: 01d02d99b04deb6a
Endzeit: 0
Anwendungspfad: C:\WINDOWS\Explorer.EXE
Berichts-ID: b0bec324-9990-11e4-bea0-3860774c3298
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/11/2015 03:56:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GFWLClient.exe, Version: 3.5.67.0, Zeitstempel: 0x52178fb2
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x08de9435
ID des fehlerhaften Prozesses: 0x42a8
Startzeit der fehlerhaften Anwendung: 0xGFWLClient.exe0
Pfad der fehlerhaften Anwendung: GFWLClient.exe1
Pfad des fehlerhaften Moduls: GFWLClient.exe2
Berichtskennung: GFWLClient.exe3
Vollständiger Name des fehlerhaften Pakets: GFWLClient.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GFWLClient.exe5
Error: (01/11/2015 03:56:13 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: GFWLClient.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei Microsoft.GamesForWindows.LiveClient.Messaging.CommandPipe.IsDownloadAndInstallationQueueDrained()
bei Microsoft.GamesForWindows.LiveClient.Messaging.CommandPipe.Shutdown()
bei Microsoft.GamesForWindows.LiveClient.Messaging.CommandPipe.ListenerThread()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (01/11/2015 01:47:08 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
System errors:
=============
Error: (01/11/2015 05:21:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/11/2015 05:21:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (01/11/2015 04:22:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (01/11/2015 02:27:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/11/2015 02:27:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (01/07/2015 09:38:05 PM) (Source: DCOM) (EventID: 10010) (User: ZOCKER-PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/04/2015 04:02:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ZOCKER-PC :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.100
registriert werden. Der Computer mit IP-Adresse 169.254.131.166 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/04/2015 04:02:51 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5E58D3CA-712F-4307-A220-646CBB71D90E} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (01/04/2015 03:58:11 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.100
registriert werden. Der Computer mit IP-Adresse 169.254.131.166 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/04/2015 03:57:55 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ZOCKER-PC :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.100
registriert werden. Der Computer mit IP-Adresse 169.254.131.166 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Microsoft Office Sessions:
=========================
Error: (01/11/2015 06:01:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (01/11/2015 05:16:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{ed39f7b8-4f58-4602-881c-734db2d911a3}\Falscher Parameter. (0x80070057)
Error: (01/11/2015 05:16:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{b20683b6-09a1-4996-8f40-2a577d41ecaf}\Falscher Parameter. (0x80070057)
Error: (01/11/2015 05:16:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{b20683b6-09a1-4996-8f40-2a577d41ecaf}\Falscher Parameter. (0x80070057)
Error: (01/11/2015 05:16:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{961b3944-c334-4cde-8453-ab9ad286d509}\Falscher Parameter. (0x80070057)
Error: (01/11/2015 05:16:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (01/11/2015 01:52:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.174152f4c01d02d99b04deb6a0C:\WINDOWS\Explorer.EXEb0bec324-9990-11e4-bea0-3860774c3298
Error: (01/11/2015 03:56:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GFWLClient.exe3.5.67.052178fb2unknown0.0.0.000000000c000000508de943542a801d02d498b379b11C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exeunknown66d707d3-993d-11e4-bea0-3860774c3298
Error: (01/11/2015 03:56:13 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: GFWLClient.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei Microsoft.GamesForWindows.LiveClient.Messaging.CommandPipe.IsDownloadAndInstallationQueueDrained()
bei Microsoft.GamesForWindows.LiveClient.Messaging.CommandPipe.Shutdown()
bei Microsoft.GamesForWindows.LiveClient.Messaging.CommandPipe.ListenerThread()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (01/11/2015 01:47:08 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
CodeIntegrity Errors:
===================================
Date: 2014-12-20 14:41:14.009
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-20 14:41:13.909
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-19 17:13:35.218
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-19 17:13:35.137
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-19 02:53:36.484
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-19 02:53:36.358
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-14 05:35:34.208
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-14 05:35:34.122
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-11 18:51:37.289
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-11 18:51:37.205
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 11%
Total physical RAM: 16364.34 MB
Available physical RAM: 14488.11 MB
Total Pagefile: 18796.34 MB
Available Pagefile: 16601.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:104.51 GB) (Free:58.1 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1464.84 GB) (Free:1326.28 GB) NTFS
Drive e: (Volume) (Fixed) (Total:398.17 GB) (Free:398.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 9AD3E71C)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 899C1232)
Partition: GPT Partition Type.
