win 8 schwarzer hintergrund leistung versagt spiele mauszeiger unsichtbar

Zyriak · 23.08.2013, 10:08

Hallo zusammen,
vor 3 Wochen habe ich mir einen neuen Rechner gekauft, nun habe ich glaub ich schadsoftware auf ihm.

Die Probleme sehen so aus:
- schwarzer Desktop Hintergrund /manchmal Blau
- Er ist extrem langsam geworden
- internetseiten brauchen teilweise 5 Minuten zum laden
- PandaCloud erkennt nichts (anscheinend wurde aber Malware gefunden die sich nicht löschen lässt)
- vorher hatte ich Avira Antivir das Programm hatte beim Scan Bluescreens ausgeworfen
- In Spielen bleibt der Mauszeiger hängen allerdings bewegt sich die Maus unsichtbar (Schaltflächen leuchten auf)

Ist der sicherste Weg den Rechner platt zu machen und mit der Recovery Disk alles neu aufzuspielen?

Würde mich sehr über Hilfe freuen
Grüße

ryder · 23.08.2013, 10:33

!! Hinweis an Mitlesende !!
Dieses Thema und die Anweisungen sind nur für diesen speziellen Fall gedacht.
Sie könnten andere Computer schwer beschädigen. Öffnet bitte euer eigenes Thema (Link zur Anleitung).

Ich werde dir bei deinem Problem helfen. Die Bereinigung funktioniert nur, wenn du dich an die folgenden Regeln hälst:

Bitte lesen:
Regeln für die Bereinigung

Illegal genutzte Software
Beim ersten Anzeichen wird der Support ohne Diskussion eingestellt. Also sorge bitte vorher dafür, dass hier nichts mehr auftaucht.
Keine Garantie
Wir werden uns Mühe geben, aber einen 100% sicheren und sauberen Computer bekommst du nicht zurück. Der einzig sichere Weg ist die Formatierung mit Neuaufsetzen.
Keine Alleingänge
Die Bereinigung funktioniert nur, wenn du genau das machst, was ich anweise. Installiere/deinstalliere keine Software, führe keine Scans durch, die ich dir nicht angewiesen habe. Poste dein Thema in keinem anderen Forum und folge nicht den Anweisungen anderer Helfer. Du raubst damit allen Beteiligten nur Zeit.
Aufmerksam lesen und nachfragen
Lies jede Anleitung genau durch. Bei Unklarheiten bitte vorher nachfragen. Arbeite die Schritte in der Reihenfolge ab und antworte dann erst nach dem letzten Schritt oder wenn du eine Frage hast.
Richtig antworten
- Nachdem du alle Schritte abgearbeitet hast gibst du mir bitte zu jedem Schritt eine Rückmeldung (Logfile oder Antwort) und das gesammelt in einer Antwort.
- Mache deinen Namen nur dann unkenntlich, wenn es wirklich sein muss. Denke bitte aber auch daran, dass wir diesen Thread und deine Logfiles nachträglich nicht editieren werden! (siehe LINK)
- Logfiles bitte zwischen Code-Tags platzieren (im Antwortfenster das #-Symbol anklicken) sieht dann so aus:
  [CODE] (Logfile) [/CODE]
- Hinweis in eigener Sache: Angehängte oder gezippte Logfiles erschweren mir die Arbeit massiv! Mache das also nur, wenn das Logfile zu groß ist, um es direkt zu posten. (Hier gibt es eine Anleitung)
Keine privaten Nachrichten
Ich sehe es, wenn du geantwortet hast, du mußt mich nicht benachrichtigen. Schicke mir nur dann eine PM wenn ich drei Tage nicht geantwortet habe und nur dann.
Wie läuft die Bereinigung ab?
Ganz grob: Analyse > Bereinigung > Kontrolle mit Updates > Fertig. Ob fertig oder nicht werde ich dir ganz deutlich mitteilen, du brauchst nicht nachzufragen.

Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!)
Deinstallation von Programmen

Windows XP: Start > Systemsteuerung > Software > [Programmname] > Deinstallieren

Windows Vista / 7: Start > Systemsteuerung > Programme und Funktionen > [Programmname] > Deinstallieren

ggf. Neustart zulassen

Deinstalliere - falls du es nicht absichtlich installiert hast - alles was den Zusatz "Toolbar" enthält, sowie Downloader-Anwendungen (z.B. jDownloader).

Gehe bitte die folgende Liste durch und deinstalliere die genannten Programme, falls vorhanden:
Registry-Cleaner Software, TuneUp Utilities (inkl. Language Pack), Glary Utilities, Spybot S & D (inklusive Teatimer), Zonealarm Firewall (ist unnötig), McAfee Security Scan, Spyware Hunter, Spyware Terminator, Java 6 (alle Varianten, Java 7 kann bleiben), Pokersoftware, xp-Antispy, Hotspot Shield, iLivid, Amazon Icon, DriverEasy, Advanced Driver Updater,Advanced System Protector, RegClean Pro, Advanced System Optimizer, DriverCure, Uniblue DriverScanner, FireJump, SearchAnonymizer, SpeedMaxPC, Optimzer Pro, Webcake, OpenCandy, Zip Opener, WinZipper, Open It!

Ich persönlich empfehle auch alles zu deinstallieren, was mit Bing zu tun hat (Bing Desktop, -toolbar), aber das ist deine Entscheidung.

Schritt 2:
AdwCleaner: Werbeprogramme suchen und löschen

Achtung! Lade dir keinenfalls den ZipOpener herunter.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3:
Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32bit oder FRST 64bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Scan.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Zyriak · 23.08.2013, 10:48

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.000 - Report created 23/08/2013 at 11:40:41
# Updated 20/08/2013 by Xplode
# Operating System : Windows 8.1 Preview  (64 bits)
# Username : Win 8 Erazer - ERAZER
# Running from : C:\Users\Win 8 Erazer\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP
Service Deleted : BrowserDefendert

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\LyricsPal
Folder Deleted : C:\Users\Win 8 Erazer\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\Win 8 Erazer\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
File Deleted : C:\Users\Win 8 Erazer\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Win 8 Erazer\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKCU\Software\596dedde139e813
Key Deleted : HKLM\SOFTWARE\596dedde139e813
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lrcspal@lyricspal.co
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261562~1.220\{c16c1~1\browse~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9431.0

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\Win 8 Erazer\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4149 octets] - [23/08/2013 11:39:00]
AdwCleaner[S0].txt - [3436 octets] - [23/08/2013 11:40:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3496 octets] ##########

