FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
durchgeführt von Gaming (Administrator) auf SLAMPIG (09-09-2015 04:52:42)
Gestartet von E:\Downloads
Geladene Profile: Gaming (Verfügbare Profile: Gaming)
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
() C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
() C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) E:\Downloads\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3450536 2015-04-21] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [797648 2015-05-27] (MSI)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2048908044-404186979-220624952-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-09-02] (Electronic Arts)
HKU\S-1-5-21-2048908044-404186979-220624952-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-2048908044-404186979-220624952-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2048908044-404186979-220624952-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-2048908044-404186979-220624952-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-2048908044-404186979-220624952-1001\...\Run: [BitTorrent] => C:\Users\Gaming\AppData\Roaming\BitTorrent\BitTorrent.exe [1698152 2015-08-21] (BitTorrent Inc.)
HKU\S-1-5-21-2048908044-404186979-220624952-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Belkin USB Wireless Adaptor Utility.lnk [2013-10-31]
ShortcutTarget: Belkin USB Wireless Adaptor Utility.lnk -> C:\Program Files (x86)\Belkin\F9L1101\V1\PBN.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-03-15]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2014-02-27]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebSTAR Wireless Monitor Utility.lnk [2015-03-23]
ShortcutTarget: WebSTAR Wireless Monitor Utility.lnk -> C:\Program Files (x86)\Scientific-Atlanta\WebSTAR\WebSTAR DPW700_DPW730\WLANMonitor.exe (Keine Datei)
Startup: C:\Users\Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-02-16] ()
Startup: C:\Users\Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CommandCenter.lnk [2015-04-29]
ShortcutTarget: CommandCenter.lnk -> C:\Program Files (x86)\MSI\Command Center\CommandCenter.exe (MSI)
Startup: C:\Users\Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSIAfterburner.lnk [2015-03-17]
ShortcutTarget: MSIAfterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 83.222.133.152 83.222.133.150 83.222.133.151
Tcpip\..\Interfaces\{0438B410-816F-4038-A6B6-014DEC577557}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3F6E4446-5F09-4D78-B275-83214B7A2326}: [DhcpNameServer] 83.222.133.152 83.222.133.150 83.222.133.151
Tcpip\..\Interfaces\{7CBD0255-A1E0-4E07-B4AA-8EE0BCC23C9C}: [DhcpNameServer] 83.222.133.150 83.222.133.151 83.222.133.152
Tcpip\..\Interfaces\{813BE620-A161-45A8-A472-B170797C65F8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FE8CE171-BB43-405F-93DD-5B3BA1E9A574}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2048908044-404186979-220624952-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
DPF: HKLM-x32 {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///D:/11111/Neuer%20Ordner/Pirates/components/hidinputmonitorx.ocx
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///F:/HD-DVD9%20Files/components/A9.ocx
DPF: HKLM-x32 {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///F:/HD-DVD9%20Files/components/wmvhdrating.ocx
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jvhdlOQP.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-07] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jvhdlOQP.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-26]
FF Extension: Adblock Plus - C:\Users\Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jvhdlOQP.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-04]
FF HKU\S-1-5-21-2048908044-404186979-220624952-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Kein Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [nicht gefunden]
Chrome:
=======
CHR Profile: C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Unfriend Notify for Facebook) - C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahigpjeolkfgjdaeodlmaceggigbpeoh [2015-08-09]
CHR Extension: (Adblock Plus) - C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-17]
CHR Extension: (Adblock for Youtube™) - C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-02-10]
CHR Extension: (AdBlock) - C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Gaming\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-07-22] ()
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-08] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S2 iSCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [76800 2014-08-12] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
S2 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [70239 2014-08-12] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert]
S2 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [70239 2014-08-12] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert]
S2 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [70239 2014-08-12] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert]
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2099712 2014-12-31] (MSI) [Datei ist nicht signiert]
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4028928 2015-05-27] (MSI) [Datei ist nicht signiert]
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2117632 2014-12-31] () [Datei ist nicht signiert]
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4157952 2015-04-20] () [Datei ist nicht signiert]
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1992704 2015-01-29] () [Datei ist nicht signiert]
R3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2249168 2015-03-10] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-12-31] () [Datei ist nicht signiert]
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [575488 2015-03-27] () [Datei ist nicht signiert]
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1743528 2015-04-21] (Micro-Star INT'L CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-04-06] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2015-09-04] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S4 WLANBelkinService; C:\Program Files (x86)\Belkin\F9L1101\V1\wlansrv.exe [86016 2012-10-05] () [Datei ist nicht signiert]
S4 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307488 2012-09-03] ()
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.3\dbk64.sys [64480 2013-06-02] ()
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-02] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [459544 2014-07-28] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-04-07] ()
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
S3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
S3 MAUSBPRODUCER; C:\Windows\system32\DRIVERS\M-AudioProducerUSB.sys [192512 2013-02-28] (M-Audio) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2013-07-29] (CACE Technologies, Inc.)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\system32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
S3 SaiK0CC3; C:\Windows\system32\DRIVERS\SaiK0CC3.sys [180584 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 SaiU0CC3; C:\Windows\System32\drivers\SaiU0CC3.sys [47208 2012-09-20] (Saitek)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (SerComm Corporation)
S3 ssudobex; C:\Windows\system32\DRIVERS\ssudobex.sys [204568 2013-10-28] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
R3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S1 qhvenflw; \??\C:\Windows\system32\drivers\qhvenflw.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-08 19:00 - 2015-09-08 19:59 - 00031224 _____ C:\Windows\WindowsUpdate.log
2015-09-08 18:10 - 2015-09-08 18:10 - 01160626 _____ C:\Users\Gaming\Documents\cc_20150908_181005.reg
2015-09-08 18:10 - 2015-09-08 18:10 - 00090796 _____ C:\Users\Gaming\Documents\cc_20150908_181044.reg
2015-09-08 18:10 - 2015-09-08 18:10 - 00000000 ____D C:\Users\Gaming\AppData\Roaming\Dropbox
2015-09-08 18:10 - 2015-09-08 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-08 18:09 - 2015-09-09 04:14 - 00001230 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-08 18:09 - 2015-09-08 18:14 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-08 18:09 - 2015-09-08 18:10 - 00000000 ____D C:\Users\Gaming\AppData\Local\Dropbox
2015-09-08 18:09 - 2015-09-08 18:10 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-08 18:09 - 2015-09-08 18:09 - 00004202 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-09-08 18:09 - 2015-09-08 18:09 - 00003966 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-09-08 18:09 - 2015-09-08 18:09 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-08 18:09 - 2015-09-08 18:09 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-08 18:09 - 2015-09-08 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-08 18:09 - 2015-09-08 18:09 - 00000000 ____D C:\ProgramData\Dropbox
2015-09-08 18:09 - 2015-09-08 18:09 - 00000000 ____D C:\Program Files\CCleaner
2015-09-08 17:57 - 2015-03-09 14:48 - 02508440 _____ (Sysinternals - www.sysinternals.com) C:\Users\Gaming\Desktop\procexp.exe
2015-09-08 17:43 - 2015-09-08 17:45 - 00000498 _____ C:\Users\Gaming\Desktop\prime.txt
2015-09-08 17:43 - 2015-09-08 17:43 - 00000148 _____ C:\Users\Gaming\Desktop\local.txt
2015-09-07 04:53 - 2015-09-07 04:53 - 00006012 _____ C:\Windows\card3d.txt
2015-09-06 10:07 - 2015-09-06 10:07 - 00032461 _____ C:\Users\Gaming\Desktop\steam.jpeg
2015-09-06 10:07 - 2015-09-06 10:07 - 00003393 _____ C:\Users\Gaming\AppData\Local\recently-used.xbel
2015-09-06 09:58 - 2015-09-06 09:59 - 00076866 _____ C:\Users\Gaming\Desktop\11349098_1488676981430354_794270049_n.xcf
2015-09-04 02:24 - 2015-09-04 02:24 - 00000000 ____D C:\Users\Gaming\Documents\EA Games
2015-09-04 02:14 - 2015-09-04 02:14 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2015-09-04 02:14 - 2015-09-04 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA
2015-09-04 02:14 - 2015-09-04 02:14 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-09-03 03:49 - 2015-09-09 04:52 - 00000000 ____D C:\FRST
2015-09-03 03:32 - 2015-09-03 03:32 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-31 06:06 - 2015-08-31 06:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metasploit
2015-08-31 06:01 - 2015-08-31 06:01 - 00000000 ____D C:\Program Files\WinPcap
2015-08-31 06:00 - 2015-08-31 06:06 - 00000000 ____D C:\metasploit
2015-08-31 01:22 - 2015-08-31 01:25 - 00000000 ____D C:\Program Files (x86)\GUM2929.tmp