==================== End Of Log ============================
FRST Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2015
Ran by James (administrator) on ZOCKER-PC on 11-01-2015 19:11:58
Running from C:\Users\James\Desktop
Loaded Profile: James (Available profiles: James)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-03-29] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-03-29] (IDT, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKU\S-1-5-21-571201042-708639023-1526785000-1001\...\Run: [Spotify Web Helper] => C:\Users\James\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-571201042-708639023-1526785000-1001\...\Run: [Spotify] => C:\Users\James\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-10] (Spotify Ltd)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
AutoConfigURL: [S-1-5-21-571201042-708639023-1526785000-1001] => Arsee%Admin-24% 2
HKU\S-1-5-21-571201042-708639023-1526785000-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\f938nICT.default
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-571201042-708639023-1526785000-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Avira Browser Safety - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\f938nICT.default\Extensions\abs@avira.com [2014-09-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR Profile: C:\Users\James\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-05]
CHR Extension: (Google Docs) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-05]
CHR Extension: (Google Drive) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-05]
CHR Extension: (Google-Suche) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-05]
CHR Extension: (Google Tabellen) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-05]
CHR Extension: (Avira Browserschutz) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-05]
CHR Extension: (Journal (by Journey)) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlncjaehedpdoinepaejmlpbmdkgmpog [2014-12-30]
CHR Extension: (Google Wallet) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-05]
CHR Extension: (Google Mail) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2013-03-29] (Andrea Electronics Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2009-08-18] (Symantec Corporation)
S3 Origin Client Service; D:\Program Files\Origin\OriginClientService.exe [1903472 2014-12-16] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-11-29] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75064 2014-11-29] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-03-29] (IDT, Inc.) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 19:11 - 2015-01-11 19:12 - 00009666 _____ () C:\Users\James\Desktop\FRST.txt
2015-01-11 19:11 - 2015-01-11 19:12 - 00000000 ____D () C:\FRST
2015-01-11 19:11 - 2015-01-11 19:11 - 02124288 _____ (Farbar) C:\Users\James\Desktop\FRST64.exe
2015-01-11 03:45 - 2015-01-11 03:45 - 00000991 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2015-01-11 03:45 - 2015-01-11 03:45 - 00000000 ____D () C:\Users\James\AppData\Roaming\WinRAR
2015-01-11 03:45 - 2015-01-11 03:45 - 00000000 ____D () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-11 03:45 - 2015-01-11 03:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-11 03:45 - 2015-01-11 03:45 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-10 22:30 - 2015-01-10 22:30 - 00001973 _____ () C:\Users\James\Desktop\user.cfg
2015-01-03 23:55 - 2015-01-03 23:55 - 00007641 _____ () C:\Users\James\AppData\Local\Resmon.ResmonCfg
2015-01-02 21:45 - 2014-12-10 21:43 - 00129600 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2015-01-02 21:43 - 2014-12-09 23:21 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2015-01-02 04:39 - 2015-01-02 04:39 - 00000000 ____D () C:\Users\James\AppData\Roaming\NVIDIA
2014-12-31 03:35 - 2014-12-31 03:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-31 03:35 - 2014-12-13 11:08 - 00074056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-12-31 03:35 - 2014-12-13 11:08 - 00060560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-12-31 03:35 - 2014-12-13 09:03 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-31 03:35 - 2014-12-13 09:03 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-31 03:35 - 2014-12-13 09:03 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-31 03:35 - 2014-12-13 09:03 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-31 03:35 - 2014-12-13 09:03 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-31 03:35 - 2014-12-13 09:03 