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-08-2013
Ran by Win 8 Erazer at 2013-08-23 11:45:50
Running from C:\Users\Win 8 Erazer\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Ashampoo AppLauncher v.1.0.0 (x32 Version: 1.0.0)
Ashampoo Burning Studio 11 v.11.0.4 (x32 Version: 11.0.4)
Ashampoo Core Tuner 2 v.2.0.1 (x32 Version: 2.01)
Ashampoo GetBack Photo v.1.0.1 (x32 Version: 1.0.1)
Ashampoo HDD Control 2 v.2.1.0 (x32 Version: 2.1.0)
Ashampoo Music Studio 4 v.4.0.1 (x32 Version: 4.0.1)
Ashampoo Photo Commander 10 v.10.1.3 (x32 Version: 10.1.3)
Ashampoo Photo Optimizer 5 v.5.1.2 (x32 Version: 5.1.2)
Ashampoo Slideshow Studio HD 2 v.2.0.5 (x32 Version: 2.0.5)
Ashampoo Snap 5 v.5.1.5 (x32 Version: 5.1.5)
Ashampoo UnInstaller 4 v.4.30 (x32 Version: 4.3.0)
Ashampoo Video Styler v.1.0.1 (x32 Version: 1.0.1)
Ashampoo WinOptimizer 9 v.9.04.31 (x32 Version: 9.04.31)
Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.8.000)
Audacity 2.0.3 (x32 Version: 2.0.3)
Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663)
AVS Video Editor 6 (x32 Version: 6.4.1.240)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
BioShock Infinite (x32)
BitRaider Web Client (x32 Version: 1.1.8.1)
BOSS (x32 Version: 2.1.1)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Black Ops II (x32)
CCleaner (Version: 4.04)
Creative Systeminformationen (x32 Version: 1.10)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.3624)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3111_44883)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1920)
CyberLink PowerDVD 10 (x32 Version: 10.0.4508.52)
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.2715b)
CyberLink PowerRecover (Version: 5.7.0.0913)
CyberLink PowerRecover (x32 Version: 5.7.0.0913)
D3DX10 (x32 Version: 15.4.2368.0902)
Defiance (x32)
DefianceRuntimes (x32 Version: 1.0.2)
Diablo III (x32 Version: 1.0.8.16603)
Erazer Control Center (x32 Version: 3.0.0.7)
ESN Sonar (x32 Version: 0.70.4)
Firestorm-Release (remove only) (x32 Version: 4.4.2.34167)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fotogalerija (x32 Version: 16.4.3505.0912)
Fotogalleri (x32 Version: 16.4.3505.0912)
Fotogalleriet (x32 Version: 16.4.3505.0912)
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912)
Fotótár (x32 Version: 16.4.3505.0912)
Fraps (remove only) (x32)
Free YouTube to MP3 Converter version 3.12.9.725 (x32 Version: 3.12.9.725)
Galeria de Fotografias (x32 Version: 16.4.3505.0912)
Galería de fotos (x32 Version: 16.4.3505.0912)
Galeria fotografii (x32 Version: 16.4.3505.0912)
Galerie de photos (x32 Version: 16.4.3505.0912)
Google Chrome (x32 Version: 29.0.1547.57)
Google Update Helper (x32 Version: 1.3.21.153)
Intel(R) Control Center (x32 Version: 1.2.1.1008)
Intel(R) Management Engine Components (x32 Version: 8.1.20.1337)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030)
Intel® Trusted Connect Service Client (Version: 1.26.242.3)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Logitech Gaming Software (Version: 8.45.88)
Logitech Gaming Software 8.46 (Version: 8.46.27)
Mediathek (x32 Version: 1.4.0)
Medion Home Cinema 10 (x32 Version: 10.0)
Medion Home Cinema 10 (x32 Version: 10.1924)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3505.0912)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Need For Speed™ World (x32 Version: 1.0.0.1516)
NVIDIA 3D Vision Treiber 326.01 (Version: 326.01)
NVIDIA Grafiktreiber 326.01 (Version: 326.01)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.126.821)
NVIDIA PhysX (x32 Version: 9.12.0807)
NVIDIA PhysX System Software 9.12.0807 (Version: 9.12.0807)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2601)
NVIDIA Systemsteuerung 326.01 (Version: 326.01)
NVIDIA Update 1.14.17 (Version: 1.14.17)
NVIDIA Update Components (Version: 1.14.17)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
Origin (x32 Version: 9.3.1.4482)
Panda Cloud Antivirus (Version: 6.03.00.0000)
Panda Cloud Antivirus (x32 Version: 02.02.01.0000)
Panda Cloud Cleaner (x32 Version: 1.0.64)
Panda Security URL Filtering (x32 Version: 1.0.1.88)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912)
PunkBuster Services (x32 Version: 0.991)
QuickLaunch (x32 Version: 1.00.0019)
Raccolta foto (x32 Version: 16.4.3505.0912)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710)
Skype™ 6.7 (x32 Version: 6.7.102)
Sound Blaster Tactic(3D) (x32 Version: 1.0)
Special Force 2  1.0 (x32)
Star Wars: The Old Republic (x32 Version: 1.00)
StarCraft II (x32 Version: 2.0.11.26825)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (x32 Version: 3.0.11)
TeamViewer 8 (x32 Version: 8.0.20202)
The Elder Scrolls V: Skyrim (x32)
Transformers: War for Cybertron (x32)
True Color Pro Software (x32 Version: 2.3.9)
Unigine Valley Benchmark version 1.0 (x32 Version: 1.0)
us Mod Manager (Version: 0.45.6)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912)

==================== Restore Points  =========================

23-08-2013 07:43:50 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-06-16 05:17 - 2013-06-16 05:17 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0394935B-5DBE-4826-9827-334B3886A3AD} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {04950C4A-AAD2-4C2B-B40D-474AE7F62201} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {073FDA5A-800B-4E98-8425-B9B3D615313D} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {08FE8991-7AC6-4095-9B19-95D1C29513DC} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-06-16] (Microsoft Corporation)
Task: {0AE09894-9BFE-4705-AD96-C07BB753FF6E} - System32\Tasks\WPD\SqmUpload_S-1-5-21-496577320-1511247521-3890309592-1002 => C:\Windows\system32\rundll32.exe [2013-06-16] (Microsoft Corporation)
Task: {0DB37CC8-500D-4B79-9B32-628AEE447A0A} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {17C5AEF1-DB6E-43CF-9A6F-F925BDB9663B} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2013-06-16] (Microsoft Corporation)
Task: {18E0D946-0CCB-4828-90F8-887725F96EF0} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {1A2C6AD1-341C-4847-B5DB-1AED4896343C} - \GoogleUpdateTaskMachineCore No Task File
Task: {1B2DE521-838A-4EFE-BA0F-BA9D7F8D9184} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [2013-06-16] (Microsoft Corporation)
Task: {1B72052E-3B8E-4CF5-BD31-55B1F1305A6F} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {1EE4A503-EE28-4FE6-AA54-2E1172E6A479} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {29194692-B244-4E2B-AA03-2336DF8C57BD} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {2B1BC8B2-20B5-4149-B8CE-9ABE5BE6908C} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {2BA0A72E-7E9C-4228-84E8-F9CD234F65A6} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {2BB942FB-9EEC-4B09-96C6-A6750A67CBBE} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {2C249E3B-3524-4079-8FB8-364946A90F05} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {2FC98F63-CE89-4528-9DC1-4ECD3FE8D693} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {3047B310-66E4-4680-BE7D-CA89BF8F3446} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {3335687C-14A4-4039-B734-BEFE9B59E27C} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-16] (Microsoft Corporation)
Task: {344AFD48-B8F9-4A00-8B16-802A1A3BCBDE} - System32\Tasks\User_Feed_Synchronization-{06A89E2D-990D-4F48-B647-84EA59F27D4E} => C:\WINDOWS\system32\msfeedssync.exe [2013-06-16] (Microsoft Corporation)
Task: {344F654D-262B-4388-8D75-4A6241F7975B} - \Lyrics-Pal Update No Task File
Task: {3AD92515-9126-4AD6-AAB8-8DA8A3DF4D97} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {3D837DEE-9D08-45AC-8D71-D75E6E6308D8} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-496577320-1511247521-3890309592-1002
Task: {3DF8EE62-E164-4398-BD73-65AA7DF1CDC6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {41458A76-CA8F-40EE-A24E-4E1C65934B1F} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2013-06-16] (Microsoft Corporation)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {4D113265-418B-45EF-A8AA-9D5590E69053} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {52493E78-64BB-4238-A207-A3D5A258995B} - \Optimize Start Menu Cache Files-S-1-5-21-496577320-1511247521-3890309592-500 No Task File
Task: {533B55E2-5676-4162-8943-E1F0B1A1EC54} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {58135C79-42C7-448D-8BE1-A4E7C1068EF8} - System32\Tasks\Microsoft\Windows\AppReadiness\TriggerTask
Task: {6333B11A-D2DA-40EF-8B8C-F96D8C049FA3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {70DD051C-5FE1-4364-B2D0-C63C90B9B550} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2013-06-16] (Microsoft Corporation)
Task: {72FFFA2E-C2DB-4E38-B85D-7E4B8FE18649} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {73AE7550-FE70-4A2D-9FAC-E887225204C7} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {77F32B49-9D7F-40F7-A8C7-27ACC491FBBD} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {7DD38FB8-B4EA-475F-AD7D-91F92F43975C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2013-06-16] (Microsoft Corporation)
Task: {7EE9CFF0-8992-4B4E-B315-A05907C1FD56} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {81E853F7-6BE3-4F83-ADB6-6341CA65657E} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {86DB582D-59EB-448C-B819-4A8A60D87252} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2013-06-16] (Microsoft Corporation)
Task: {872B7413-91E4-495A-A143-AB9C6C7A7627} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {89BAF0B4-4897-4A62-97C2-1FE51EAECCF4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {8B700344-4A5E-47F6-8AE4-FD2A75744BF5} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {932C9519-5ED3-4461-8E70-13C5D39F2CAD} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {9958ABF2-4E33-47F8-8E43-DD3554FEC04B} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {9EF5DF04-7A3F-4931-933A-44A80D834D19} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {A5B60A69-3373-45E3-A87E-E811971B5F4C} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {A9715841-AB9B-4B3A-9692-87890E56B895} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {AE420812-EF96-402E-AF6D-0C8D79949860} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {AE46FB24-E30C-4775-B8FC-904E39ED4D48} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2013-06-16] (Microsoft Corporation)
Task: {BAF7F222-AD15-41B6-B069-0650E1C64A8A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {C2C5A71F-A5EC-4D1A-B92A-7FB2A626F00E} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {C55B2043-5578-4C54-A92F-5D1D2B3F0BED} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C9EBD69A-2EFB-4017-8264-6D32CE4AEFB9} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {D15C4743-048B-470F-84D4-214A2F3A0EA6} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {D1CB60A8-47DE-4FED-B1BA-AF59505B6A7F} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {D601F79C-272D-49F1-A503-04ADEAC9B76A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2013-06-16] (Microsoft Corporation)
Task: {D6AD20F6-AFFD-47F9-A19C-F6DB42070E79} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {D8D82993-5802-4A9A-B99A-9CBFC560A4FA} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {DFB031F2-39DB-42D4-8C95-044405F10C87} - \GoogleUpdateTaskMachineUA No Task File
Task: {E01F8BF5-1956-49BF-B770-F8AB63CB02AA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {E0BC623D-2C36-4F2E-8BF9-A6210F1116D9} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {E72D32F3-032B-4725-973F-2E9DCE43E7C5} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {E974CA30-7DB4-4907-8C2B-A311572BA839} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {EF264D87-7E10-472D-95EF-815489E27ACB} - \{0A19EEB6-F0C1-478A-9B1B-704D78A74ABF} No Task File
Task: {F17728DD-1E1C-474D-B3F2-FE4D4BABEF48} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {F1DA6E19-D959-4B0E-8D46-EB585F5220FD} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {F28968FE-579E-4128-9D20-69FA4CC8E719} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\system32\rundll32.exe [2013-06-16] (Microsoft Corporation)
Task: {F2B43BC6-1FCC-421C-9DD2-2F6217F7CA0F} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {F750183B-FC93-4D03-B7B9-D60550478E37} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FC6AF5AD-A209-4ED5-B3A2-3C07D8EAC601} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {FDA39514-5975-4AEB-9E34-9DF6406E633D} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2013-06-16] (Microsoft Corporation)
Task: {FDC7FF18-CEF3-41D8-927C-6B8B8F0AE3C8} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2013-06-16] (Microsoft Corporation)
Task: {FEAF06BF-C601-4665-A32B-CB10A58609CE} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {FF7F247D-DB06-4999-9A70-CFBC798209EF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Lyrics-Pal Update.job => C:\Program Files (x86)\LyricsPal\Lyrics.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/22/2013 07:45:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9431.0, Zeitstempel: 0x51bce434
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9431.171, Zeitstempel: 0x51d3c1ee
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004b6706
ID des fehlerhaften Prozesses: 0xb80
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (08/22/2013 07:07:25 PM) (Source: MsiInstaller) (User: Erazer)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Google Chrome

Error: (08/21/2013 10:02:21 PM) (Source: Application Hang) (User: )
Description: Programm Origin.exe, Version 9.3.1.4482 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e8c

Startzeit: 01ce9e7a5a18accb

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Origin\Origin.exe

Berichts-ID: 966355a4-0a9c-11e3-bee1-d43d7e6b716b

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/21/2013 04:57:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: t6mp.exe, Version: 1.0.0.1, Zeitstempel: 0x51f04bfb
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x80000026
Fehleroffset: 0x77ba03b9
ID des fehlerhaften Prozesses: 0x12c0
Startzeit der fehlerhaften Anwendung: 0xt6mp.exe0
Pfad der fehlerhaften Anwendung: t6mp.exe1
Pfad des fehlerhaften Moduls: t6mp.exe2
Berichtskennung: t6mp.exe3
Vollständiger Name des fehlerhaften Pakets: t6mp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: t6mp.exe5

Error: (08/21/2013 04:57:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: t6mp.exe, Version: 1.0.0.1, Zeitstempel: 0x51f04bfb
Name des fehlerhaften Moduls: XAudio2_7.dll, Version: 9.29.1962.0, Zeitstempel: 0x4c0641e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002526c
ID des fehlerhaften Prozesses: 0x12c0
Startzeit der fehlerhaften Anwendung: 0xt6mp.exe0
Pfad der fehlerhaften Anwendung: t6mp.exe1
Pfad des fehlerhaften Moduls: t6mp.exe2
Berichtskennung: t6mp.exe3
Vollständiger Name des fehlerhaften Pakets: t6mp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: t6mp.exe5

Error: (08/19/2013 04:53:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: bf3.exe, Version: 1.6.0.0, Zeitstempel: 0x511c9356
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9431.0, Zeitstempel: 0x51bcf91f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00021319
ID des fehlerhaften Prozesses: 0x1c68
Startzeit der fehlerhaften Anwendung: 0xbf3.exe0
Pfad der fehlerhaften Anwendung: bf3.exe1
Pfad des fehlerhaften Moduls: bf3.exe2
Berichtskennung: bf3.exe3
Vollständiger Name des fehlerhaften Pakets: bf3.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bf3.exe5

Error: (08/15/2013 00:34:28 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: sf2.exe, Version: 1.0.53714.0, Zeitstempel: 0x51f8d841
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9431.0, Zeitstempel: 0x51bcf91f
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0006ec0d
ID des fehlerhaften Prozesses: 0x212c
Startzeit der fehlerhaften Anwendung: 0xsf2.exe0
Pfad der fehlerhaften Anwendung: sf2.exe1
Pfad des fehlerhaften Moduls: sf2.exe2
Berichtskennung: sf2.exe3
Vollständiger Name des fehlerhaften Pakets: sf2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sf2.exe5

Error: (08/15/2013 00:27:09 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: sf2.exe, Version: 1.0.53714.0, Zeitstempel: 0x51f8d841
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9431.0, Zeitstempel: 0x51bcf91f
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0006ec0d
ID des fehlerhaften Prozesses: 0x1340
Startzeit der fehlerhaften Anwendung: 0xsf2.exe0
Pfad der fehlerhaften Anwendung: sf2.exe1
Pfad des fehlerhaften Moduls: sf2.exe2
Berichtskennung: sf2.exe3
Vollständiger Name des fehlerhaften Pakets: sf2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sf2.exe5

Error: (08/15/2013 00:21:38 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: sf2.exe, Version: 1.0.53714.0, Zeitstempel: 0x51f8d841
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9431.0, Zeitstempel: 0x51bcf91f
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0006ec0d
ID des fehlerhaften Prozesses: 0x1394
Startzeit der fehlerhaften Anwendung: 0xsf2.exe0
Pfad der fehlerhaften Anwendung: sf2.exe1
Pfad des fehlerhaften Moduls: sf2.exe2
Berichtskennung: sf2.exe3
Vollständiger Name des fehlerhaften Pakets: sf2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sf2.exe5

Error: (08/15/2013 00:20:48 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: sf2.exe, Version: 1.0.53714.0, Zeitstempel: 0x51f8d841
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9431.0, Zeitstempel: 0x51bcf91f
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0006ec0d
ID des fehlerhaften Prozesses: 0xe20
Startzeit der fehlerhaften Anwendung: 0xsf2.exe0
Pfad der fehlerhaften Anwendung: sf2.exe1
Pfad des fehlerhaften Moduls: sf2.exe2
Berichtskennung: sf2.exe3
Vollständiger Name des fehlerhaften Pakets: sf2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sf2.exe5


System errors:
=============
Error: (08/23/2013 11:42:20 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Fehlercode: 126

Error: (08/23/2013 10:47:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Fehlercode: 126

Error: (08/23/2013 08:58:32 AM) (Source: DCOM) (User: Erazer)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (08/23/2013 08:58:01 AM) (Source: DCOM) (User: Erazer)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (08/23/2013 08:46:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Fehlercode: 126

Error: (08/23/2013 08:46:15 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎23.‎08.‎2013 um 08:29:35 unerwartet heruntergefahren.

Error: (08/23/2013 00:02:49 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (08/22/2013 11:58:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BitRaider Mini-Support Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (08/22/2013 11:48:39 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\System32\DRIVERS\PSKMAD.sys

Error: (08/22/2013 10:29:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Fehlercode: 126


Microsoft Office Sessions:
=========================
Error: (08/22/2013 07:45:21 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.3.9431.051bce434Windows.UI.Xaml.dll6.3.9431.17151d3c1eec000000500000000004b6706b8001ce9f59ac2fe5a3C:\WINDOWS\Explorer.EXEC:\Windows\System32\Windows.UI.Xaml.dll9d2e1210-0b52-11e3-bee6-d43d7e6b716b

Error: (08/22/2013 07:07:25 PM) (Source: MsiInstaller)(User: Erazer)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Google Chrome(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/21/2013 10:02:21 PM) (Source: Application Hang)(User: )
Description: Origin.exe9.3.1.44821e8c01ce9e7a5a18accb4294967295C:\Program Files (x86)\Origin\Origin.exe966355a4-0a9c-11e3-bee1-d43d7e6b716b

Error: (08/21/2013 04:57:18 PM) (Source: Application Error)(User: )
Description: t6mp.exe1.0.0.151f04bfbunknown0.0.0.0000000008000002677ba03b912c001ce9e7ea0bebd3eC:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exeunknownf9082958-0a71-11e3-bee1-d43d7e6b716b

Error: (08/21/2013 04:57:16 PM) (Source: Application Error)(User: )
Description: t6mp.exe1.0.0.151f04bfbXAudio2_7.dll9.29.1962.04c0641e5c00000050002526c12c001ce9e7ea0bebd3eC:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exeC:\WINDOWS\SYSTEM32\XAudio2_7.dllf7b44caf-0a71-11e3-bee1-d43d7e6b716b

Error: (08/19/2013 04:53:02 PM) (Source: Application Error)(User: )
Description: bf3.exe1.6.0.0511c9356ntdll.dll6.3.9431.051bcf91fc0000005000213191c6801ce9cebb50c3b96C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exeC:\WINDOWS\SYSTEM32\ntdll.dll0bb45d4a-08df-11e3-bee1-d43d7e6b716b

Error: (08/15/2013 00:34:28 AM) (Source: Application Error)(User: )
Description: sf2.exe1.0.53714.051f8d841ntdll.dll6.3.9431.051bcf91fc00004090006ec0d212c01ce993e6ee541a5C:\Program Files (x86)\SpecialForce2Beta\binaries\Win32\sf2.exeC:\WINDOWS\SYSTEM32\ntdll.dllad867630-0531-11e3-bede-d43d7e6b716b

Error: (08/15/2013 00:27:09 AM) (Source: Application Error)(User: )
Description: sf2.exe1.0.53714.051f8d841ntdll.dll6.3.9431.051bcf91fc00004090006ec0d134001ce993d693f6709C:\Program Files (x86)\SpecialForce2Beta\binaries\Win32\sf2.exeC:\WINDOWS\SYSTEM32\ntdll.dlla7de8d7a-0530-11e3-bede-d43d7e6b716b

Error: (08/15/2013 00:21:38 AM) (Source: Application Error)(User: )
Description: sf2.exe1.0.53714.051f8d841ntdll.dll6.3.9431.051bcf91fc00004090006ec0d139401ce993ca3dc6611C:\Program Files (x86)\SpecialForce2Beta\binaries\Win32\sf2.exeC:\WINDOWS\SYSTEM32\ntdll.dlle27b56e2-052f-11e3-bede-d43d7e6b716b

Error: (08/15/2013 00:20:48 AM) (Source: Application Error)(User: )
Description: sf2.exe1.0.53714.051f8d841ntdll.dll6.3.9431.051bcf91fc00004090006ec0de2001ce993c86309af2C:\Program Files (x86)\SpecialForce2Beta\binaries\Win32\sf2.exeC:\WINDOWS\SYSTEM32\ntdll.dllc4d1ac88-052f-11e3-bede-d43d7e6b716b


CodeIntegrity Errors:
===================================
  Date: 2013-08-20 18:27:38.393
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-08-20 18:27:38.385
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-08-20 18:27:38.377
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-08-20 18:27:38.368
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-08-20 18:27:38.359
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-08-20 18:27:38.351
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-08-20 18:27:38.232
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-08-20 18:27:38.222
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-08-20 18:27:38.213
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-08-20 18:27:38.178
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 13%
Total physical RAM: 16306.13 MB
Available physical RAM: 14139.46 MB
Total Pagefile: 32690.13 MB
Available Pagefile: 30270.7 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1800.96 GB) (Free:1565.15 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:44.03 GB) NTFS
Drive h: (14 Apr 2010) (CDROM) (Total:1.44 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
==================== End Of Log ============================