2015-08-19 18:37 - 2015-08-13 14:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 18:36 - 2015-08-13 13:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 18:36 - 2015-08-13 12:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 18:36 - 2015-08-13 12:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 10:33 - 2015-08-25 00:30 - 00000000 ____D C:\Users\Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-12 04:30 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 04:30 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 04:30 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 04:30 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 04:30 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 04:30 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 04:30 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 04:30 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 04:30 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 04:30 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 04:30 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 04:30 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 04:30 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 04:30 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 04:30 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 04:30 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 04:30 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 04:30 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 04:30 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 04:30 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 04:30 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 04:30 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 04:30 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 04:30 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 04:30 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 04:30 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 04:30 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 04:30 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 04:30 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 04:30 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 04:30 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 04:30 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 04:30 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 04:30 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 04:30 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 04:30 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 04:30 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 04:30 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 04:30 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 04:30 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 04:30 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 04:30 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 04:30 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 04:30 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 04:30 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 04:30 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 04:30 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 04:30 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 04:30 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 04:30 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 04:30 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 04:30 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 04:30 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 04:30 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 04:30 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 04:30 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 04:30 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 04:30 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 04:30 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 04:30 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 04:30 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-09 04:32 - 2015-01-04 00:04 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-09 04:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-09-09 03:37 - 2014-12-01 22:28 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-09 02:00 - 2013-11-07 22:39 - 00000000 ____D C:\Users\Gaming\AppData\Local\Adobe
2015-09-09 01:27 - 2013-10-31 17:48 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-08 23:10 - 2012-07-26 12:27 - 00766266 _____ C:\Windows\system32\perfh007.dat
2015-09-08 23:10 - 2012-07-26 12:27 - 00159970 _____ C:\Windows\system32\perfc007.dat
2015-09-08 23:10 - 2012-07-26 09:28 - 01772788 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-08 18:12 - 2015-06-02 03:42 - 00000000 ____D C:\Users\Gaming\AppData\Roaming\DAEMON Tools Lite
2015-09-08 18:12 - 2014-05-25 22:43 - 00000000 ____D C:\Users\Gaming\AppData\Roaming\BitTorrent
2015-09-08 18:12 - 2013-10-31 19:30 - 00000000 ____D C:\Windows\Minidump
2015-09-08 18:12 - 2013-10-31 18:28 - 00000000 ____D C:\Users\Gaming\AppData\Roaming\TS3Client
2015-09-08 18:12 - 2013-10-31 17:11 - 00000000 ____D C:\Windows\Panther
2015-09-08 17:44 - 2015-04-28 01:27 - 00006469 _____ C:\Windows\SysWOW64\Gms.log