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-31 03:35 - 2014-12-13 00:11 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-31 03:34 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-31 03:34 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-31 03:34 - 2014-12-13 11:08 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-31 03:34 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-31 03:34 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-31 03:34 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-30 16:19 - 2014-12-30 16:19 - 00000000 ____D () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-22 15:14 - 2014-12-22 15:14 - 00000000 ____D () C:\Users\James\Documents\Ghost Games
2014-12-22 15:06 - 2014-12-22 15:06 - 00000969 _____ () C:\Users\Public\Desktop\Need for Speed™ Rivals(64 bit).lnk
2014-12-19 16:59 - 2015-01-11 15:15 - 00000000 ____D () C:\Users\James\Desktop\pics
2014-12-19 04:22 - 2014-12-19 04:22 - 00009728 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzStats.IPC.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 19:06 - 2014-09-05 12:30 - 01662934 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-11 19:02 - 2014-09-05 12:47 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-11 19:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-11 18:59 - 2014-09-05 01:51 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-571201042-708639023-1526785000-1001
2015-01-11 17:56 - 2014-09-05 12:46 - 00000000 ____D () C:\Users\James\OneDrive
2015-01-11 17:51 - 2014-09-05 12:47 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-11 17:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-11 16:29 - 2014-03-18 11:04 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-11 16:29 - 2014-03-18 10:25 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-11 16:29 - 2014-03-18 10:25 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-11 16:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-11 16:23 - 2014-10-07 01:14 - 00000438 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-01-11 16:23 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-11 16:22 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-11 15:15 - 2014-09-06 21:32 - 00467968 ___SH () C:\Users\James\Desktop\Thumbs.db
2015-01-11 14:42 - 2014-09-05 14:03 - 00000000 ____D () C:\ProgramData\Origin
2015-01-11 02:22 - 2014-12-10 02:24 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-01-11 02:22 - 2014-09-05 14:45 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-01-10 23:28 - 2014-10-19 04:58 - 00348928 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2015-01-09 23:00 - 2014-09-05 01:45 - 00000000 ____D () C:\Users\James\AppData\Local\Packages
2015-01-04 15:57 - 2014-10-23 23:56 - 00000000 ____D () C:\ProgramData\SoundResearch
2015-01-02 21:48 - 2013-08-22 15:44 - 00338240 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-02 21:45 - 2014-12-03 01:23 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-01-02 21:45 - 2014-09-06 23:27 - 00000000 ____D () C:\ProgramData\Razer
2015-01-02 21:41 - 2014-09-06 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-01-02 21:40 - 2014-09-06 23:27 - 00000000 ____D () C:\Users\James\AppData\Local\Razer
2014-12-31 12:14 - 2014-09-05 02:10 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-12-31 03:35 - 2014-09-05 12:30 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-31 03:35 - 2014-09-05 12:30 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-31 03:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-12-31 03:34 - 2014-09-05 12:30 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-27 14:42 - 2014-09-05 12:38 - 00000000 ____D () C:\Users\James\AppData\Local\PackageStaging
2014-12-26 20:26 - 2014-09-05 16:11 - 00000000 ____D () C:\Users\James\AppData\Roaming\Spotify
2014-12-26 20:23 - 2014-09-05 16:11 - 00000000 ____D () C:\Users\James\AppData\Local\Spotify
2014-12-22 15:06 - 2014-09-17 14:29 - 00244552 _____ () C:\WINDOWS\DirectX.log
2014-12-22 01:57 - 2014-09-05 14:05 - 00000000 ____D () C:\Users\James\AppData\Roaming\Origin
2014-12-19 14:41 - 2014-09-23 21:32 - 00086450 _____ () C:\WINDOWS\PFRO.log
2014-12-18 00:02 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-14 22:45 - 2014-09-05 14:46 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-14 22:31 - 2014-09-18 03:15 - 00000211 _____ () C:\Users\James\Desktop\Erfolg.txt
2014-12-14 21:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-05 17:41
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit