Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   WIN8.1: Malwarebytes Pro stoppt Zugänge zu bösartigen Seiten während Battle.net läuft (https://www.trojaner-board.de/146956-win8-1-malwarebytes-pro-stoppt-zugaenge-boesartigen-seiten-waehrend-battle-net-laeuft.html)

psychenic 30.12.2013 01:04
WIN8.1: Malwarebytes Pro stoppt Zugänge zu bösartigen Seiten während Battle.net läuft
 
Hi,

ich habe vor 2 Wochen eine neue SSD gekauft und Windows 8.1 installiert - das System ist also frisch.

Heute habe ich mit der Battle.net-Software von Blizzard Starcraft 2 heruntergeladen. Während des Downloads blockierte Malwarebytes Pro mehrmals Zugänge zu gefährlichen Seiten. Als Prozess wird agent.exe angezeigt, das ist die Bnet-Software. Wird der Download pausiert, ist Stille. MWB meckert nur bei der Bnet-Software ansonsten bei keinem anderen Programm.

Scans mit Avast und Malwarebytes Pro brachten keinen Fund hervor. Hoffe ihr könnt mir weiterhelfen. Schonmal besten Dank dafür.

Nachfolgend die Logs. FRST war zu groß, daher als Anhang.

Malwarebytes
Code:
2013/12/29 11:53:15 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 49621, Process: agent.exe)
2013/12/29 11:58:03 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 50446, Process: agent.exe)
2013/12/29 12:09:31 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 12:09:39 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 12:09:39 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 52476, Process: agent.exe)
2013/12/29 12:11:39 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 52848, Process: agent.exe)
2013/12/29 12:14:43 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 53410, Process: agent.exe)
2013/12/29 12:16:19 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.4 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 12:16:27 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.4 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 12:16:27 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.4 (Type: outgoing, Port: 53746, Process: agent.exe)
2013/12/29 12:18:27 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.4 (Type: outgoing, Port: 54140, Process: agent.exe)
2013/12/29 12:22:35 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.4 (Type: outgoing, Port: 54889, Process: agent.exe)
2013/12/29 12:33:39 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.6 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 12:33:47 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.6 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 12:33:47 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.6 (Type: outgoing, Port: 56949, Process: agent.exe)
2013/12/29 12:35:47 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.6 (Type: outgoing, Port: 57354, Process: agent.exe)
2013/12/29 12:38:51 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.6 (Type: outgoing, Port: 57916, Process: agent.exe)
2013/12/29 15:42:14 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 15:42:22 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 15:42:22 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 63709, Process: agent.exe)
2013/12/29 15:42:22 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 15:42:22 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 15:42:46 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 15:42:46 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 63798, Process: agent.exe)
2013/12/29 15:42:46 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:29:51 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 55292, Process: agent.exe)
2013/12/29 16:31:51 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 55719, Process: agent.exe)
2013/12/29 16:36:39 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.5 (Type: outgoing, Port: 56537, Process: agent.exe)
2013/12/29 16:42:31 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:42:31 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 57617, Process: agent.exe)
2013/12/29 16:42:39 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:42:47 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:42:55 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:43:03 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:43:03 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 57709, Process: agent.exe)
2013/12/29 16:43:03 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:43:03 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:43:11 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:43:11 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 16:43:19 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 57755, Process: agent.exe)
2013/12/29 16:46:15 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 58314, Process: agent.exe)
2013/12/29 17:28:40 +0100        RAFAEL-PC        Rafael        MESSAGE        Stopping protection
2013/12/29 17:28:40 +0100        RAFAEL-PC        Rafael        MESSAGE        Protection stopped successfully
2013/12/29 17:28:43 +0100        RAFAEL-PC        Rafael        MESSAGE        Stopping IP protection
2013/12/29 17:28:43 +0100        RAFAEL-PC        Rafael        MESSAGE        IP Protection stopped successfully
2013/12/29 17:39:28 +0100        RAFAEL-PC        Rafael        MESSAGE        Starting protection
2013/12/29 17:39:28 +0100        RAFAEL-PC        Rafael        MESSAGE        Protection started successfully
2013/12/29 17:39:32 +0100        RAFAEL-PC        Rafael        MESSAGE        Starting IP protection
2013/12/29 17:39:33 +0100        RAFAEL-PC        Rafael        MESSAGE        IP Protection started successfully
2013/12/29 17:40:33 +0100        RAFAEL-PC        (null)        MESSAGE        Starting protection
2013/12/29 17:40:33 +0100        RAFAEL-PC        (null)        MESSAGE        Protection started successfully
2013/12/29 17:40:33 +0100        RAFAEL-PC        (null)        MESSAGE        Starting IP protection
2013/12/29 17:40:34 +0100        RAFAEL-PC        (null)        MESSAGE        IP Protection started successfully
2013/12/29 18:12:20 +0100        RAFAEL-PC        (null)        MESSAGE        Starting protection
2013/12/29 18:12:20 +0100        RAFAEL-PC        (null)        MESSAGE        Protection started successfully
2013/12/29 18:12:20 +0100        RAFAEL-PC        (null)        MESSAGE        Starting IP protection
2013/12/29 18:12:21 +0100        RAFAEL-PC        (null)        MESSAGE        IP Protection started successfully
2013/12/29 18:28:13 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.3 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 18:28:13 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.3 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 18:28:21 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.3 (Type: outgoing, Port: 49875, Process: agent.exe)
2013/12/29 18:30:21 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 18:30:21 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.3 (Type: outgoing, Port: 50308, Process: agent.exe)
2013/12/29 18:30:21 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 50311, Process: agent.exe)
2013/12/29 18:32:21 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 50740, Process: agent.exe)
2013/12/29 18:33:01 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 18:33:01 +0100        RAFAEL-PC        Rafael        IP-BLOCK        91.188.56.146 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 18:33:25 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.3 (Type: outgoing, Port: 50936, Process: agent.exe)
2013/12/29 18:41:28 +0100        RAFAEL-PC        (null)        MESSAGE        Starting protection
2013/12/29 18:41:28 +0100        RAFAEL-PC        (null)        MESSAGE        Protection started successfully
2013/12/29 18:41:28 +0100        RAFAEL-PC        (null)        MESSAGE        Starting IP protection
2013/12/29 18:41:29 +0100        RAFAEL-PC        (null)        MESSAGE        IP Protection started successfully
2013/12/29 18:45:23 +0100        RAFAEL-PC        (null)        MESSAGE        Starting protection
2013/12/29 18:45:23 +0100        RAFAEL-PC        (null)        MESSAGE        Protection started successfully
2013/12/29 18:45:23 +0100        RAFAEL-PC        (null)        MESSAGE        Starting IP protection
2013/12/29 18:45:24 +0100        RAFAEL-PC        (null)        MESSAGE        IP Protection started successfully
2013/12/29 19:56:06 +0100        RAFAEL-PC        (null)        MESSAGE        Starting protection
2013/12/29 19:56:06 +0100        RAFAEL-PC        (null)        MESSAGE        Protection started successfully
2013/12/29 19:56:06 +0100        RAFAEL-PC        (null)        MESSAGE        Starting IP protection
2013/12/29 19:56:07 +0100        RAFAEL-PC        (null)        MESSAGE        IP Protection started successfully
2013/12/29 22:51:44 +0100        RAFAEL-PC        (null)        MESSAGE        Starting protection
2013/12/29 22:51:44 +0100        RAFAEL-PC        (null)        MESSAGE        Protection started successfully
2013/12/29 22:51:44 +0100        RAFAEL-PC        (null)        MESSAGE        Starting IP protection
2013/12/29 22:51:45 +0100        RAFAEL-PC        (null)        MESSAGE        IP Protection started successfully
2013/12/29 23:43:29 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.4 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 23:43:29 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.4 (Type: outgoing, Port: 6881, Process: agent.exe)
2013/12/29 23:45:45 +0100        RAFAEL-PC        Rafael        IP-BLOCK        41.203.69.4 (Type: outgoing, Port: 53653, Process: agent.exe)
2013/12/29 23:47:06 +0100        RAFAEL-PC        Rafael        MESSAGE        Executing scheduled update:  Daily
2013/12/29 23:47:17 +0100        RAFAEL-PC        Rafael        MESSAGE        Scheduled update executed successfully:  database updated from version v2013.12.28.06 to version v2013.12.29.06
2013/12/29 23:47:17 +0100        RAFAEL-PC        Rafael        MESSAGE        Starting database refresh
2013/12/29 23:47:17 +0100        RAFAEL-PC        Rafael        MESSAGE        Stopping IP protection
2013/12/29 23:47:17 +0100        RAFAEL-PC        Rafael        MESSAGE        IP Protection stopped successfully
2013/12/29 23:47:19 +0100        RAFAEL-PC        Rafael        MESSAGE        Database refreshed successfully
2013/12/29 23:47:19 +0100        RAFAEL-PC        Rafael        MESSAGE        Starting IP protection
2013/12/29 23:47:20 +0100        RAFAEL-PC        Rafael        MESSAGE        IP Protection started successfully
2013/12/29 23:48:20 +0100        RAFAEL-PC        (null)        MESSAGE        Starting protection
2013/12/29 23:48:20 +0100        RAFAEL-PC        (null)        MESSAGE        Protection started successfully
2013/12/29 23:48:20 +0100        RAFAEL-PC        (null)        MESSAGE        Starting IP protection
2013/12/29 23:48:21 +0100        RAFAEL-PC        (null)        MESSAGE        IP Protection started successfully
Defogger
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:27 on 30/12/2013 (Admin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
GMER

Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-12-30 00:39:00
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000028 Samsung_SSD_840_EVO_500GB rev.EXT0BB6Q 465,76GB
Running: xe2ew767.exe; Driver: C:\Users\Admin\AppData\Local\Temp\uxlyqpow.sys


---- Kernel code sections - GMER 2.1 ----

.text  C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                              fffff96000173700 15 bytes [00, EA, 0F, 02, 00, 7F, 6F, ...]
.text  C:\Windows\System32\win32k.sys!W32pServiceTable + 16                                                                                        fffff96000173710 11 bytes [00, 1F, FC, FF, 80, 52, DE, ...]

---- User code sections - GMER 2.1 ----

.text  C:\Windows\system32\wininit.exe[612] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\services.exe[672] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\lsass.exe[704] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                    00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[796] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[836] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\nvvsvc.exe[984] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                    00007ffe1c18977d 1 byte [62]
.text  C:\Windows\System32\svchost.exe[348] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[536] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[848] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\System32\svchost.exe[1052] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[1200] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\System32\spoolsv.exe[1440] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\System32\spoolsv.exe[1440] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                00007ffe1ce1169a 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\System32\spoolsv.exe[1440] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                00007ffe1ce116a2 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\System32\spoolsv.exe[1440] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                    00007ffe1ce1181a 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\System32\spoolsv.exe[1440] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                    00007ffe1ce11832 4 bytes [E1, 1C, FE, 7F]
.text  C:\Program Files\Bonjour\mDNSResponder.exe[1772] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                      00007ffe1c18977d 1 byte [62]
.text  C:\Program Files\Intel\iCLS Client\HeciServer.exe[1820] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[1040] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[2512] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\System32\WUDFHost.exe[2632] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\SearchIndexer.exe[3504] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                            00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\winlogon.exe[4872] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\dwm.exe[1936] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                      00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\dwm.exe[1936] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                    00007ffe1ce1169a 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\system32\dwm.exe[1936] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                    00007ffe1ce116a2 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\system32\dwm.exe[1936] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                        00007ffe1ce1181a 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\system32\dwm.exe[1936] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                        00007ffe1ce11832 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\Explorer.EXE[3076] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                          00007ffe1c18977d 1 byte [62]
.text  C:\Windows\Explorer.EXE[3076] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                        00007ffe1ce1169a 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\Explorer.EXE[3076] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                        00007ffe1ce116a2 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\Explorer.EXE[3076] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                            00007ffe1ce1181a 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\Explorer.EXE[3076] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                            00007ffe1ce11832 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\system32\DllHost.exe[3864] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\System32\skydrive.exe[3568] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                00007ffe1c18977d 1 byte [62]
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4916] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                        00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\nvvsvc.exe[1208] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\nvvsvc.exe[1208] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                  00007ffe1ce1169a 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\system32\nvvsvc.exe[1208] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                  00007ffe1ce116a2 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\system32\nvvsvc.exe[1208] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                    00007ffe1ce1181a 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\system32\nvvsvc.exe[1208] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                    00007ffe1ce11832 4 bytes [E1, 1C, FE, 7F]
.text  C:\Windows\System32\RuntimeBroker.exe[4996] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                            00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\taskhostex.exe[4292] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                              00007ffe1c18977d 1 byte [62]
.text  C:\Windows\System\HsMgr64.exe[2748] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                    00007ffe1c18977d 1 byte [62]
.text  C:\Windows\System\HsMgr64.exe[2748] C:\Windows\SYSTEM32\combase.dll!CoCreateInstance                                                        00007ffe1c6122d0 7 bytes JMP 00007fff1c3b00d8
.text  C:\Windows\System\HsMgr64.exe[2748] C:\Windows\SYSTEM32\combase.dll!CoCreateInstanceEx                                                      00007ffe1c658130 7 bytes JMP 00007fff1c3b0110
.text  C:\Windows\System\HsMgr64.exe[2748] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundCreate8                                                        00007ffe061aae88 7 bytes JMP 00007ffe1c3b0180
.text  C:\Windows\System\HsMgr64.exe[2748] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundCaptureCreate8                                                00007ffe061b1d10 7 bytes JMP 00007ffe1c3b05a8
.text  C:\Windows\System\HsMgr64.exe[2748] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundCaptureCreate                                                  00007ffe061bd2dc 7 bytes JMP 00007ffe1c3b0570
.text  C:\Windows\System\HsMgr64.exe[2748] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundCreate                                                        00007ffe061bd3ec 7 bytes JMP 00007ffe1c3b0148
.text  C:\Windows\System\HsMgr64.exe[2748] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundFullDuplexCreate                                              00007ffe061bd4fc 5 bytes JMP 00007ffe1c3b05e0
.text  C:\Windows\System32\SettingSyncHost.exe[2072] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                          00007ffe1c18977d 1 byte [62]
.text  C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe[4504] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 165          00007ffe1c18977d 1 byte [62]
.text  C:\Windows\system32\AUDIODG.EXE[3492] C:\Windows\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 165                                                  00007ffe1c18977d 1 byte [62]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [4400:4524]                                                                                                    fffff960008964d0
Thread  C:\Windows\System32\SettingSyncHost.exe [2072:1312]                                                                                          00007ffe12c36b7c

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime                                                                            0x47 0xE8 0xBB 0x27 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime                                                                              0xCF 0x10 0xBC 0x27 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime                                                                          0xD9 0x6A 0x5C 0x9E ...
Reg    HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime                                                                        0x76 0x0A 0x5C 0x9E ...
Reg    HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@de-DE                                                                        67
Reg    HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\SAM0524H9MZB01769_2C_07DA_7B^B0FBC157F3DA4B297EEB2AAE124810DF@Timestamp  0x50 0x2E 0xBB 0x28 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid                                                                                            716
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{4AADC1B1-8BD0-46EE-A026-805ACF90A363}\Connection@Name  isatap.{7379E095-4DF4-42D1-922B-19145A1AB9C1}
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations                                                            \??\C:\Users\Admin\AppData\Local\Temp\~nsu.tmp\Au_.exe??\??\C:\Users\Admin\AppData\Local\Temp\~nsu.tmp??
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber                                                          3900045
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                            -591502326
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId                                            69
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime                                          400436220
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime                                                                        4289
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime                                                                      3929
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID                                                                            ba14877a-83c4-484b-9f99-ecd32ad
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId                                                                        1
Reg    HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AITEventLog@FileCounter                                                                3
Reg    HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\SQMLogger@FileCounter                                                                  9
Reg    HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter                                                              3
Reg    HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters@BootCounter                                                                        56
Reg    HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{915a6fed-b040-412a-9190-ff6a9533e885}@LastProbeTime                        1388357503
Reg    HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{4AADC1B1-8BD0-46EE-A026-805ACF90A363}@InterfaceName                      isatap.{7379E095-4DF4-42D1-922B-19145A1AB9C1}
Reg    HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{4AADC1B1-8BD0-46EE-A026-805ACF90A363}@ReusableType                        0
Reg    HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{4AADC1B1-8BD0-46EE-A026-805ACF90A363}@DefunctTimestamp                    0x95 0x4D 0xC0 0x52 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime                                                              ?So?, ?Dez ?29 ?13, 10:52:35???????????????????????????????????
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                              1429
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                            204
Reg    HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence                                                                      68
Reg    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7379E095-4DF4-42D1-922B-19145A1AB9C1}@LeaseObtainedTime                  1388353902
Reg    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7379E095-4DF4-42D1-922B-19145A1AB9C1}@T1                                -759129747
Reg    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7379E095-4DF4-42D1-922B-19145A1AB9C1}@T2                                1925224813
Reg    HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop                                                            0

---- EOF - GMER 2.1 ----
FRST Addition
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013 01
Ran by Admin at 2013-12-30 00:28:27
Running from C:\Users\Rafael\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS Xonar DGX Audio (x32 Version:  - )
avast! Internet Security (x32 Version: 9.0.2011 - Avast Software)
Batman™: Arkham Origins (x32 Version:  - WB Games Montreal)
Battle.net (x32 Version:  - Blizzard Entertainment)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (x32 Version:  - )
Canon IJ Network Tool (x32 Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 5.1 (x32 Version:  - )
Canon MX890 series MP Drivers (Version:  - Canon Inc.)
Diablo III (x32 Version:  - Blizzard Entertainment)
Endless Space (x32 Version:  - AMPLITUDE Studios)
Fraps (remove only) (x32 Version:  - )
Guild Wars 2 (x32 Version:  - NCsoft Corporation, Ltd.)
Hearthstone (x32 Version:  - Blizzard Entertainment)
iCloud (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Smart Connect Technology (Version: 4.2.40.2439 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
KeePass Password Safe 1.26 (x32 Version: 1.26 - Dominik Reichl)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.)
Logitech Gaming Software 8.51 (Version: 8.51.5 - Logitech Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (x32 Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.2.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
NVIDIA Grafiktreiber 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.82 (Version: 331.82 - NVIDIA Corporation)
OpenAL (x32 Version:  - )
Path of Exile (x32 Version:  - Grinding Gear Games)
Realtek Ethernet Controller Driver (x32 Version: 8.20.815.2013 - Realtek)
Sid Meier's Civilization V (x32 Version:  - 2K Games, Inc.)
StarCraft II (x32 Version:  - Blizzard Entertainment)
Steam (x32 Version:  - Valve Corporation)
SteelSeries Engine (Version: 2.8.171.34768 - SteelSeries)
TeamViewer 9 (x32 Version: 9.0.24951 - TeamViewer)
The Lord of the Rings Online™ (x32 Version:  - Turbine, Inc.)
The Lord of the Rings Online™ v03.08.00.8029 (x32 Version: 03.08.00.8029 - Turbine, Inc.)
Torchlight II (x32 Version:  - Runic Games)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
World of Warcraft (x32 Version:  - Blizzard Entertainment)

==================== Restore Points  =========================

18-12-2013 16:55:44 Installiert ASUS Xonar DGX Audio
18-12-2013 17:16:37 Windows-Sicherung
18-12-2013 21:18:41 Windows-Sicherung
21-12-2013 16:48:16 DirectX wurde installiert
22-12-2013 19:25:26 DirectX wurde installiert
25-12-2013 12:06:04 DirectX wurde installiert
29-12-2013 10:51:30 Windows Update

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B4B5ADC-EDDE-4FDA-A1A7-B1C96A813727} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-18] (AVAST Software)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1B26865A-EF0F-41FC-A74E-9818CC4FB8E6} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {1EE4C4D8-AE70-4E0E-A6E9-8F701BD0CB15} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-01] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5B0A7E4C-ED36-4B08-9C66-C09FF7FBCC57} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7F2422DD-3041-479A-BC97-FC2290DB14B6} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {BB958513-107E-4C9A-B63B-5791E8C56001} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-25] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-11-05 18:19 - 2013-11-05 18:19 - 00708096 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2013-12-18 20:40 - 2013-12-18 20:40 - 00089915 _____ () C:\Users\Rafael\AppData\Local\Temp\10d2ca4a-28d7-4d81-8c1e-dc42bb6c83fc\CliSecureRT64.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00280064 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 06:46 - 2013-01-10 06:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 09562112 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 06:46 - 2013-01-10 06:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2013-12-29 15:16 - 2013-12-29 13:54 - 02153984 _____ () C:\Program Files\AVAST Software\Avast\defs\13122900\algo.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-18 17:50 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-12-18 17:55 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DGX Audio\Customapp\VmixP8.dll
2013-12-18 18:41 - 2013-12-18 18:41 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-29 22:58 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Rafael\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/29/2013 11:04:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.16441, Zeitstempel: 0x5265dec8
Name des fehlerhaften Moduls: PlayToDevice.dll, Version: 12.0.9600.16384, Zeitstempel: 0x5215d4ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018295
ID des fehlerhaften Prozesses: 0x160
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (12/29/2013 10:54:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (12/29/2013 09:00:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (12/29/2013 09:00:20 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (12/29/2013 09:00:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (12/29/2013 09:00:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (12/29/2013 07:29:17 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (12/29/2013 01:20:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TurbineLauncher.exe, Version: 1201.54.1950.4009, Zeitstempel: 0x52a7fd34
Name des fehlerhaften Moduls: patchclient.DLL, Version: 3.0.1.8, Zeitstempel: 0x5284f609
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00024359
ID des fehlerhaften Prozesses: 0x11ec
Startzeit der fehlerhaften Anwendung: 0xTurbineLauncher.exe0
Pfad der fehlerhaften Anwendung: TurbineLauncher.exe1
Pfad des fehlerhaften Moduls: TurbineLauncher.exe2
Berichtskennung: TurbineLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: TurbineLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TurbineLauncher.exe5

Error: (12/28/2013 04:43:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TurbineLauncher.exe, Version: 1201.54.1950.4009, Zeitstempel: 0x52a7fd34
Name des fehlerhaften Moduls: patchclient.DLL, Version: 3.0.1.8, Zeitstempel: 0x5284f609
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00024359
ID des fehlerhaften Prozesses: 0x86c
Startzeit der fehlerhaften Anwendung: 0xTurbineLauncher.exe0
Pfad der fehlerhaften Anwendung: TurbineLauncher.exe1
Pfad des fehlerhaften Moduls: TurbineLauncher.exe2
Berichtskennung: TurbineLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: TurbineLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TurbineLauncher.exe5

Error: (12/28/2013 02:32:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TurbineLauncher.exe, Version: 1201.54.1950.4009, Zeitstempel: 0x52a7fd34
Name des fehlerhaften Moduls: patchclient.DLL, Version: 3.0.1.8, Zeitstempel: 0x5284f609
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00024359
ID des fehlerhaften Prozesses: 0x10b8
Startzeit der fehlerhaften Anwendung: 0xTurbineLauncher.exe0
Pfad der fehlerhaften Anwendung: TurbineLauncher.exe1
Pfad des fehlerhaften Moduls: TurbineLauncher.exe2
Berichtskennung: TurbineLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: TurbineLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TurbineLauncher.exe5


System errors:
=============
Error: (12/29/2013 11:48:22 PM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "RAFAEL-PC" auf Transport "NetBT_Tcpip_{7379E095-4DF4-42D1-922B-19145A1AB9C1}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (12/29/2013 05:59:40 PM) (Source: DCOM) (User: Rafael-PC)
Description: AnwendungsspezifischLokalAktivierung{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Rafael-PCRafaelS-1-5-21-3784432251-2332202779-1408902637-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2013 05:59:40 PM) (Source: DCOM) (User: Rafael-PC)
Description: AnwendungsspezifischLokalAktivierung{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Rafael-PCRafaelS-1-5-21-3784432251-2332202779-1408902637-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2013 05:59:18 PM) (Source: DCOM) (User: Rafael-PC)
Description: AnwendungsspezifischLokalAktivierung{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Rafael-PCRafaelS-1-5-21-3784432251-2332202779-1408902637-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2013 05:59:18 PM) (Source: DCOM) (User: Rafael-PC)
Description: AnwendungsspezifischLokalAktivierung{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Rafael-PCRafaelS-1-5-21-3784432251-2332202779-1408902637-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/29/2013 10:15:39 AM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "RAFAEL-PC" auf Transport "NetBT_Tcpip_{7379E095-4DF4-42D1-922B-19145A1AB9C1}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (12/28/2013 10:44:18 AM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "RAFAEL-PC" auf Transport "NetBT_Tcpip_{7379E095-4DF4-42D1-922B-19145A1AB9C1}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (12/28/2013 10:19:35 AM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "RAFAEL-PC" auf Transport "NetBT_Tcpip_{7379E095-4DF4-42D1-922B-19145A1AB9C1}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (12/27/2013 10:43:57 PM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "RAFAEL-PC" auf Transport "NetBT_Tcpip_{7379E095-4DF4-42D1-922B-19145A1AB9C1}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (12/27/2013 10:38:14 PM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "RAFAEL-PC" auf Transport "NetBT_Tcpip_{7379E095-4DF4-42D1-922B-19145A1AB9C1}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.