--- --- ---

Zyriak · 23.08.2013, 10:48

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2013
Ran by Win 8 Erazer (administrator) on 23-08-2013 11:44:32
Running from C:\Users\Win 8 Erazer\Downloads
Windows 8.1 Preview (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\Win 8 Erazer\Downloads\adwcleaner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3549528 2013-08-14] (Electronic Arts)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-08-27] (cyberlink)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [PSUAMain] - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32736 2013-07-08] (Panda Security, S.L.)
HKLM-x32\...\Run: [Panda Security URL Filtering] - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe [235072 2013-04-11] (Visicom Media Inc.)
HKU\UpdatusUser\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\UpdatusUser\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
HKU\UpdatusUser\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-06-16] (Microsoft Corporation)
AppInit_DLLs-x32:    [0 ] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\True Color Pro.lnk
ShortcutTarget: True Color Pro.lnk -> C:\Program Files (x86)\LG Electronics\True Color Pro Software\bin\True Color Pro.exe ()
Startup: C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files\Logitech Gaming Software\EReg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKCU - {CA1CC0EA-D287-4F82-B492-3BF51125A0D5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO-x32: Lyrics-Pal - {436d7c25-2977-4342-ad2a-84c05cc66881} - C:\Program Files (x86)\LyricsPal\128.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\WIN8ER~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\WIN8ER~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\WIN8ER~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\WIN8ER~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet Service) - C:\Users\WIN8ER~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_1
CHR Extension: (Gmail) - C:\Users\WIN8ER~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [pnbbffeddnekkhjmokkhdebbfbibbflc] - C:\Program Files (x86)\LyricsPal\128.crx