2015-09-08 17:42 - 2015-04-29 02:54 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-08 17:42 - 2015-04-27 21:36 - 00000000 ____D C:\MSI
2015-09-08 17:42 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-08 04:03 - 2013-11-21 00:07 - 00000000 ____D C:\Users\Gaming\Documents\My Games
2015-09-08 01:21 - 2015-04-27 22:14 - 00000080 _____ C:\Users\Gaming\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-09-07 17:39 - 2015-04-28 19:16 - 00591360 ___SH C:\Users\Gaming\Desktop\Thumbs.db
2015-09-07 17:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-07 17:22 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-06 21:32 - 2015-03-19 15:16 - 00000000 ____D C:\Users\Gaming\AppData\Roaming\Audacity
2015-09-06 10:09 - 2014-05-21 20:06 - 00000000 ____D C:\Users\Gaming\.gimp-2.8
2015-09-06 10:07 - 2014-05-21 20:07 - 00000000 ____D C:\Users\Gaming\AppData\Local\gtk-2.0
2015-09-06 09:59 - 2015-05-22 00:24 - 00000000 ____D C:\Users\Gaming\Desktop\csgo
2015-09-05 20:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\TAPI
2015-09-05 15:57 - 2015-04-30 22:24 - 00043520 ___SH C:\Users\Gaming\Downloads\Thumbs.db
2015-09-04 02:24 - 2014-06-21 17:44 - 00794408 _____ C:\Windows\SysWOW64\pbsvc.exe
2015-09-04 02:24 - 2014-05-25 17:37 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-09-04 02:24 - 2013-10-31 20:55 - 00075064 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-09-03 03:32 - 2014-12-01 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-03 03:32 - 2014-12-01 22:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-03 03:18 - 2013-11-06 20:56 - 00000000 ____D C:\Users\Gaming\AppData\Roaming\Skype
2015-09-02 01:55 - 2013-10-31 20:03 - 00000000 ____D C:\ProgramData\Origin
2015-09-02 01:34 - 2013-10-31 20:02 - 00000000 ____D C:\Program Files (x86)\Origin
2015-08-31 06:36 - 2014-05-25 17:37 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-08-31 01:22 - 2013-10-31 17:48 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-31 01:22 - 2013-10-31 17:48 - 00003870 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-31 01:22 - 2013-10-31 17:48 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 00:09 - 2014-05-25 17:37 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex4
2015-08-26 12:07 - 2013-11-06 20:56 - 00000000 ____D C:\ProgramData\Skype
2015-08-25 14:57 - 2013-10-31 17:50 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-08-25 00:45 - 2013-11-26 21:41 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-08-20 03:39 - 2015-04-27 22:14 - 00000000 ____D C:\Program Files\Rockstar Games
2015-08-20 03:39 - 2014-12-31 02:01 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-08-19 18:37 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-18 01:50 - 2015-02-16 02:57 - 00000000 ____D C:\Users\Gaming\AppData\Local\CyberGhost
2015-08-18 01:50 - 2013-10-31 17:14 - 00000000 ____D C:\Users\Gaming\AppData\Local\VirtualStore
2015-08-14 08:46 - 2013-11-03 12:18 - 00000000 ____D C:\Users\Gaming\AppData\Roaming\uTorrent
2015-08-13 15:22 - 2015-03-16 18:37 - 00000000 ____D C:\Windows\rescache
2015-08-13 10:34 - 2015-04-27 21:42 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 10:34 - 2015-04-27 21:42 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 10:34 - 2015-03-16 00:13 - 05047832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 10:34 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 10:34 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 10:34 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 10:34 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 11:57 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-12 09:15 - 2013-10-31 18:25 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 09:13 - 2013-10-31 18:25 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 09:11 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 09:11 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 12:49 - 2013-10-31 18:19 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-10-18 23:44 - 2014-11-01 20:34 - 0000132 _____ () C:\Users\Gaming\AppData\Roaming\Adobe Targa Format CS6 Prefs
2014-04-22 00:07 - 2014-07-19 17:43 - 0000305 _____ () C:\Users\Gaming\AppData\Roaming\BreakingPoint_Login.ini
2014-04-22 00:06 - 2014-07-19 18:33 - 0001668 _____ () C:\Users\Gaming\AppData\Roaming\BreakingPoint_Options.ini
2014-10-06 01:02 - 2014-10-06 01:02 - 0000099 _____ () C:\Users\Gaming\AppData\Roaming\LauncherSettings_live.cfg
2014-10-06 00:56 - 2014-10-06 00:57 - 0000040 _____ () C:\Users\Gaming\AppData\Roaming\TheHunterSettings_steam_live.cfg
2014-10-22 21:28 - 2014-10-22 21:28 - 0001456 _____ () C:\Users\Gaming\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-04-05 03:30 - 2015-05-06 13:47 - 1065984 _____ () C:\Users\Gaming\AppData\Local\file__0.localstorage
2015-09-06 10:07 - 2015-09-06 10:07 - 0003393 _____ () C:\Users\Gaming\AppData\Local\recently-used.xbel
2015-01-11 02:04 - 2015-01-11 02:04 - 0000017 _____ () C:\Users\Gaming\AppData\Local\resmon.resmoncfg
2015-04-29 02:36 - 2015-04-29 02:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Gaming\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpszghkq.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-04 03:56
==================== Ende von FRST.txt ============================ --- --- --- |