Microsoft Office Sessions:
=========================
Error: (12/29/2013 11:04:07 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.3.9600.164415265dec8PlayToDevice.dll12.0.9600.163845215d4cec0000005000000000001829516001cf04e031485310C:\Windows\Explorer.EXEC:\Windows\System32\PlayToDevice.dll230f2932-70d5-11e3-828d-bc5ff44a1d11

Error: (12/29/2013 10:54:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Rafael\Downloads\esetsmartinstaller_deu.exe

Error: (12/29/2013 09:00:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Rafael\Downloads\esetsmartinstaller_deu.exe

Error: (12/29/2013 09:00:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Rafael\Downloads\esetsmartinstaller_deu.exe

Error: (12/29/2013 09:00:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Rafael\Downloads\esetsmartinstaller_deu.exe

Error: (12/29/2013 09:00:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Rafael\Downloads\esetsmartinstaller_deu.exe

Error: (12/29/2013 07:29:17 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT-AUTORITÄT)
Description: -2147024883

Error: (12/29/2013 01:20:46 PM) (Source: Application Error)(User: )
Description: TurbineLauncher.exe1201.54.1950.400952a7fd34patchclient.DLL3.0.1.85284f609c00000050002435911ec01cf049056997c37C:\Spiele\Steam\steamapps\common\Lord of the Rings Online\TurbineLauncher.exeC:\Spiele\Steam\steamapps\common\Lord of the Rings Online\patchclient.DLLa4d2ca9c-7083-11e3-8287-bc5ff44a1d11

Error: (12/28/2013 04:43:44 PM) (Source: Application Error)(User: )
Description: TurbineLauncher.exe1201.54.1950.400952a7fd34patchclient.DLL3.0.1.85284f609c00000050002435986c01cf03e387494385C:\Spiele\Steam\steamapps\common\Lord of the Rings Online\TurbineLauncher.exeC:\Spiele\Steam\steamapps\common\Lord of the Rings Online\patchclient.DLLd4b462b2-6fd6-11e3-8284-bc5ff44a1d11

Error: (12/28/2013 02:32:40 PM) (Source: Application Error)(User: )
Description: TurbineLauncher.exe1201.54.1950.400952a7fd34patchclient.DLL3.0.1.85284f609c00000050002435910b801cf03d134451d81C:\Spiele\Steam\steamapps\common\Lord of the Rings Online\TurbineLauncher.exeC:\Spiele\Steam\steamapps\common\Lord of the Rings Online\patchclient.DLL8563b163-6fc4-11e3-8284-bc5ff44a1d11


==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 8077.82 MB
Available physical RAM: 6191.73 MB
Total Pagefile: 9357.82 MB
Available Pagefile: 7401.43 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: (Windows 8.1) (Fixed) (Total:465.42 GB) (Free:307.1 GB) NTFS
Drive f: (Elements) (Fixed) (Total:931.51 GB) (Free:835.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 42877442)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 0002846E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 30.12.2013 04:04
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

psychenic 30.12.2013 09:21
Guten Morgen,

als ich die FRST als Code einbetten wollte, erhielt ich die Fehlermeldung die FRST wäre mit 138523 Zeichen zu groß, Logs sollten daher als Archiv angehängt werden. War daher etwas irritiert. Entschuldigung. Ich teile das Log nun auf.

FRST Teil 1
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Admin (administrator) on RAFAEL-PC on 30-12-2013 00:28:03
Running from C:\Users\Rafael\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(CMedia) C:\Program Files\ASUS Xonar DGX Audio\Customapp\AsusAudioCenter.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Cmaudio8788] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\SysWOW64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\System\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-18] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [468112 2011-07-25] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [SteelSeries Engine] - C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xECDF7AAA22FCCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xwha8mnp.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Bluhell Firewall - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xwha8mnp.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xwha8mnp.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xwha8mnp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-18] (AVAST Software)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-18] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-18] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-30 00:28 - 2013-12-30 00:28 - 00010476 _____ C:\Users\Rafael\Downloads\FRST.txt
2013-12-30 00:27 - 2013-12-30 00:27 - 00000472 _____ C:\Users\Rafael\Downloads\defogger_disable.log
2013-12-30 00:27 - 2013-12-30 00:27 - 00000000 ____D C:\FRST
2013-12-30 00:27 - 2013-12-30 00:27 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-12-30 00:18 - 2013-12-30 00:18 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2013-12-30 00:14 - 2013-12-30 00:14 - 00377856 _____ C:\Users\Rafael\Downloads\xe2ew767.exe
2013-12-30 00:13 - 2013-12-30 00:14 - 01931302 _____ (Farbar) C:\Users\Rafael\Downloads\FRST64.exe
2013-12-30 00:13 - 2013-12-30 00:13 - 00050477 _____ C:\Users\Rafael\Downloads\Defogger.exe
2013-12-29 22:58 - 2013-12-29 22:58 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Mozilla
2013-12-29 22:58 - 2013-12-29 22:58 - 00000000 ____D C:\Users\Rafael\AppData\Local\Mozilla
2013-12-29 22:58 - 2013-12-29 22:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2013-12-29 17:33 - 2013-12-29 17:33 - 00013205 _____ C:\Users\Admin\Downloads\scan.log
2013-12-29 15:40 - 2013-12-29 15:40 - 00000000 ____D C:\Users\Rafael\Documents\StarCraft II
2013-12-29 13:26 - 2013-12-29 13:26 - 00000209 _____ C:\Users\Rafael\Desktop\Torchlight II.url
2013-12-29 01:59 - 2013-12-29 01:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-29 01:59 - 2013-12-29 01:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-28 20:33 - 2013-12-28 20:33 - 00000209 _____ C:\Users\Rafael\Desktop\Path of Exile.url
2013-12-27 22:52 - 2013-12-27 22:52 - 00000713 _____ C:\Users\Rafael\Desktop\Guild Wars 2.lnk
2013-12-27 16:44 - 2013-12-27 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-27 16:44 - 2013-12-27 16:44 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-27 16:44 - 2013-11-14 12:57 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-12-27 16:44 - 2013-11-14 12:57 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-12-27 16:44 - 2013-11-14 12:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-27 16:44 - 2013-11-14 12:56 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00357152 _____ C:\Windows\system32\NvIFROpenGL.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00314656 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-12-27 16:44 - 2013-11-14 12:56 - 00023754 _____ C:\Windows\system32\nvinfo.pb
2013-12-27 16:44 - 2013-11-11 16:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-12-27 16:44 - 2013-11-11 16:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-12-27 16:44 - 2013-11-11 16:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin
2013-12-27 16:44 - 2013-11-11 16:01 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-12-27 16:44 - 2013-11-11 16:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-12-27 16:44 - 2013-11-11 16:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-12-27 16:44 - 2013-11-11 16:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-12-27 15:32 - 2013-12-27 15:32 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-27 15:30 - 2013-12-27 15:30 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-12-27 11:44 - 2013-12-27 11:44 - 00000000 ____D C:\Program Files\hw64_431_2063
2013-12-26 23:50 - 2013-12-26 23:50 - 00000000 ____D C:\Users\Rafael\AppData\Local\Blizzard
2013-12-25 17:06 - 2013-12-25 17:07 - 00000213 _____ C:\Users\Rafael\Desktop\The Lord of the Rings Online.url
2013-12-25 16:31 - 2013-12-26 22:52 - 00000000 ____D C:\Users\Rafael\AppData\Local\The Lord of the Rings Online
2013-12-25 16:01 - 2013-12-25 16:01 - 00000000 ____D C:\Users\Rafael\AppData\Local\Macromedia
2013-12-25 16:00 - 2013-12-30 00:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-25 16:00 - 2013-12-25 16:00 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-25 15:59 - 2013-12-25 16:00 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2013-12-25 13:10 - 2013-12-25 16:39 - 00000000 ____D C:\Users\Rafael\Documents\The Lord of the Rings Online
2013-12-25 13:06 - 2013-12-25 16:12 - 00000000 ____D C:\Users\Rafael\AppData\Local\Turbine
2013-12-25 13:06 - 2013-12-25 13:06 - 01804472 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-25 13:06 - 2013-12-25 13:06 - 00000094 _____ C:\Users\Rafael\AppData\Local\fusioncache.dat
2013-12-25 13:06 - 2013-12-25 13:06 - 00000093 _____ C:\Users\Admin\AppData\Local\fusioncache.dat
2013-12-24 16:27 - 2013-12-24 16:27 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Thunderbird
2013-12-24 16:27 - 2013-12-24 16:27 - 00000000 ____D C:\Users\Rafael\AppData\Local\Thunderbird
2013-12-24 16:27 - 2013-12-24 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-24 15:53 - 2013-12-30 00:25 - 00000000 __RDO C:\Users\Rafael\SkyDrive
2013-12-24 08:26 - 2013-12-24 18:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-24 08:26 - 2013-12-24 08:26 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-22 21:02 - 2013-12-29 14:07 - 00000000 ____D C:\Users\Rafael\Documents\My Games
2013-12-22 21:02 - 2013-12-22 21:02 - 00000000 ____D C:\Users\Rafael\AppData\Local\My Games
2013-12-22 20:27 - 2013-12-22 20:27 - 00000000 ____D C:\Users\Rafael\Documents\Endless Space
2013-12-22 13:40 - 2013-12-22 13:40 - 00000207 _____ C:\Users\Rafael\Desktop\Sid Meier's Civilization V.url
2013-12-22 11:03 - 2013-12-22 11:03 - 00000209 _____ C:\Users\Rafael\Desktop\Endless Space.url
2013-12-21 22:11 - 2013-12-21 22:11 - 00000000 ____D C:\Users\Rafael\Documents\Guild Wars 2
2013-12-21 22:11 - 2013-12-21 22:11 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Guild Wars 2
2013-12-21 22:11 - 2013-12-21 22:11 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Guild Wars 2
2013-12-21 17:48 - 2013-12-22 21:02 - 00044997 _____ C:\Windows\DirectX.log
2013-12-21 17:48 - 2013-12-21 17:48 - 00000000 ____D C:\Users\Rafael\Documents\WB Games
2013-12-21 17:48 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-12-21 17:48 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-12-21 17:48 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-12-21 17:48 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-12-21 17:48 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-12-21 17:48 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-12-21 17:48 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-12-21 17:48 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-12-21 17:48 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-12-21 17:48 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-12-21 17:48 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-12-21 17:48 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-12-21 17:48 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-12-21 17:48 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-12-21 17:48 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-12-21 17:48 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-12-21 17:48 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-12-21 17:48 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-12-21 17:48 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-12-21 17:48 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-12-21 17:48 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-12-21 17:48 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-12-21 17:48 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-12-21 17:48 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-12-21 17:48 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-12-21 17:48 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-12-21 17:48 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-12-21 17:48 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-12-21 17:48 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-12-21 17:48 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-12-21 17:48 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-12-21 17:48 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-12-21 17:48 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-12-21 17:48 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-12-21 17:48 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-12-21 17:48 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-12-21 17:48 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-12-21 17:48 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-12-21 17:48 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-12-21 17:48 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-12-21 17:48 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-12-21 17:48 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-12-21 17:48 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-12-21 17:48 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-12-21 17:48 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-12-21 17:48 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-12-21 17:48 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-12-21 17:48 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-12-21 17:48 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-12-21 17:48 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-12-21 17:48 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-12-21 17:48 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-12-21 17:48 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-12-21 17:48 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-12-21 17:48 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-12-21 17:48 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-12-21 17:48 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-12-21 17:48 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-12-21 17:48 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-12-21 17:48 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-12-21 17:48 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-12-21 17:48 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-12-21 17:48 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-12-21 17:48 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-12-21 17:48 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-12-21 17:48 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-12-21 17:48 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-12-21 17:48 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-12-21 17:48 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-12-21 17:48 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-12-21 17:48 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-12-21 17:48 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-12-21 17:48 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-12-21 17:48 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-12-21 17:48 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-12-21 17:48 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-12-21 17:48 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-12-21 17:48 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-12-21 17:48 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-12-21 17:48 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-12-21 17:48 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-12-21 17:48 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-12-21 17:48 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-12-21 17:48 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-12-21 17:48 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-12-21 17:48 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-12-21 17:48 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-12-21 17:48 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-12-21 17:48 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-12-21 17:48 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-12-21 17:48 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-12-21 17:48 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-12-21 17:48 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-12-21 17:48 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-12-21 17:48 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-12-21 17:48 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-12-21 17:48 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-12-21 17:48 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-12-21 17:48 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-12-21 17:48 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-12-21 17:48 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-12-21 17:48 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-12-21 17:48 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-12-21 17:48 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-12-21 17:48 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-12-21 17:48 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-12-21 17:48 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-12-21 17:48 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-12-21 17:48 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-12-21 17:48 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-12-21 17:48 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-12-21 17:48 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-12-21 17:48 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-12-21 17:48 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-12-21 17:48 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-12-21 17:48 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-12-21 17:48 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-12-21 17:48 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-12-21 17:48 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-12-21 17:48 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-12-21 17:48 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-12-21 17:48 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-12-21 17:48 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-12-21 17:48 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-12-21 17:48 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-12-21 17:48 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-12-21 17:48 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-12-21 17:48 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-12-21 17:48 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-12-21 17:48 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-12-21 17:48 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-12-21 17:48 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-12-21 17:48 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-12-21 17:48 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-12-21 17:48 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-12-21 17:48 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-12-21 17:48 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-12-21 17:48 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-12-21 17:48 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-12-21 17:48 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-12-21 17:48 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-12-21 17:48 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-12-21 17:48 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-12-21 17:48 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-12-21 17:48 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-12-21 17:48 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-12-21 17:48 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-12-21 17:48 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-12-21 17:48 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-12-21 17:48 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-12-21 17:48 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-12-21 17:48 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-12-21 17:48 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-12-21 17:48 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-12-21 17:48 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-12-21 17:48 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-12-21 17:48 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-12-21 17:48 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-12-21 17:48 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-12-21 17:48 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-12-21 17:48 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-12-21 17:48 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-12-21 17:48 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-12-21 17:48 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-12-21 11:19 - 2013-12-21 11:19 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-12-21 11:19 - 2013-12-21 11:19 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Canon
2013-12-21 00:27 - 2013-12-21 00:27 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\iMobie
2013-12-21 00:27 - 2013-12-21 00:27 - 00000000 ____D C:\Users\Rafael\AppData\Local\iMobie_Inc

psychenic 30.12.2013 09:23
FRST Teil 2
Code:
2013-12-20 23:54 - 2013-12-29 23:04 - 00000000 ____D C:\Users\Rafael\AppData\Local\CrashDumps
2013-12-20 23:54 - 2013-12-20 23:54 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\WindSolutions
2013-12-20 23:54 - 2013-12-20 23:54 - 00000000 ____D C:\ProgramData\WindSolutions
2013-12-20 23:09 - 2013-12-20 23:09 - 00000209 _____ C:\Users\Rafael\Desktop\Batman Arkham Origins.url
2013-12-18 22:37 - 2013-12-18 22:37 - 00000000 ____D C:\Windows\medias
2013-12-18 22:37 - 2013-12-18 22:37 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2013-12-18 22:37 - 2011-09-21 09:19 - 00122880 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_AZU.dll
2013-12-18 22:37 - 2011-09-21 08:06 - 00424448 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_AZL.dll
2013-12-18 22:37 - 2011-05-31 16:48 - 00070656 _____ C:\Windows\SysWOW64\CNC175ED.TBL
2013-12-18 22:37 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2013-12-18 22:36 - 2013-12-18 22:36 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-18 22:36 - 2013-12-18 22:36 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-18 22:36 - 2013-12-18 22:36 - 00000000 ____D C:\Windows\system32\STRING
2013-12-18 22:36 - 2012-06-14 17:18 - 00366592 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2013-12-18 22:36 - 2012-06-14 17:18 - 00359936 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2013-12-18 22:36 - 2012-06-14 17:18 - 00039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2013-12-18 22:35 - 2013-12-21 11:15 - 00000000 ____D C:\Program Files (x86)\Canon
2013-12-18 22:16 - 2013-12-18 22:16 - 00001158 _____ C:\Users\Admin\Desktop\dfrgui.lnk
2013-12-18 22:16 - 2013-12-18 22:16 - 00001116 _____ C:\Users\Admin\Desktop\Disk Cleanup.lnk
2013-12-18 22:14 - 2013-12-18 22:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\KeePass
2013-12-18 22:02 - 2013-12-29 00:55 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\TS3Client
2013-12-18 22:02 - 2013-12-18 22:02 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-12-18 22:02 - 2013-12-18 22:02 - 00000000 ____D C:\Users\Rafael\AppData\Local\TeamSpeak 3 Client
2013-12-18 21:59 - 2013-12-18 21:59 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Malwarebytes
2013-12-18 21:55 - 2013-12-18 21:55 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2013-12-18 21:55 - 2013-12-18 21:55 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-12-18 21:55 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAZ.DLL
2013-12-18 21:55 - 2011-09-21 05:00 - 00302592 _____ (CANON INC.) C:\Windows\system32\CNCALAZ.DLL
2013-12-18 21:35 - 2013-12-18 21:35 - 00000000 ____D C:\Program Files (x86)\Fraps
2013-12-18 21:30 - 2013-12-18 21:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-18 21:23 - 2013-12-18 21:28 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\KeePass
2013-12-18 21:23 - 2013-12-18 21:24 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe
2013-12-18 21:09 - 2013-12-27 22:35 - 00000000 ____D C:\Users\Rafael\AppData\Local\Apple
2013-12-18 20:57 - 2013-12-18 20:57 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple Computer
2013-12-18 20:57 - 2013-12-18 20:57 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-18 20:51 - 2013-12-18 20:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-12-18 20:40 - 2013-12-18 20:40 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\SteelSeries
2013-12-18 20:40 - 2013-12-18 20:40 - 00000000 ____D C:\Users\Rafael\AppData\Local\SteelSeries_ApS
2013-12-18 20:16 - 2013-12-30 00:09 - 00000000 ____D C:\Users\Rafael\AppData\Local\Battle.net
2013-12-18 20:16 - 2013-12-29 15:40 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-18 20:16 - 2013-12-25 13:05 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Battle.net
2013-12-18 20:16 - 2013-12-18 20:16 - 00000000 ____D C:\Users\Rafael\AppData\Local\Blizzard Entertainment
2013-12-18 20:14 - 2013-12-18 20:14 - 00000000 ____D C:\ProgramData\Battle.net
2013-12-18 20:12 - 2013-12-21 17:48 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\NVIDIA
2013-12-18 20:12 - 2013-12-18 20:12 - 00000000 ____D C:\Users\Rafael\AppData\Local\Logitech
2013-12-18 20:03 - 2013-12-18 20:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA
2013-12-18 20:03 - 2013-12-18 20:03 - 00000000 ____D C:\Users\Admin\AppData\Local\Logitech
2013-12-18 20:03 - 2013-12-18 20:03 - 00000000 ____D C:\ProgramData\LogiShrd
2013-12-18 20:00 - 2013-12-18 20:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2013-12-18 20:00 - 2013-12-18 20:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd
2013-12-18 20:00 - 2013-12-18 20:00 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-12-18 19:55 - 2013-12-18 19:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2013-12-18 19:54 - 2013-12-18 19:54 - 00000000 ____D C:\Users\Admin\AppData\Local\SteelSeries_ApS
2013-12-18 19:53 - 2013-12-18 20:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Apple Computer
2013-12-18 19:53 - 2013-12-18 19:53 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SteelSeries
2013-12-18 19:52 - 2013-12-18 19:52 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2013-12-18 19:52 - 2013-12-18 19:52 - 00000000 ____D C:\ProgramData\SteelSeries
2013-12-18 19:52 - 2013-12-18 19:52 - 00000000 ____D C:\Program Files\SteelSeries
2013-12-18 19:39 - 2013-12-18 19:40 - 00000000 ____D C:\Program Files (x86)\Tools
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Program Files\MSBuild
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-18 19:32 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2013-12-18 19:32 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-18 19:32 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2013-12-18 19:32 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2013-12-18 19:32 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-18 19:32 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2013-12-18 19:26 - 2013-12-27 11:42 - 00000000 ____D C:\Program Files\HWiNFO64
2013-12-18 19:25 - 2013-12-18 19:25 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\vlc
2013-12-18 19:24 - 2013-12-18 19:24 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-18 19:21 - 2013-12-28 01:13 - 00000000 ____D C:\Users\Rafael\AppData\Local\Spotify
2013-12-18 19:21 - 2013-12-18 19:21 - 00001815 _____ C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-12-18 19:20 - 2013-12-29 16:00 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Spotify
2013-12-18 19:18 - 2013-12-24 16:48 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Apple Computer
2013-12-18 19:18 - 2013-12-18 21:10 - 00000000 ____D C:\Users\Rafael\AppData\Local\Apple Computer
2013-12-18 19:18 - 2013-12-18 21:07 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\ProgramData\Apple
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files\iTunes
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files\iPod
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files\Bonjour
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-18 19:18 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-12-18 19:09 - 2013-12-29 15:40 - 00000000 ____D C:\Spiele
2013-12-18 19:06 - 2013-12-18 19:06 - 00000000 _____ C:\Users\Rafael\agent.log
2013-12-18 18:56 - 2013-12-29 23:40 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3784432251-2332202779-1408902637-1002
2013-12-18 18:56 - 2013-12-29 23:08 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F5F1FA5F-1211-4E7A-A79D-2A8DB568D810}
2013-12-18 18:56 - 2013-12-18 18:56 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Macromedia
2013-12-18 18:51 - 2013-12-18 18:51 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\AVAST Software
2013-12-18 18:49 - 2013-12-18 18:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Malwarebytes
2013-12-18 18:49 - 2013-12-18 18:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-18 18:49 - 2013-12-18 18:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-18 18:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-18 18:41 - 2013-12-20 21:06 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-18 18:41 - 2013-12-18 18:41 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-18 18:41 - 2013-12-18 18:41 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-18 18:41 - 2013-12-18 18:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVAST Software
2013-12-18 18:39 - 2013-12-18 18:39 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-18 18:39 - 2013-12-18 18:39 - 00000000 _____ C:\Users\Admin\agent.log
2013-12-18 18:37 - 2013-12-18 18:37 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-18 18:26 - 2013-12-24 09:00 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2013-12-18 18:26 - 2013-12-24 09:00 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-18 18:24 - 2013-12-18 18:24 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\ASUS
2013-12-18 18:23 - 2013-12-29 23:47 - 00000000 ____D C:\Users\Rafael
2013-12-18 18:23 - 2013-12-24 19:43 - 00000000 ____D C:\Users\Rafael\AppData\Local\Packages
2013-12-18 18:23 - 2013-12-18 18:23 - 00001465 _____ C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-18 18:23 - 2013-12-18 18:23 - 00000020 ___SH C:\Users\Rafael\ntuser.ini
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Vorlagen
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Startmenü
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Netzwerkumgebung
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Lokale Einstellungen
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Eigene Dateien
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Druckumgebung
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Documents\Eigene Musik
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Documents\Eigene Bilder
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\AppData\Local\Verlauf
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\AppData\Local\Anwendungsdaten
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Anwendungsdaten
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 ___RD C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 ___RD C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Adobe
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 ____D C:\Users\Rafael\AppData\Local\VirtualStore
2013-12-18 18:23 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-18 18:23 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-18 18:23 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-18 18:23 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-18 18:15 - 2013-12-18 18:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-12-18 18:11 - 2013-12-29 18:02 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EB72F030-697B-48E7-88D4-DCFE8864A818}
2013-12-18 18:09 - 2013-12-18 18:09 - 00003552 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-12-18 18:09 - 2013-12-18 18:09 - 00000000 ___RD C:\Windows\BrowserChoice
2013-12-18 18:05 - 2013-12-18 18:05 - 00000000 ____D C:\Windows\system32\MRT
2013-12-18 18:05 - 2013-12-01 14:42 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-18 18:05 - 2013-11-19 11:30 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-12-18 18:03 - 2013-09-26 10:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2013-12-18 18:03 - 2013-09-26 09:24 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-18 18:03 - 2013-09-26 08:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2013-12-18 18:03 - 2013-09-26 08:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2013-12-18 18:03 - 2013-09-25 11:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2013-12-18 18:03 - 2013-09-25 09:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-12-18 18:03 - 2013-09-25 08:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2013-12-18 18:03 - 2013-09-25 06:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2013-12-18 18:03 - 2013-09-24 07:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2013-12-18 18:03 - 2013-09-24 06:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2013-12-18 18:03 - 2013-09-24 06:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2013-12-18 18:03 - 2013-09-24 06:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2013-12-18 18:03 - 2013-09-24 06:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-12-18 18:03 - 2013-09-24 04:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2013-12-18 18:03 - 2013-09-21 13:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-12-18 18:03 - 2013-09-21 13:10 - 00236376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-12-18 18:03 - 2013-09-21 13:10 - 00151384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-12-18 18:03 - 2013-09-21 12:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2013-12-18 18:03 - 2013-09-21 12:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2013-12-18 18:03 - 2013-09-21 12:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2013-12-18 18:03 - 2013-09-21 12:18 - 01109936 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-12-18 18:03 - 2013-09-21 12:04 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2013-12-18 18:03 - 2013-09-21 11:56 - 01119576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-12-18 18:03 - 2013-09-21 11:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-18 18:03 - 2013-09-21 11:53 - 02131120 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-12-18 18:03 - 2013-09-21 11:53 - 01928656 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2013-12-18 18:03 - 2013-09-21 11:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-12-18 18:03 - 2013-09-21 11:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2013-12-18 18:03 - 2013-09-21 11:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2013-12-18 18:03 - 2013-09-21 11:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2013-12-18 18:03 - 2013-09-21 11:53 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-12-18 18:03 - 2013-09-21 11:51 - 01720552 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-12-18 18:03 - 2013-09-21 11:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-18 18:03 - 2013-09-21 10:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2013-12-18 18:03 - 2013-09-21 10:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2013-12-18 18:03 - 2013-09-21 10:12 - 01370800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2013-12-18 18:03 - 2013-09-21 10:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-12-18 18:03 - 2013-09-21 10:09 - 02142424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-12-18 18:03 - 2013-09-21 10:09 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-12-18 18:03 - 2013-09-21 10:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2013-12-18 18:03 - 2013-09-21 10:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2013-12-18 18:03 - 2013-09-21 08:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-12-18 18:03 - 2013-09-21 08:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-12-18 18:03 - 2013-09-21 08:56 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-12-18 18:03 - 2013-09-21 08:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2013-12-18 18:03 - 2013-09-21 08:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-12-18 18:03 - 2013-09-21 08:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2013-12-18 18:03 - 2013-09-21 08:05 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-12-18 18:03 - 2013-09-21 07:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-12-18 18:03 - 2013-09-21 07:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2013-12-18 18:03 - 2013-09-21 07:27 - 00911872 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2013-12-18 18:03 - 2013-09-21 07:06 - 01415168 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-18 18:03 - 2013-09-21 07:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2013-12-18 18:03 - 2013-09-21 07:00 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-12-18 18:03 - 2013-09-21 06:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-12-18 18:03 - 2013-09-21 06:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\livessp.dll