==================== Services (Whitelisted) =================

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [546304 2013-06-16] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1249280 2013-06-16] (Microsoft Corporation)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-22] (BitRaider, LLC)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-08-27] (CyberLink)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114176 2013-06-16] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164736 2012-11-16] (Intel Corporation)
S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [431104 2013-06-16] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140768 2013-07-17] (Panda Security, S.L.)
R3 NcbService; C:\Windows\System32\ncbservice.dll [150016 2013-06-16] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-19] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [37344 2013-07-08] (Panda Security, S.L.)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [129024 2013-06-16] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-06-16] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [516096 2013-06-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [345336 2013-06-16] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-06-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-06-16] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1292288 2013-06-15] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [788240 2013-06-16] (PMC-Sierra)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [77312 2013-06-16] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [650736 2013-06-06] (Intel Corporation)
S0 intelpep; C:\Windows\System32\drivers\intelpep.sys [37640 2013-06-16] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81672 2013-06-16] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-06-16] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [88064 2013-06-16] (Microsoft Corporation)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [91368 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [122088 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [109288 2013-05-29] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [95464 2013-05-29] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [69864 2013-05-29] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [119016 2013-05-29] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [305896 2013-05-29] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [118504 2013-05-29] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [246504 2013-05-29] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [106216 2013-05-29] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [168680 2013-05-28] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [122600 2013-07-17] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [205544 2013-05-28] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124648 2013-05-28] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [137448 2013-05-29] (Panda Security, S.L.)
S3 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [105704 2013-05-28] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58808 2013-04-29] (Panda Security, S.L.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [934152 2013-06-16] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2160352 2013-03-08] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [138752 2013-06-16] (Microsoft Corporation)
S3 SSMO3v2Filter; C:\Windows\system32\drivers\MO3v2Driver.sys [23040 2010-11-22] (Sagatek Co. Ltd.)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56584 2013-06-16] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [27912 2013-06-16] (Microsoft Corporation)
R3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [23552 2012-09-12] (Creative Technology Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [126216 2013-06-16] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2013-06-16] (Microsoft Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-23 11:43 - 2013-08-23 11:44 - 01576474 _____ (Farbar) C:\Users\Win 8 Erazer\Downloads\FRST64.exe
2013-08-23 11:43 - 2013-08-23 11:43 - 00003576 _____ C:\Users\Win 8 Erazer\Desktop\AdwCleaner[S0]123.txt
2013-08-23 11:41 - 2013-08-23 11:41 - 00000338 _____ C:\WINDOWS\PFRO.log
2013-08-23 11:38 - 2013-08-23 11:40 - 00000000 ____D C:\AdwCleaner
2013-08-23 11:37 - 2013-08-23 11:37 - 00975858 _____ C:\Users\Win 8 Erazer\Downloads\adwcleaner.exe
2013-08-23 11:35 - 2013-08-23 11:35 - 00000105 _____ C:\prefs.js
2013-08-23 10:52 - 2013-08-23 10:53 - 00602112 _____ (OldTimer Tools) C:\Users\Win 8 Erazer\Downloads\OTL.exe
2013-08-23 10:46 - 2013-08-23 10:46 - 00000000 _____ C:\ProgramData\0x0304A000.sfl
2013-08-22 23:58 - 2013-08-22 23:58 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-22 23:29 - 2013-08-23 00:07 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-08-22 23:25 - 2013-08-22 23:27 - 54085656 _____ (Blizzard Entertainment) C:\Users\Win 8 Erazer\Downloads\StarCraft-II-Setup-deDE.exe
2013-08-22 21:33 - 2013-08-22 21:33 - 00001182 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-08-22 21:33 - 2013-08-22 21:33 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-08-22 21:31 - 2013-08-22 21:31 - 05536272 _____ (TeamViewer GmbH) C:\Users\Win 8 Erazer\Downloads\TeamViewer_Setup_de.exe
2013-08-22 21:29 - 2013-04-29 09:17 - 00058808 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2013-08-22 21:08 - 2013-08-22 21:08 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Logitech
2013-08-22 21:08 - 2013-08-22 21:08 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Leadertech
2013-08-22 21:08 - 2013-08-22 21:08 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-22 21:07 - 2013-08-22 21:07 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-22 21:06 - 2013-08-22 21:06 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Logitech
2013-08-22 21:06 - 2013-08-22 21:06 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Logishrd
2013-08-22 20:50 - 2013-08-22 20:52 - 52882496 _____ (Logitech Inc.) C:\Users\Win 8 Erazer\Downloads\lgs846_x64.exe
2013-08-22 20:49 - 2013-08-23 11:42 - 00236446 _____ C:\WINDOWS\setupact.log
2013-08-22 20:49 - 2013-08-23 11:10 - 00607543 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-22 20:49 - 2013-08-22 20:49 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-08-22 20:47 - 2013-08-22 20:47 - 02816072 _____ (LionSea SoftWare                                            ) C:\Users\Win 8 Erazer\Downloads\setup.exe
2013-08-22 20:47 - 2013-08-22 20:47 - 00138132 _____ C:\Users\Win 8 Erazer\Documents\cc_20130822_204750.reg
2013-08-22 20:29 - 2013-08-22 20:29 - 00002786 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-08-22 20:29 - 2013-08-22 20:29 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-22 20:29 - 2013-08-22 20:29 - 00000000 ____D C:\Program Files\CCleaner
2013-08-22 20:13 - 2013-08-23 11:44 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{06A89E2D-990D-4F48-B647-84EA59F27D4E}
2013-08-22 19:50 - 2013-08-23 10:55 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-496577320-1511247521-3890309592-1002
2013-08-22 19:48 - 2013-08-22 19:48 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-08-22 19:39 - 2013-08-22 19:39 - 03395840 _____ (Piriform Ltd) C:\Users\Win 8 Erazer\Downloads\ccsetup404_slim.exe
2013-08-22 19:38 - 2013-08-22 19:44 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-08-22 19:16 - 2013-08-22 19:18 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\panda4_0dn
2013-08-22 19:16 - 2013-08-22 19:16 - 00001302 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2013-08-22 19:15 - 2013-08-22 19:15 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Panda Security
2013-08-22 19:14 - 2013-08-23 11:44 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2013-08-22 19:13 - 2013-08-22 19:16 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-08-22 19:13 - 2013-08-22 19:13 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-22 19:13 - 2013-05-29 17:16 - 00137448 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2013-08-22 19:13 - 2013-05-28 11:25 - 00205544 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2013-08-22 19:13 - 2013-05-28 11:25 - 00168680 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2013-08-22 19:11 - 2013-08-22 19:11 - 01042952 _____ C:\Users\Win 8 Erazer\Downloads\PANDAIS14.exe
2013-08-22 19:08 - 2013-08-22 19:09 - 04491824 _____ (AVG Technologies) C:\Users\Win 8 Erazer\Downloads\avg_avct_stb_all_2013_3392_cm10.exe
2013-08-22 19:06 - 2013-08-22 19:06 - 00000546 _____ C:\WINDOWS\SysWOW64\bufferpool.txt
2013-08-22 18:53 - 2013-08-22 20:43 - 00000000 ____D C:\WINDOWS\Minidump
2013-08-22 17:24 - 2013-08-22 17:24 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Mozilla
2013-08-22 01:56 - 2013-08-22 01:56 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\WinRAR
2013-08-22 01:56 - 2013-08-22 01:56 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-22 01:56 - 2013-08-22 01:56 - 00000000 ____D C:\Program Files\WinRAR
2013-08-22 01:38 - 2013-08-22 01:38 - 00002325 _____ C:\Users\Win 8 Erazer\Desktop\Skyrim (SKSE).lnk
2013-08-22 01:38 - 2013-08-22 01:38 - 00002325 _____ C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk
2013-08-20 01:54 - 2013-08-20 01:54 - 00000000 ____D C:\BOSS
2013-08-19 09:21 - 2013-08-22 22:44 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2013-08-19 09:21 - 2013-08-19 09:21 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\PunkBuster
2013-08-19 09:21 - 2013-08-19 09:21 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\Battlefield 3
2013-08-19 09:16 - 2013-08-19 09:16 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\ESN
2013-08-19 09:16 - 2013-08-19 09:16 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-08-19 09:13 - 2013-08-19 09:13 - 00000000 ____D C:\ProgramData\EA Core
2013-08-19 09:12 - 2013-08-19 09:12 - 00001190 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-08-19 09:11 - 2013-08-22 22:44 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-08-19 09:11 - 2013-08-22 22:44 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2013-08-19 09:11 - 2013-08-19 17:00 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-08-17 19:13 - 2013-08-17 22:09 - 00000000 ____D C:\Program Files (x86)\SpecialForce2Beta
2013-08-17 19:13 - 2013-08-17 19:13 - 00001069 _____ C:\Users\Public\Desktop\SKILL.lnk
2013-08-17 05:47 - 2013-08-19 23:09 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Firestorm
2013-08-17 05:47 - 2013-08-17 05:48 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Firestorm
2013-08-17 05:47 - 2013-08-17 05:47 - 00001333 _____ C:\Users\Public\Desktop\Firestorm-Release.lnk
2013-08-17 05:45 - 2013-08-17 05:47 - 00000000 ____D C:\Program Files (x86)\Firestorm-Release
2013-08-16 17:19 - 2013-08-18 16:30 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-08-15 21:59 - 2013-08-23 11:42 - 00000392 _____ C:\WINDOWS\Tasks\Lyrics-Pal Update.job
2013-08-15 21:58 - 2013-08-16 09:26 - 00000000 ____D C:\WINDOWS\SysWOW64\Extensions
2013-08-15 21:58 - 2013-08-15 21:58 - 00000000 ____D C:\WINDOWS\SysWOW64\searchplugins
2013-08-15 21:58 - 2013-08-15 21:58 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\avgchrome
2013-08-15 21:58 - 2013-08-15 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 18:51 - 2013-08-15 18:51 - 00012031 _____ C:\Users\Win 8 Erazer\Documents\kündigung arbeit.odt
2013-08-15 18:45 - 2013-08-15 18:45 - 00000022 _____ C:\Users\Win 8 Erazer\Documents\ärztliche untersuchung.txt
2013-08-15 13:18 - 2013-08-15 13:18 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Need for Speed World
2013-08-15 12:19 - 2013-08-15 12:19 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Electronic_Arts_Inc
2013-08-15 12:18 - 2013-08-15 12:18 - 00002237 _____ C:\Users\Public\Desktop\Need For Speed World.lnk
2013-08-14 22:02 - 2013-08-17 19:13 - 00000000 _____ C:\dfu.log