2013-12-18 18:03 - 2013-09-21 06:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-12-18 18:03 - 2013-09-21 06:50 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-12-18 18:03 - 2013-09-21 06:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2013-12-18 18:03 - 2013-09-21 06:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-12-18 18:03 - 2013-09-21 06:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-18 18:03 - 2013-09-21 06:36 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-12-18 18:03 - 2013-09-21 06:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2013-12-18 18:03 - 2013-09-21 06:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-12-18 18:03 - 2013-09-21 06:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2013-12-18 18:03 - 2013-09-21 06:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2013-12-18 18:03 - 2013-09-21 06:16 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2013-12-18 18:03 - 2013-09-21 06:13 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2013-12-18 18:03 - 2013-09-21 06:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2013-12-18 18:03 - 2013-09-21 06:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-12-18 18:03 - 2013-09-21 06:08 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2013-12-18 18:03 - 2013-09-21 06:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2013-12-18 18:03 - 2013-09-21 06:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2013-12-18 18:03 - 2013-09-21 05:58 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-12-18 18:03 - 2013-09-21 05:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2013-12-18 18:03 - 2013-09-21 05:49 - 04975104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2013-12-18 18:03 - 2013-09-21 05:48 - 07544320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2013-12-18 18:03 - 2013-09-21 05:45 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2013-12-18 18:03 - 2013-09-21 05:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2013-12-18 18:03 - 2013-09-21 05:42 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2013-12-18 18:03 - 2013-09-21 05:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-12-18 18:03 - 2013-09-21 05:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2013-12-18 18:03 - 2013-09-21 05:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2013-12-18 18:03 - 2013-09-21 05:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2013-12-18 18:03 - 2013-09-21 05:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2013-12-18 18:03 - 2013-09-19 08:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll
2013-12-18 18:03 - 2013-09-19 07:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2013-12-18 18:03 - 2013-09-19 07:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2013-12-18 18:03 - 2013-09-19 07:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll
2013-12-18 18:03 - 2013-09-19 07:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-12-18 18:03 - 2013-09-19 06:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll
2013-12-18 18:03 - 2013-09-19 06:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-12-18 18:03 - 2013-09-19 06:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2013-12-18 18:03 - 2013-09-19 06:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2013-12-18 18:03 - 2013-09-19 05:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-12-18 18:03 - 2013-09-19 05:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2013-12-18 18:03 - 2013-09-19 05:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2013-12-18 18:03 - 2013-09-19 05:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2013-12-18 18:03 - 2013-09-19 05:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2013-12-18 18:03 - 2013-09-19 05:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2013-12-18 18:03 - 2013-09-19 05:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-12-18 18:03 - 2013-09-19 04:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2013-12-18 18:03 - 2013-09-19 04:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2013-12-18 18:03 - 2013-09-19 04:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-12-18 18:03 - 2013-09-19 04:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-12-18 18:03 - 2013-09-17 10:18 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-12-18 18:03 - 2013-09-17 07:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-12-18 18:03 - 2013-09-17 06:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-12-18 18:03 - 2013-09-17 06:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2013-12-18 18:03 - 2013-09-17 06:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2013-12-18 18:03 - 2013-09-17 05:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-12-18 18:03 - 2013-09-17 05:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2013-12-18 18:03 - 2013-09-17 04:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2013-12-18 18:03 - 2013-09-14 15:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys
2013-12-18 18:03 - 2013-09-14 15:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2013-12-18 18:03 - 2013-09-14 12:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2013-12-18 18:03 - 2013-09-14 12:38 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2013-12-18 18:03 - 2013-09-13 10:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\SensorsClassExtension.dll
2013-12-18 18:03 - 2013-09-13 09:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2013-12-18 18:03 - 2013-09-13 09:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2013-12-18 18:03 - 2013-09-13 08:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2013-12-18 18:03 - 2013-09-13 08:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2013-12-18 18:03 - 2013-09-12 13:33 - 06353952 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-12-18 18:03 - 2013-09-12 08:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-12-18 18:03 - 2013-09-11 10:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2013-12-18 18:03 - 2013-09-11 10:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-12-18 18:03 - 2013-09-11 08:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2013-12-18 18:03 - 2013-09-11 08:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-12-18 18:03 - 2013-09-07 17:12 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-12-18 18:03 - 2013-09-07 17:12 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2013-12-18 18:03 - 2013-09-07 15:45 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-12-18 18:03 - 2013-09-07 15:45 - 00368736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2013-12-18 18:03 - 2013-09-07 13:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll
2013-12-18 18:03 - 2013-09-07 13:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2013-12-18 18:03 - 2013-09-07 13:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll
2013-12-18 18:03 - 2013-09-07 12:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2013-12-18 18:03 - 2013-09-07 12:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2013-12-18 18:03 - 2013-09-07 12:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2013-12-18 18:03 - 2013-09-07 12:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2013-12-18 18:03 - 2013-09-07 12:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2013-12-18 18:03 - 2013-09-07 12:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2013-12-18 18:03 - 2013-09-07 11:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2013-12-18 18:03 - 2013-09-07 11:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2013-12-18 18:03 - 2013-09-05 08:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-12-18 18:03 - 2013-09-05 07:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2013-12-18 18:03 - 2013-09-05 06:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2013-12-18 18:03 - 2013-09-04 08:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2013-12-18 18:03 - 2013-09-04 07:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2013-12-18 18:03 - 2013-09-04 06:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2013-12-18 18:03 - 2013-09-04 06:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\DscCoreConfProv.dll
2013-12-18 18:03 - 2013-09-04 05:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2013-12-18 18:03 - 2013-09-04 05:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2013-12-18 18:03 - 2013-09-04 05:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2013-12-18 18:03 - 2013-08-31 15:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2013-12-18 18:03 - 2013-08-31 13:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2013-12-18 18:03 - 2013-08-31 13:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2013-12-18 18:03 - 2013-08-31 11:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2013-12-18 18:03 - 2013-08-31 11:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2013-12-18 18:03 - 2013-08-31 10:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2013-12-18 18:03 - 2013-08-30 08:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2013-12-18 18:03 - 2013-08-28 09:03 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2013-12-18 18:03 - 2013-08-28 08:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2013-12-18 18:03 - 2013-08-28 08:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2013-12-18 18:03 - 2013-08-28 08:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2013-12-18 18:03 - 2013-08-28 08:04 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2013-12-18 18:03 - 2013-08-27 08:44 - 00019456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2013-12-18 18:03 - 2013-08-27 07:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2013-12-18 18:03 - 2013-08-27 06:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-12-18 18:02 - 2013-12-30 00:23 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3784432251-2332202779-1408902637-1001
2013-12-18 18:02 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2013-12-18 18:02 - 2013-10-23 12:21 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-18 18:02 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
2013-12-18 18:02 - 2013-10-22 09:18 - 01287064 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-12-18 18:02 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-12-18 18:02 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-12-18 18:02 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2013-12-18 18:02 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2013-12-18 18:02 - 2013-10-22 05:02 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-12-18 18:02 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2013-12-18 18:02 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2013-12-18 18:02 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2013-12-18 18:02 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-12-18 18:02 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-18 18:02 - 2013-10-22 03:07 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-18 18:02 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2013-12-18 18:02 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-18 18:02 - 2013-10-19 09:51 - 00481392 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2013-12-18 18:02 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2013-12-18 18:02 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2013-12-18 18:02 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2013-12-18 18:02 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2013-12-18 18:02 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-12-18 18:02 - 2013-10-17 16:42 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2013-12-18 18:02 - 2013-10-17 16:42 - 01373872 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-12-18 18:02 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-12-18 18:02 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2013-12-18 18:02 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2013-12-18 18:02 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2013-12-18 18:02 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2013-12-18 18:02 - 2013-10-10 17:44 - 00031064 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2013-12-18 18:02 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-12-18 18:02 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2013-12-18 18:02 - 2013-10-10 17:23 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-12-18 18:02 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-12-18 18:02 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-12-18 18:02 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-12-18 18:02 - 2013-10-09 06:40 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-12-18 18:02 - 2013-10-08 11:28 - 00523096 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2013-12-18 18:02 - 2013-10-08 11:13 - 02551640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-18 18:02 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2013-12-18 18:02 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2013-12-18 18:02 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2013-12-18 18:02 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2013-12-18 18:02 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-12-18 18:02 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2013-12-18 18:02 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-12-18 18:02 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2013-12-18 18:02 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-18 18:02 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-18 18:02 - 2013-10-05 16:25 - 00057176 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2013-12-18 18:02 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-12-18 18:02 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-12-18 18:02 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-12-18 18:02 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-18 18:02 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-12-18 18:02 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-12-18 18:02 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-12-18 18:02 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2013-12-18 18:02 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-12-18 18:02 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2013-12-18 18:02 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-12-18 18:02 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2013-12-18 18:02 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-12-18 18:02 - 2013-10-05 08:39 - 06639616 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-18 18:02 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-12-18 18:02 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-18 18:02 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2013-12-18 18:02 - 2013-09-19 06:04 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-12-18 18:02 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-12-18 18:02 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-12-18 18:02 - 2013-09-17 08:01 - 00270848 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-18 18:02 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-12-18 18:02 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-12-18 18:02 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2013-12-18 18:02 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2013-12-18 18:02 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2013-12-18 18:02 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2013-12-18 18:02 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2013-12-18 18:02 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2013-12-18 18:02 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2013-12-18 18:02 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2013-12-18 18:02 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2013-12-18 18:02 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2013-12-18 18:02 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2013-12-18 18:02 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2013-12-18 18:02 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2013-12-18 18:02 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2013-12-18 18:02 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2013-12-18 18:02 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2013-12-18 18:02 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2013-12-18 18:02 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2013-12-18 18:02 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2013-12-18 18:02 - 2013-09-10 06:26 - 04599808 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-12-18 18:02 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