2013-08-14 12:27 - 2013-07-18 05:57 - 05636096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-08-14 12:27 - 2013-07-18 05:50 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-08-14 12:27 - 2013-07-18 05:00 - 04246528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-08-14 12:27 - 2013-07-18 04:43 - 11087360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-08-14 12:26 - 2013-07-31 05:25 - 22564864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-08-14 12:26 - 2013-07-31 04:58 - 16982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-08-14 12:26 - 2013-07-31 03:52 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-08-14 12:26 - 2013-07-31 03:48 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-08-14 12:26 - 2013-07-31 03:38 - 01788928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-08-14 12:26 - 2013-07-31 03:37 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-08-14 12:26 - 2013-07-29 09:17 - 00432904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-08-14 12:26 - 2013-07-29 09:17 - 00258264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2013-08-14 12:26 - 2013-07-29 06:43 - 00338896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-08-14 12:26 - 2013-07-29 06:43 - 00206048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2013-08-14 12:26 - 2013-07-29 03:36 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2013-08-14 12:26 - 2013-07-29 03:22 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2013-08-14 03:07 - 2013-08-19 09:13 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Origin
2013-08-14 03:07 - 2013-08-16 17:19 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Origin
2013-08-14 03:00 - 2013-08-23 11:42 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-14 03:00 - 2013-08-19 09:13 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-14 03:00 - 2013-08-16 17:19 - 00000000 ____D C:\ProgramData\Origin
2013-08-14 03:00 - 2013-08-14 03:00 - 00000995 _____ C:\Users\Public\Desktop\Origin.lnk
2013-08-13 16:28 - 2013-07-25 15:51 - 00000541 _____ C:\Users\Win 8 Erazer\Desktop\Beobachtung.lnk
2013-08-13 16:27 - 2013-08-13 16:27 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\OpenOffice
2013-08-13 16:23 - 2013-08-13 16:23 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2013-08-13 16:22 - 2013-08-13 16:23 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-13 16:22 - 2013-08-13 16:22 - 00000000 ____D C:\Users\Win 8 Erazer\Desktop\OpenOffice 4.0.0 (de) Installation Files
2013-08-12 17:06 - 2013-08-12 17:06 - 00000000 ____D C:\Games
2013-08-12 17:04 - 2013-08-12 17:04 - 00000906 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-08-12 17:04 - 2013-08-12 17:04 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Black_Tree_Gaming
2013-08-12 17:04 - 2013-08-12 17:04 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\Nexus Mod Manager
2013-08-12 17:04 - 2013-08-12 17:04 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-08-11 22:03 - 2013-08-11 22:03 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\Diablo III
2013-08-11 17:39 - 2013-08-11 17:39 - 00000067 _____ C:\Users\Win 8 Erazer\Desktop\Zyriak Peter Zytonoize.url
2013-08-10 18:25 - 2013-08-22 18:11 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Skyrim
2013-08-10 02:52 - 2013-08-10 02:52 - 00000222 _____ C:\Users\Win 8 Erazer\Desktop\Call of Duty Black Ops II.url
2013-08-10 02:13 - 2013-08-10 02:13 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\AVS4YOU
2013-08-10 02:07 - 2013-08-10 02:07 - 00001221 _____ C:\Users\Win 8 Erazer\Desktop\AVS Video Editor.lnk
2013-08-10 02:07 - 2013-08-10 02:07 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-08-10 02:07 - 2013-08-10 02:07 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\AVS4YOU
2013-08-10 02:07 - 2013-08-10 02:07 - 00000000 ____D C:\ProgramData\AVS4YOU
2013-08-10 02:06 - 2013-08-10 02:07 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2013-08-10 02:03 - 2013-08-20 23:37 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Audacity
2013-08-10 02:03 - 2013-08-10 02:03 - 00001023 _____ C:\Users\Win 8 Erazer\Desktop\Audacity.lnk
2013-08-10 02:03 - 2013-08-10 02:03 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-10 01:59 - 2013-08-20 23:35 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Windows Live
2013-08-10 01:51 - 2013-08-10 01:51 - 00001418 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-08-10 01:51 - 2013-08-10 01:51 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-10 01:50 - 2013-08-10 01:52 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\DVDVideoSoft
2013-08-10 01:49 - 2013-08-10 01:52 - 00000000 ____D C:\Fraps
2013-08-10 01:49 - 2013-08-10 01:49 - 00000574 _____ C:\Users\Win 8 Erazer\Desktop\Fraps.lnk
2013-08-10 01:49 - 2013-08-10 01:49 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2013-08-09 21:38 - 2013-08-09 21:38 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\SWTOR
2013-08-09 12:03 - 2013-08-11 11:40 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\My Games
2013-08-09 12:03 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2013-08-09 12:03 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2013-08-09 12:03 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2013-08-09 12:03 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2013-08-09 12:03 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2013-08-09 12:03 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2013-08-09 12:03 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2013-08-09 12:03 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2013-08-09 12:03 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2013-08-09 12:03 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2013-08-09 12:03 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2013-08-09 12:03 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2013-08-09 12:03 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2013-08-09 12:03 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2013-08-09 12:03 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2013-08-09 12:03 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2013-08-09 12:03 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2013-08-09 12:03 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2013-08-09 12:03 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2013-08-09 12:03 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2013-08-09 12:03 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2013-08-09 12:03 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2013-08-09 12:03 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2013-08-09 12:03 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2013-08-09 12:03 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2013-08-09 12:03 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2013-08-09 12:03 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2013-08-09 12:03 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2013-08-09 12:03 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2013-08-09 12:03 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2013-08-09 12:03 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2013-08-09 12:03 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2013-08-09 12:03 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2013-08-09 12:03 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2013-08-09 12:03 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2013-08-09 12:03 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2013-08-09 12:03 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2013-08-09 12:03 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2013-08-09 12:03 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2013-08-09 12:03 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2013-08-09 12:03 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2013-08-09 12:03 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2013-08-09 12:03 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2013-08-09 12:03 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2013-08-09 12:03 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2013-08-09 12:03 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2013-08-09 12:03 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2013-08-09 12:03 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2013-08-09 12:03 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2013-08-09 12:03 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2013-08-09 12:03 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2013-08-09 12:03 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2013-08-09 12:03 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2013-08-09 12:03 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2013-08-09 12:03 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2013-08-09 12:03 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2013-08-09 12:03 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2013-08-09 12:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2013-08-09 12:03 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2013-08-09 12:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2013-08-09 12:03 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2013-08-09 12:03 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2013-08-09 12:03 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-08-09 12:03 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2013-08-09 12:03 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2013-08-09 12:03 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2013-08-09 12:03 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2013-08-09 12:03 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2013-08-09 12:03 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2013-08-09 12:03 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2013-08-09 12:03 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2013-08-09 12:03 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2013-08-09 12:03 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2013-08-09 12:03 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2013-08-09 12:03 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2013-08-09 12:03 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2013-08-09 12:03 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2013-08-09 12:03 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2013-08-09 12:03 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2013-08-09 12:03 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2013-08-09 12:03 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2013-08-09 12:03 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2013-08-09 12:03 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2013-08-09 12:03 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2013-08-09 12:03 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2013-08-09 12:03 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2013-08-09 12:03 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2013-08-09 12:03 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2013-08-09 12:03 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2013-08-09 12:03 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2013-08-09 12:03 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2013-08-09 12:03 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2013-08-09 12:03 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2013-08-09 12:03 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2013-08-09 12:03 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2013-08-09 12:03 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2013-08-09 12:03 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2013-08-09 12:03 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2013-08-09 12:03 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2013-08-09 12:03 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2013-08-09 12:03 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2013-08-09 12:03 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2013-08-09 12:03 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2013-08-09 12:03 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2013-08-09 12:03 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2013-08-09 12:03 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2013-08-09 12:03 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2013-08-09 12:03 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2013-08-09 12:03 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2013-08-09 12:03 