2013-12-18 18:02 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-12-18 18:01 - 2013-12-29 23:54 - 01804156 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-18 18:01 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-18 18:01 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-18 18:01 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-12-18 18:01 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-12-18 18:01 - 2013-11-11 03:48 - 00039768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2013-12-18 18:01 - 2013-11-09 12:55 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-12-18 18:01 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2013-12-18 18:01 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2013-12-18 18:01 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2013-12-18 18:01 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2013-12-18 18:01 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-12-18 18:01 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-12-18 18:01 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2013-12-18 18:01 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2013-12-18 18:01 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2013-12-18 18:01 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-12-18 18:01 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-12-18 18:01 - 2013-11-05 21:21 - 21196664 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-12-18 18:01 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-12-18 18:01 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-12-18 18:01 - 2013-11-05 17:11 - 18577408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-12-18 18:01 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2013-12-18 18:01 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2013-12-18 18:01 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2013-12-18 18:01 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2013-12-18 18:01 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2013-12-18 18:01 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-18 18:01 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-12-18 18:01 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-12-18 18:01 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-12-18 18:01 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2013-12-18 18:01 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-12-18 18:01 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-12-18 18:01 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2013-12-18 18:01 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2013-12-18 18:01 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2013-12-18 18:01 - 2013-10-31 01:58 - 00372568 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-18 18:01 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-18 18:01 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-12-18 18:01 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-12-18 18:01 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-12-18 18:01 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-12-18 18:01 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2013-12-18 18:01 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2013-12-18 18:01 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2013-12-18 18:01 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-12-18 18:01 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-12-18 18:01 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-18 18:01 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-12-18 18:01 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-12-18 18:01 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-12-18 18:00 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-18 18:00 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-18 18:00 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-18 18:00 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-18 18:00 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-18 18:00 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-18 18:00 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-18 18:00 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-18 18:00 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-18 18:00 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-18 18:00 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-18 18:00 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-18 18:00 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-18 18:00 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-18 18:00 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-18 18:00 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-18 18:00 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-18 18:00 - 2013-10-19 06:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-18 18:00 - 2013-10-13 03:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-12-18 18:00 - 2013-10-12 22:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-12-18 18:00 - 2013-10-12 22:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-18 18:00 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2013-12-18 18:00 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2013-12-18 18:00 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2013-12-18 18:00 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-12-18 18:00 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2013-12-18 18:00 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2013-12-18 18:00 - 2013-10-03 10:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2013-12-18 18:00 - 2013-10-03 10:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2013-12-18 18:00 - 2013-10-02 12:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-12-18 18:00 - 2013-10-02 10:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-12-18 18:00 - 2013-10-01 04:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2013-12-18 18:00 - 2013-10-01 04:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2013-12-18 17:59 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-18 17:59 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-18 17:59 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2013-12-18 17:59 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2013-12-18 17:59 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2013-12-18 17:59 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2013-12-18 17:59 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2013-12-18 17:59 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-18 17:59 - 2013-10-23 12:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-12-18 17:59 - 2013-10-23 09:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-12-18 17:59 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-18 17:59 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-18 17:59 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-18 17:59 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-18 17:59 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-18 17:59 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-18 17:59 - 2013-10-11 14:24 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2013-12-18 17:59 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2013-12-18 17:59 - 2013-10-05 15:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-18 17:59 - 2013-10-05 09:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-18 17:59 - 2013-09-26 07:51 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2013-12-18 17:59 - 2013-09-26 07:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2013-12-18 17:59 - 2013-09-26 07:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2013-12-18 17:57 - 2013-08-22 06:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2013-12-18 17:56 - 2013-12-18 17:56 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-18 17:56 - 2013-08-15 14:28 - 00830680 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt630x64.sys
2013-12-18 17:56 - 2013-08-15 14:28 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-12-18 17:55 - 2013-12-18 17:55 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-12-18 17:55 - 2013-12-18 17:55 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-12-18 17:55 - 2013-12-18 17:55 - 00111616 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-12-18 17:55 - 2013-12-18 17:55 - 00102400 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-12-18 17:55 - 2013-12-18 17:55 - 00047616 _____ C:\Windows\Cmicnfgp.ini.cfl
2013-12-18 17:55 - 2013-12-18 17:55 - 00001005 _____ C:\Windows\Cmicnfgp.ini.imi
2013-12-18 17:55 - 2013-12-18 17:55 - 00000944 _____ C:\Windows\system\Cmicnfgp.ini
2013-12-18 17:55 - 2013-12-18 17:55 - 00000134 _____ C:\Windows\system\Dlap.pfx
2013-12-18 17:55 - 2013-12-18 17:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ASUS
2013-12-18 17:55 - 2013-12-18 17:55 - 00000000 ____D C:\Program Files\ASUS Xonar DGX Audio
2013-12-18 17:55 - 2013-12-18 17:55 - 00000000 ____D C:\Program Files (x86)\OpenAL
2013-12-18 17:55 - 2013-03-21 10:11 - 00827904 ____N C:\Windows\system32\Cmeauoxy.exe
2013-12-18 17:55 - 2013-02-25 11:35 - 00004374 ____N C:\Windows\Cmicnfgp.ini.cfg
2013-12-18 17:55 - 2012-11-20 11:24 - 12935168 ____N (C-Media Corporation) C:\Windows\SysWOW64\CmiCnfgp.dll
2013-12-18 17:55 - 2012-09-28 15:45 - 00465408 ____N (C-Media Electronics Inc.) C:\Windows\system32\cmasiopx.dll
2013-12-18 17:55 - 2012-09-28 15:45 - 00303104 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\cmasiop.dll
2013-12-18 17:55 - 2012-06-06 09:56 - 00143360 ____N C:\Windows\SysWOW64\VmixP8.dll
2013-12-18 17:55 - 2012-06-04 14:15 - 04533760 ____N C:\Windows\system32\CmiCnfgp.cpl
2013-12-18 17:55 - 2012-01-06 09:30 - 00212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv2.dll
2013-12-18 17:55 - 2012-01-06 09:30 - 00212992 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\HsSrv.dll
2013-12-18 17:55 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv642.dll
2013-12-18 17:55 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv64.dll
2013-12-18 17:55 - 2011-12-29 00:09 - 00000054 ____N C:\Windows\system32\cmasiopx.ini
2013-12-18 17:55 - 2011-12-29 00:08 - 00000049 ____N C:\Windows\SysWOW64\cmasiop.ini
2013-12-18 17:55 - 2011-11-24 18:46 - 00000594 ____N C:\Windows\cmudaxp.ini
2013-12-18 17:55 - 2009-08-19 01:00 - 00359424 ____N C:\Windows\system32\CmiInstallResAll64.dll
2013-12-18 17:55 - 2008-07-11 15:04 - 00200704 ____N C:\Windows\SysWOW64\HsMgr.exe
2013-12-18 17:55 - 2008-07-11 15:03 - 00282112 ____N C:\Windows\system\HsMgr64.exe
2013-12-18 17:55 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\SysWOW64\Cm_Oal.dll
2013-12-18 17:55 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\system32\Cm_Oal.dll
2013-12-18 17:55 - 2006-10-05 14:45 - 00524768 _____ (Microsoft Corporation) C:\Windows\difxapi.dll
2013-12-18 17:55 - 2006-09-13 10:21 - 00200704 ____N (C-Media) C:\Windows\SysWOW64\Cmpaoxy.dll
2013-12-18 17:53 - 2013-10-07 14:52 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-12-18 17:53 - 2013-10-07 14:52 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-12-18 17:52 - 2013-12-27 16:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-18 17:52 - 2013-12-27 16:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-18 17:52 - 2013-12-18 17:52 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2013-12-18 17:52 - 2013-08-07 18:01 - 00029088 _____ C:\Windows\system32\Drivers\INETMON.sys
2013-12-18 17:51 - 2013-12-18 17:51 - 00004616 _____ C:\Windows\DPINST.LOG
2013-12-18 17:50 - 2013-12-18 17:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-18 17:50 - 2013-12-18 17:54 - 00000000 ____D C:\Program Files\Intel
2013-12-18 17:50 - 2013-12-18 17:52 - 00000000 ____D C:\ProgramData\Intel
2013-12-18 17:50 - 2013-12-18 17:50 - 00003936 _____ C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2013-12-18 17:50 - 2013-12-18 17:50 - 00003690 _____ C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2013-12-18 17:50 - 2013-12-18 17:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2013-12-18 17:50 - 2013-12-18 17:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\InstallShield
2013-12-18 17:50 - 2013-12-18 17:50 - 00000000 _____ C:\Windows\SysWOW64\agent.log
2013-12-18 17:50 - 2013-09-16 12:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2013-12-18 17:50 - 2013-09-16 12:17 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2013-12-18 17:50 - 2013-09-16 12:17 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2013-12-18 17:49 - 2013-12-18 17:54 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-18 17:49 - 2013-08-21 15:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-12-18 17:48 - 2013-12-18 17:48 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-18 17:48 - 2013-12-18 17:48 - 00000000 ____D C:\Intel
2013-12-18 17:47 - 2013-12-30 00:27 - 00000000 ____D C:\Users\Admin
2013-12-18 17:47 - 2013-12-30 00:02 - 01769482 _____ C:\Windows\WindowsUpdate.log
2013-12-18 17:47 - 2013-12-18 22:39 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2013-12-18 17:47 - 2013-12-18 18:23 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-18 17:47 - 2013-12-18 18:09 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 17:47 - 2013-12-18 18:09 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-18 17:47 - 2013-12-18 17:47 - 00001454 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-18 17:47 - 2013-12-18 17:47 - 00000020 ___SH C:\Users\Admin\ntuser.ini
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Vorlagen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Startmenü
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Netzwerkumgebung
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Lokale Einstellungen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Eigene Dateien
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Druckumgebung
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Documents\Eigene Musik
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Documents\Eigene Bilder
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Verlauf
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Programme
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2013-12-18 17:47 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-18 17:47 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-18 17:47 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-18 17:47 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-18 17:46 - 2013-12-18 18:42 - 00001272 _____ C:\Windows\PFRO.log
2013-12-18 17:46 - 2013-12-18 17:47 - 00000000 ____D C:\Windows\Panther
2013-12-16 22:15 - 2013-04-11 19:21 - 02734080 _____ (C-Media Inc) C:\Windows\system32\Drivers\cmudaxp.sys
2013-12-16 22:15 - 2013-04-11 19:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\SysWOW64\CmiFltr.dll
2013-12-16 22:15 - 2013-04-11 19:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\system\CmiFltr.dll
2013-12-16 22:15 - 2013-04-11 19:21 - 00032768 _____ (C-Media Electronics Inc.) C:\Windows\system32\cmudaxp.dll

==================== One Month Modified Files and Folders =======

2013-12-30 00:28 - 2013-12-30 00:28 - 00010476 _____ C:\Users\Rafael\Downloads\FRST.txt
2013-12-30 00:27 - 2013-12-30 00:27 - 00000472 _____ C:\Users\Rafael\Downloads\defogger_disable.log
2013-12-30 00:27 - 2013-12-30 00:27 - 00000000 ____D C:\FRST
2013-12-30 00:27 - 2013-12-30 00:27 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-12-30 00:27 - 2013-12-18 17:47 - 00000000 ____D C:\Users\Admin
2013-12-30 00:25 - 2013-12-24 15:53 - 00000000 __RDO C:\Users\Rafael\SkyDrive
2013-12-30 00:23 - 2013-12-18 18:02 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3784432251-2332202779-1408902637-1001
2013-12-30 00:18 - 2013-12-30 00:18 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2013-12-30 00:14 - 2013-12-30 00:14 - 00377856 _____ C:\Users\Rafael\Downloads\xe2ew767.exe
2013-12-30 00:14 - 2013-12-30 00:13 - 01931302 _____ (Farbar) C:\Users\Rafael\Downloads\FRST64.exe
2013-12-30 00:13 - 2013-12-30 00:13 - 00050477 _____ C:\Users\Rafael\Downloads\Defogger.exe
2013-12-30 00:10 - 2013-12-25 16:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-30 00:09 - 2013-12-18 20:16 - 00000000 ____D C:\Users\Rafael\AppData\Local\Battle.net
2013-12-30 00:02 - 2013-12-18 17:47 - 01769482 _____ C:\Windows\WindowsUpdate.log
2013-12-30 00:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2013-12-29 23:54 - 2013-12-18 18:01 - 01804156 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-29 23:54 - 2013-08-23 00:24 - 00774346 _____ C:\Windows\system32\perfh007.dat
2013-12-29 23:54 - 2013-08-23 00:24 - 00163568 _____ C:\Windows\system32\perfc007.dat
2013-12-29 23:48 - 2013-08-22 15:46 - 00021924 _____ C:\Windows\setupact.log
2013-12-29 23:48 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-29 23:48 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-29 23:47 - 2013-12-18 18:23 - 00000000 ____D C:\Users\Rafael
2013-12-29 23:40 - 2013-12-18 18:56 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3784432251-2332202779-1408902637-1002
2013-12-29 23:08 - 2013-12-18 18:56 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F5F1FA5F-1211-4E7A-A79D-2A8DB568D810}
2013-12-29 23:04 - 2013-12-20 23:54 - 00000000 ____D C:\Users\Rafael\AppData\Local\CrashDumps
2013-12-29 22:58 - 2013-12-29 22:58 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Mozilla
2013-12-29 22:58 - 2013-12-29 22:58 - 00000000 ____D C:\Users\Rafael\AppData\Local\Mozilla
2013-12-29 22:58 - 2013-12-29 22:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 18:02 - 2013-12-18 18:11 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EB72F030-697B-48E7-88D4-DCFE8864A818}
2013-12-29 17:52 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2013-12-29 17:33 - 2013-12-29 17:33 - 00013205 _____ C:\Users\Admin\Downloads\scan.log
2013-12-29 16:00 - 2013-12-18 19:20 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Spotify
2013-12-29 15:40 - 2013-12-29 15:40 - 00000000 ____D C:\Users\Rafael\Documents\StarCraft II
2013-12-29 15:40 - 2013-12-18 20:16 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-29 15:40 - 2013-12-18 19:09 - 00000000 ____D C:\Spiele
2013-12-29 14:07 - 2013-12-22 21:02 - 00000000 ____D C:\Users\Rafael\Documents\My Games
2013-12-29 13:26 - 2013-12-29 13:26 - 00000209 _____ C:\Users\Rafael\Desktop\Torchlight II.url
2013-12-29 01:59 - 2013-12-29 01:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-29 01:59 - 2013-12-29 01:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-29 00:55 - 2013-12-18 22:02 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\TS3Client
2013-12-28 20:33 - 2013-12-28 20:33 - 00000209 _____ C:\Users\Rafael\Desktop\Path of Exile.url
2013-12-28 01:13 - 2013-12-18 19:21 - 00000000 ____D C:\Users\Rafael\AppData\Local\Spotify
2013-12-27 22:52 - 2013-12-27 22:52 - 00000713 _____ C:\Users\Rafael\Desktop\Guild Wars 2.lnk
2013-12-27 22:35 - 2013-12-18 21:09 - 00000000 ____D C:\Users\Rafael\AppData\Local\Apple
2013-12-27 16:44 - 2013-12-27 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-27 16:44 - 2013-12-27 16:44 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-27 16:44 - 2013-12-18 17:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-27 16:44 - 2013-12-18 17:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-27 16:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Help
2013-12-27 15:32 - 2013-12-27 15:32 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-27 15:30 - 2013-12-27 15:30 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-12-27 11:44 - 2013-12-27 11:44 - 00000000 ____D C:\Program Files\hw64_431_2063
2013-12-27 11:42 - 2013-12-18 19:26 - 00000000 ____D C:\Program Files\HWiNFO64
2013-12-26 23:50 - 2013-12-26 23:50 - 00000000 ____D C:\Users\Rafael\AppData\Local\Blizzard
2013-12-26 22:52 - 2013-12-25 16:31 - 00000000 ____D C:\Users\Rafael\AppData\Local\The Lord of the Rings Online
2013-12-25 17:07 - 2013-12-25 17:06 - 00000213 _____ C:\Users\Rafael\Desktop\The Lord of the Rings Online.url
2013-12-25 16:39 - 2013-12-25 13:10 - 00000000 ____D C:\Users\Rafael\Documents\The Lord of the Rings Online
2013-12-25 16:12 - 2013-12-25 13:06 - 00000000 ____D C:\Users\Rafael\AppData\Local\Turbine
2013-12-25 16:01 - 2013-12-25 16:01 - 00000000 ____D C:\Users\Rafael\AppData\Local\Macromedia
2013-12-25 16:00 - 2013-12-25 16:00 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-25 16:00 - 2013-12-25 15:59 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2013-12-25 15:57 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2013-12-25 13:06 - 2013-12-25 13:06 - 01804472 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-25 13:06 - 2013-12-25 13:06 - 00000094 _____ C:\Users\Rafael\AppData\Local\fusioncache.dat
2013-12-25 13:06 - 2013-12-25 13:06 - 00000093 _____ C:\Users\Admin\AppData\Local\fusioncache.dat
2013-12-25 13:06 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Registration
2013-12-25 13:05 - 2013-12-18 20:16 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Battle.net
2013-12-24 19:43 - 2013-12-18 18:23 - 00000000 ____D C:\Users\Rafael\AppData\Local\Packages
2013-12-24 18:47 - 2013-12-24 08:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-24 16:48 - 2013-12-18 19:18 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Apple Computer
2013-12-24 16:27 - 2013-12-24 16:27 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Thunderbird
2013-12-24 16:27 - 2013-12-24 16:27 - 00000000 ____D C:\Users\Rafael\AppData\Local\Thunderbird
2013-12-24 16:27 - 2013-12-24 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-24 09:00 - 2013-12-18 18:26 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2013-12-24 09:00 - 2013-12-18 18:26 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-24 08:26 - 2013-12-24 08:26 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-22 21:02 - 2013-12-22 21:02 - 00000000 ____D C:\Users\Rafael\AppData\Local\My Games
2013-12-22 21:02 - 2013-12-21 17:48 - 00044997 _____ C:\Windows\DirectX.log
2013-12-22 20:27 - 2013-12-22 20:27 - 00000000 ____D C:\Users\Rafael\Documents\Endless Space
2013-12-22 13:40 - 2013-12-22 13:40 - 00000207 _____ C:\Users\Rafael\Desktop\Sid Meier's Civilization V.url
2013-12-22 11:03 - 2013-12-22 11:03 - 00000209 _____ C:\Users\Rafael\Desktop\Endless Space.url
2013-12-21 22:11 - 2013-12-21 22:11 - 00000000 ____D C:\Users\Rafael\Documents\Guild Wars 2
2013-12-21 22:11 - 2013-12-21 22:11 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Guild Wars 2
2013-12-21 22:11 - 2013-12-21 22:11 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Guild Wars 2
2013-12-21 17:48 - 2013-12-21 17:48 - 00000000 ____D C:\Users\Rafael\Documents\WB Games
2013-12-21 17:48 - 2013-12-18 20:12 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\NVIDIA
2013-12-21 11:19 - 2013-12-21 11:19 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-12-21 11:19 - 2013-12-21 11:19 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Canon
2013-12-21 11:15 - 2013-12-18 22:35 - 00000000 ____D C:\Program Files (x86)\Canon
2013-12-21 03:32 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2013-12-21 00:27 - 2013-12-21 00:27 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\iMobie
2013-12-21 00:27 - 2013-12-21 00:27 - 00000000 ____D C:\Users\Rafael\AppData\Local\iMobie_Inc
2013-12-20 23:54 - 2013-12-20 23:54 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\WindSolutions
2013-12-20 23:54 - 2013-12-20 23:54 - 00000000 ____D C:\ProgramData\WindSolutions
2013-12-20 23:09 - 2013-12-20 23:09 - 00000209 _____ C:\Users\Rafael\Desktop\Batman Arkham Origins.url
2013-12-20 21:06 - 2013-12-18 18:41 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-19 23:23 - 2013-08-22 15:44 - 00336048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-18 22:39 - 2013-12-18 17:47 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2013-12-18 22:37 - 2013-12-18 22:37 - 00000000 ____D C:\Windows\medias
2013-12-18 22:37 - 2013-12-18 22:37 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2013-12-18 22:36 - 2013-12-18 22:36 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-18 22:36 - 2013-12-18 22:36 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-18 22:36 - 2013-12-18 22:36 - 00000000 ____D C:\Windows\system32\STRING
2013-12-18 22:16 - 2013-12-18 22:16 - 00001158 _____ C:\Users\Admin\Desktop\dfrgui.lnk
2013-12-18 22:16 - 2013-12-18 22:16 - 00001116 _____ C:\Users\Admin\Desktop\Disk Cleanup.lnk
2013-12-18 22:14 - 2013-12-18 22:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\KeePass
2013-12-18 22:02 - 2013-12-18 22:02 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-12-18 22:02 - 2013-12-18 22:02 - 00000000 ____D C:\Users\Rafael\AppData\Local\TeamSpeak 3 Client
2013-12-18 21:59 - 2013-12-18 21:59 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Malwarebytes
2013-12-18 21:55 - 2013-12-18 21:55 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2013-12-18 21:55 - 2013-12-18 21:55 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-12-18 21:35 - 2013-12-18 21:35 - 00000000 ____D C:\Program Files (x86)\Fraps
2013-12-18 21:30 - 2013-12-18 21:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-18 21:28 - 2013-12-18 21:23 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\KeePass
2013-12-18 21:24 - 2013-12-18 21:23 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe
2013-12-18 21:10 - 2013-12-18 19:18 - 00000000 ____D C:\Users\Rafael\AppData\Local\Apple Computer
2013-12-18 21:07 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-18 20:58 - 2013-12-18 19:53 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Apple Computer
2013-12-18 20:57 - 2013-12-18 20:57 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple Computer
2013-12-18 20:57 - 2013-12-18 20:57 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-18 20:51 - 2013-12-18 20:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-12-18 20:40 - 2013-12-18 20:40 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\SteelSeries
2013-12-18 20:40 - 2013-12-18 20:40 - 00000000 ____D C:\Users\Rafael\AppData\Local\SteelSeries_ApS
2013-12-18 20:16 - 2013-12-18 20:16 - 00000000 ____D C:\Users\Rafael\AppData\Local\Blizzard Entertainment
2013-12-18 20:14 - 2013-12-18 20:14 - 00000000 ____D C:\ProgramData\Battle.net
2013-12-18 20:12 - 2013-12-18 20:12 - 00000000 ____D C:\Users\Rafael\AppData\Local\Logitech
2013-12-18 20:03 - 2013-12-18 20:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA
2013-12-18 20:03 - 2013-12-18 20:03 - 00000000 ____D C:\Users\Admin\AppData\Local\Logitech
2013-12-18 20:03 - 2013-12-18 20:03 - 00000000 ____D C:\ProgramData\LogiShrd
2013-12-18 20:00 - 2013-12-18 20:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2013-12-18 20:00 - 2013-12-18 20:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd
2013-12-18 20:00 - 2013-12-18 20:00 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-12-18 19:55 - 2013-12-18 19:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2013-12-18 19:54 - 2013-12-18 19:54 - 00000000 ____D C:\Users\Admin\AppData\Local\SteelSeries_ApS
2013-12-18 19:53 - 2013-12-18 19:53 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SteelSeries
2013-12-18 19:52 - 2013-12-18 19:52 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2013-12-18 19:52 - 2013-12-18 19:52 - 00000000 ____D C:\ProgramData\SteelSeries
2013-12-18 19:52 - 2013-12-18 19:52 - 00000000 ____D C:\Program Files\SteelSeries
2013-12-18 19:40 - 2013-12-18 19:39 - 00000000 ____D C:\Program Files (x86)\Tools
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Program Files\MSBuild
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-18 19:33 - 2013-12-18 19:33 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-18 19:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-12-18 19:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\MUI
2013-12-18 19:25 - 2013-12-18 19:25 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\vlc
2013-12-18 19:24 - 2013-12-18 19:24 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-18 19:21 - 2013-12-18 19:21 - 00001815 _____ C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\ProgramData\Apple
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files\iTunes
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files\iPod
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files\Bonjour
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-18 19:18 - 2013-12-18 19:18 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-18 19:06 - 2013-12-18 19:06 - 00000000 _____ C:\Users\Rafael\agent.log
2013-12-18 18:56 - 2013-12-18 18:56 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Macromedia
2013-12-18 18:51 - 2013-12-18 18:51 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\AVAST Software
2013-12-18 18:49 - 2013-12-18 18:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Malwarebytes
2013-12-18 18:49 - 2013-12-18 18:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-18 18:49 - 2013-12-18 18:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-18 18:42 - 2013-12-18 17:46 - 00001272 _____ C:\Windows\PFRO.log
2013-12-18 18:41 - 2013-12-18 18:41 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-18 18:41 - 2013-12-18 18:41 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-18 18:41 - 2013-12-18 18:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-18 18:41 - 2013-12-18 18:41 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-18 18:41 - 2013-12-18 18:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVAST Software
2013-12-18 18:39 - 2013-12-18 18:39 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-18 18:39 - 2013-12-18 18:39 - 00000000 _____ C:\Users\Admin\agent.log
2013-12-18 18:37 - 2013-12-18 18:37 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-18 18:24 - 2013-12-18 18:24 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\ASUS
2013-12-18 18:23 - 2013-12-18 18:23 - 00001465 _____ C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-18 18:23 - 2013-12-18 18:23 - 00000020 ___SH C:\Users\Rafael\ntuser.ini
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Vorlagen
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Startmenü
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Netzwerkumgebung
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Lokale Einstellungen
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Eigene Dateien
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Druckumgebung
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Documents\Eigene Musik
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Documents\Eigene Bilder
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\AppData\Local\Verlauf
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\AppData\Local\Anwendungsdaten
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 _SHDL C:\Users\Rafael\Anwendungsdaten
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 ___RD C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 ___RD C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Adobe
2013-12-18 18:23 - 2013-12-18 18:23 - 00000000 ____D C:\Users\Rafael\AppData\Local\VirtualStore
2013-12-18 18:23 - 2013-12-18 17:47 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-18 18:15 - 2013-12-18 18:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-12-18 18:09 - 2013-12-18 18:09 - 00003552 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-12-18 18:09 - 2013-12-18 18:09 - 00000000 ___RD C:\Windows\BrowserChoice
2013-12-18 18:09 - 2013-12-18 17:47 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 18:09 - 2013-12-18 17:47 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\migwiz
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\FileManager
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Camera
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-18 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-18 18:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-12-18 18:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2013-12-18 18:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Dism
2013-12-18 18:05 - 2013-12-18 18:05 - 00000000 ____D C:\Windows\system32\MRT
2013-12-18 18:04 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-18 17:56 - 2013-12-18 17:56 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-18 17:56 - 2013-12-18 17:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-18 17:55 - 2013-12-18 17:55 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-12-18 17:55 - 2013-12-18 17:55 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-12-18 17:55 - 2013-12-18 17:55 - 00111616 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-12-18 17:55 - 2013-12-18 17:55 - 00102400 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-12-18 17:55 - 2013-12-18 17:55 - 00047616 _____ C:\Windows\Cmicnfgp.ini.cfl
2013-12-18 17:55 - 2013-12-18 17:55 - 00001005 _____ C:\Windows\Cmicnfgp.ini.imi
2013-12-18 17:55 - 2013-12-18 17:55 - 00000944 _____ C:\Windows\system\Cmicnfgp.ini
2013-12-18 17:55 - 2013-12-18 17:55 - 00000134 _____ C:\Windows\system\Dlap.pfx
2013-12-18 17:55 - 2013-12-18 17:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ASUS
2013-12-18 17:55 - 2013-12-18 17:55 - 00000000 ____D C:\Program Files\ASUS Xonar DGX Audio
2013-12-18 17:55 - 2013-12-18 17:55 - 00000000 ____D C:\Program Files (x86)\OpenAL
2013-12-18 17:55 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\restore
2013-12-18 17:55 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\System
2013-12-18 17:54 - 2013-12-18 17:50 - 00000000 ____D C:\Program Files\Intel
2013-12-18 17:54 - 2013-12-18 17:49 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-18 17:52 - 2013-12-18 17:52 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2013-12-18 17:52 - 2013-12-18 17:50 - 00000000 ____D C:\ProgramData\Intel
2013-12-18 17:51 - 2013-12-18 17:51 - 00004616 _____ C:\Windows\DPINST.LOG
2013-12-18 17:50 - 2013-12-18 17:50 - 00003936 _____ C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2013-12-18 17:50 - 2013-12-18 17:50 - 00003690 _____ C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2013-12-18 17:50 - 2013-12-18 17:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2013-12-18 17:50 - 2013-12-18 17:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\InstallShield
2013-12-18 17:50 - 2013-12-18 17:50 - 00000000 _____ C:\Windows\SysWOW64\agent.log
2013-12-18 17:48 - 2013-12-18 17:48 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-18 17:48 - 2013-12-18 17:48 - 00000000 ____D C:\Intel
2013-12-18 17:47 - 2013-12-18 17:47 - 00001454 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-18 17:47 - 2013-12-18 17:47 - 00000020 ___SH C:\Users\Admin\ntuser.ini
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Vorlagen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Startmenü
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Netzwerkumgebung
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Lokale Einstellungen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Eigene Dateien
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Druckumgebung
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Documents\Eigene Musik
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Documents\Eigene Bilder
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Verlauf
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Users\Admin\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Programme
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2013-12-18 17:47 - 2013-12-18 17:47 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2013-12-18 17:47 - 2013-12-18 17:46 - 00000000 ____D C:\Windows\Panther
2013-12-18 17:47 - 2013-08-22 16:37 - 00001720 _____ C:\Windows\DtcInstall.log
2013-12-18 17:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Recovery
2013-12-18 17:47 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-12-18 17:46 - 2013-08-22 16:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-01 14:42 - 2013-12-18 18:05 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Admin\AppData\Local\Temp\x2blapi.dll
C:\Users\Admin\AppData\Local\Temp\_is5767.exe
C:\Users\Rafael\AppData\Local\Temp\Gw2.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-28 11:53

==================== End Of Log ============================

schrauber 30.12.2013 18:08
Wo ist die Software her? Rechner ist sauber, die Blocks gehen in Ordnung da die Software wirklich zu Malware Servern connecten will.

psychenic 30.12.2013 18:12
Na das ist ja mal geil. Von der offiziellen Blizzard-Seite, hab aber damals die Seite über Google aufgerufen. Soll ich sie einfach runterschmeißen und neu runterladen?

PS: Mir ist was wichtiges eingefallen, das hab ich total vergessen. :( Einen Tag nachdem der Rechner frisch installiert war fand Malwarebytes einen Trojaner auf der externen Platte. Er konnte ihn erfolgreich entfernen. Komischerweise hatte ich davor auch Scans gemacht, da war nichts zu finden. Auf der Platte waren persönliche Dateien von der alten Platte.
Außerdem hatte Avast mal einen Zugriff gesperrt weil ich versehentlich auf einen dubiosen Link in den Google-Ergebnissen geklickt habe. Da muss im selben Zeitraum gewesen sein.

Der damalige Log:

Code:
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.19.11

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Rafael :: RAFAEL-PC [limitiert]

Schutz: Aktiviert

20.12.2013 21:04:40
mbam-log-2013-12-20 (21-04-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 262969
Laufzeit: 8 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
F:\Spiele Dateien\Vollversionen\Die Siedler 2 - Die nächste Generation\Support\Structure\bin\KeyCheck.exe (Trojan.Sakura.ED) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Übrigens, die Siedler 2 ist keine gecrackte Version sondern als digitaler Download gekauft.

schrauber 31.12.2013 14:58
Und wo ist dieser Keycheck her? das tönt nämlich irgendwie nit so legal? :)


Ja lösch das Zeug mal und lad es neu beim Hersteller.

psychenic 31.12.2013 15:31
Zitat:
Zitat von schrauber (Beitrag 1222334)
Und wo ist dieser Keycheck her? das tönt nämlich irgendwie nit so legal? :)
Ja, ich weiß. Das ist mir auch komisch vorgekommen als ich die Datei gesehen habe. Das Spiel habe ich legal erworben. Der Kaufbeleg befindet sich im Anhang. Seriennummer habe ich unkenntlich gemacht.

Das Spiel habe ich damals von Gamesload gekauft und Gamesload gehört zur Telekom. In Zeiten von Steamsales und anderen günstigen digitalen Angeboten bin ich bestimmt nicht so blöd und lade mir Cracks, etc. runter. Vielleicht sollte ich das Spiel nochmal frisch runterladen und überprüfen ob diese Datei mit dabei ist.

Was Battle.net betrifft, ich habe es deinstalliert, Reste händisch über regedit gelöscht und nun wieder installiert. Läuft soweit, ich müsste halt noch den Test machen und ein Spiel runterladen.

PS: Habe gerade an meinem Laptop (ebenfalls Win 8.1) das gleiche Problem festgestellt. Kann das auch eine False Positive sein?

schrauber 01.01.2014 13:18
Könnte, wobei die von dir geposteten IPs schon fragwürdig sind. Frag am Besten mal beim Hersteller von Battle.net an.

psychenic 02.01.2014 06:05
Hallo Schrauber,

erstmal danke für deine Antwort an einem Feiertag! Ihr leistet eine tolle Arbeit und das ihr eure wertvolle Freizeit dafür opfert ist meiner Meinung nach nur bewundernswert.:applaus:

So, und was mein Problem angeht: Ich habe den Rechner einfach nochmal platt gemacht:

Mit einer Linux-Boot-Disc einen Secure-Erase der SSD durchgeführt und Windows 8 mit abgestöpselten LAN-Stecker installiert. Die Treiber und die Setup-Dateien (Avast, Malwarebytes, Battle.net) habe ich mit meinem Tablet heruntergeladen welches ebenfalls vorher plattgemacht wurde. Treiber installiert, Malwarebytes installiert, danach erst Netzwerkstecker eingesteckt. Malwarebytes aktualisiert, Full-Scan, alles gut. Windows-Updates gemacht. Nun Battle.net installiert und den Download gestartet. Nach ca. 5 Min. die ersten Blocks. Ich habe auch in die Logs des Routers geschaut, dort gab es keinen Auffälligkeiten.

Also ehrlich weiß ich nicht mehr weiter. Der Rechner ist sauber würde ich behaupten. Weitere externe Geräte waren nicht angeschlossen. Wird meine IP irgendwie "entführt"?

Ich werde erstmal auf den Einsatz der Software verzichten und Blizzard kontaktieren. Ansonsten weiß ich auch nicht mehr weiter...

UPDATE: Bei weiteren Recherchen habe ich endlich die Lösung in den Foren des Herstellers gefunden. Die Software nutzt neben den direkten Download auch P2P um die eigenen Server des Herstellers zu entlasten. Und bei Peer-to-Peer ist es natürlich klar das darunter auch mal dubiosere IP's sein können. Glücklicherweise kann man in den Optionen P2P abschalten. Und siehe da, es läuft nun alles einwandfrei durch ohne das Malwarebytes einmal meckert.

Es ist manchmal so einfach... Auf jeden Fall vielen Dank für den Support.:-)
Falls noch was sein sollte, melde ich mich nochmal.

schrauber 03.01.2014 09:46
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:19 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131