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2013-08-09 12:03 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2013-08-09 12:03 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2013-08-09 12:03 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2013-08-09 12:03 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2013-08-09 12:03 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2013-08-09 12:03 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2013-08-09 12:03 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2013-08-09 12:03 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2013-08-09 12:03 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2013-08-09 12:03 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2013-08-09 12:03 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2013-08-09 12:03 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2013-08-09 12:03 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2013-08-09 12:03 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2013-08-09 12:03 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2013-08-09 12:03 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2013-08-09 12:03 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2013-08-09 12:03 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2013-08-09 12:03 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2013-08-09 12:03 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2013-08-09 12:03 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2013-08-09 12:03 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2013-08-09 12:03 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2013-08-09 12:03 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2013-08-09 12:03 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2013-08-09 12:03 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2013-08-09 12:03 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2013-08-09 12:03 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2013-08-09 12:03 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2013-08-09 12:03 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2013-08-09 12:03 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2013-08-09 12:03 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2013-08-09 12:03 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2013-08-09 12:03 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2013-08-09 12:03 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2013-08-09 12:03 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2013-08-09 12:03 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2013-08-09 12:03 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2013-08-09 12:03 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2013-08-09 12:03 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2013-08-09 12:03 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2013-08-09 12:03 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2013-08-09 12:03 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2013-08-09 12:03 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2013-08-09 12:03 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2013-08-09 12:03 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2013-08-09 12:03 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2013-08-09 12:03 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2013-08-09 12:03 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2013-08-09 12:03 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2013-08-09 12:03 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2013-08-09 12:03 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2013-08-09 12:03 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2013-08-09 12:03 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2013-08-09 12:03 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2013-08-09 12:03 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2013-08-09 11:50 - 2013-08-09 11:50 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npDeployJava1.dll
2013-08-09 11:50 - 2013-08-09 11:50 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2013-08-09 11:50 - 2013-08-09 11:50 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-08-09 11:50 - 2013-08-09 11:50 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-08-09 11:50 - 2013-08-09 11:50 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-08-09 11:50 - 2013-08-09 11:50 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-08-09 11:50 - 2013-08-09 11:50 - 00000000 ____D C:\ProgramData\Sun
2013-08-09 11:50 - 2013-08-09 11:50 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-09 11:48 - 2013-08-09 11:48 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\SWTORPerf
2013-08-09 11:48 - 2013-08-09 11:48 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-09 11:46 - 2013-08-15 12:18 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-08-09 11:46 - 2013-08-09 11:46 - 00013955 _____ C:\Users\Win 8 Erazer\Documents\Install STAR WARS The Old Republic.log
2013-08-09 11:46 - 2013-08-09 11:46 - 00000000 ____D C:\Users\hedev
2013-08-09 11:46 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2013-08-09 11:46 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2013-08-09 10:10 - 2013-08-09 10:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-08-09 02:23 - 2013-08-09 02:23 - 00000222 _____ C:\Users\Win 8 Erazer\Desktop\Call of Duty Black Ops II - Multiplayer.url
2013-08-09 02:23 - 2013-08-09 02:23 - 00000221 _____ C:\Users\Win 8 Erazer\Desktop\Transformers War for Cybertron.url
2013-08-08 22:23 - 2013-08-22 21:28 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\TS3Client
2013-08-08 21:22 - 2013-08-08 21:22 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Creative
2013-08-08 21:18 - 2013-08-08 21:22 - 00000000 ____D C:\ProgramData\Creative
2013-08-08 21:14 - 2013-08-08 21:14 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2013-08-08 21:12 - 2013-08-08 21:14 - 00000369 ___RH C:\WINDOWS\ctfile.rfc
2013-08-08 21:12 - 2013-08-08 21:14 - 00000000 ____D C:\Program Files\Creative
2013-08-08 21:12 - 2013-08-08 21:14 - 00000000 ____D C:\Program Files (x86)\Creative
2013-08-08 21:12 - 2013-08-08 21:12 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2013-08-08 21:12 - 2013-08-08 21:12 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2013-08-08 21:12 - 2013-08-08 21:12 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2013-08-08 21:12 - 2013-08-08 21:12 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2013-08-08 21:12 - 2013-04-29 18:00 - 00032622 _____ C:\WINDOWS\system32\UHS.ini
2013-08-08 21:12 - 2013-04-29 18:00 - 00011264 _____ (Creative Technology Ltd.) C:\WINDOWS\UHSDefE.exe
2013-08-08 21:12 - 2013-04-29 18:00 - 00000257 _____ C:\WINDOWS\UHSConfig.ini
2013-08-08 21:12 - 2013-04-29 16:37 - 00057856 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\UHSpld64.dll
2013-08-08 21:12 - 2013-04-29 16:36 - 01088000 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\UHSAPO64.dll
2013-08-08 21:12 - 2013-04-29 16:35 - 00905216 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\UHSAPO32.dll
2013-08-08 21:12 - 2013-04-29 16:35 - 00012457 _____ C:\WINDOWS\UHSAPO64.ssc
2013-08-08 21:12 - 2013-04-16 15:55 - 00089600 _____ C:\WINDOWS\system32\CmdRtr64.DLL
2013-08-08 21:12 - 2013-04-16 15:54 - 00336384 _____ C:\WINDOWS\system32\APOMgr64.DLL
2013-08-08 21:12 - 2013-04-16 15:54 - 00074240 _____ C:\WINDOWS\SysWOW64\CmdRtr.DLL
2013-08-08 21:12 - 2013-04-16 15:52 - 00253440 _____ C:\WINDOWS\SysWOW64\APOMngr.DLL
2013-08-08 21:12 - 2013-03-27 11:59 - 01903104 ____N (Creative) C:\WINDOWS\system32\Sens_oal.dll
2013-08-08 21:12 - 2013-03-27 11:56 - 02906589 ____N (Creative) C:\WINDOWS\SysWOW64\Sens_oal.dll
2013-08-08 21:12 - 2006-10-06 14:17 - 00053248 ____N (Creative Technology Ltd ) C:\WINDOWS\Ctregrun.exe
2013-08-08 21:12 - 2003-06-12 23:25 - 00007062 _____ C:\WINDOWS\SysWOW64\audiopid.vxd
2013-08-08 21:12 - 2000-05-22 16:58 - 00647872 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscomct2.ocx
2013-08-08 20:44 - 2013-08-08 20:44 - 00001178 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-08 20:44 - 2013-08-08 20:44 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-08 19:06 - 2013-08-11 22:03 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-08-08 19:06 - 2013-08-08 19:06 - 00001174 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-08-08 18:56 - 2013-08-08 18:56 - 00000222 _____ C:\Users\Win 8 Erazer\Desktop\Defiance.url
2013-08-08 18:55 - 2013-08-08 18:55 - 00000220 _____ C:\Users\Win 8 Erazer\Desktop\BioShock Infinite.url
2013-08-08 18:55 - 2013-08-08 18:55 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-08-08 18:45 - 2013-08-22 23:29 - 00001115 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2013-08-08 18:45 - 2013-08-09 00:38 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\StarCraft II
2013-08-08 18:45 - 2013-08-08 18:45 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-08-08 18:45 - 2013-08-08 18:45 - 00000000 ____D C:\ProgramData\Battle.net
2013-08-08 18:44 - 2013-08-23 11:43 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Skype
2013-08-08 18:44 - 2013-08-08 18:44 - 00002533 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-08 18:44 - 2013-08-08 18:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-08 18:44 - 2013-08-08 18:44 - 00000000 ____D C:\ProgramData\Skype
2013-08-08 18:33 - 2013-08-23 11:42 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-08 18:33 - 2013-08-08 18:33 - 00000933 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-08 18:27 - 2013-08-23 11:44 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-08 18:26 - 2013-08-23 11:42 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-08 18:26 - 2013-08-23 11:42 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-08 18:26 - 2013-08-08 18:27 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Google
2013-08-08 18:26 - 2013-08-08 18:27 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-30 12:52 - 2013-07-12 04:34 - 04208128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-07-30 12:52 - 2013-06-29 06:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2013-07-30 12:52 - 2013-06-29 05:09 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2013-07-30 12:52 - 2013-06-28 04:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2013-07-30 12:52 - 2013-06-28 04:27 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2013-07-30 12:52 - 2013-06-28 04:11 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2013-07-30 12:52 - 2013-06-21 11:57 - 00986440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-07-30 12:52 - 2013-06-21 11:57 - 00817504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-07-30 12:52 - 2013-06-21 11:57 - 00778264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2013-07-30 12:52 - 2013-06-21 11:57 - 00705936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2013-07-30 12:52 - 2013-06-21 09:27 - 00784408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-07-30 12:52 - 2013-06-21 09:27 - 00638256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-07-30 12:52 - 2013-06-21 09:27 - 00597992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2013-07-30 12:52 - 2013-06-21 09:27 - 00553056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2013-07-30 12:52 - 2013-06-20 08:59 - 12849152 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-07-30 12:52 - 2013-06-20 07:15 - 11428352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-07-30 12:52 - 2013-06-20 06:20 - 05914624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2013-07-30 12:52 - 2013-06-20 06:17 - 04016128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2013-07-30 12:51 - 2013-07-03 08:47 - 13506048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-07-30 12:51 - 2013-07-03 08:23 - 17929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-07-30 12:51 - 2013-06-28 03:55 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-07-30 12:51 - 2013-06-28 03:54 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-07-30 12:51 - 2013-06-27 06:40 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2013-07-30 12:51 - 2013-06-27 06:16 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2013-07-29 19:32 - 2013-08-22 20:43 - 00000000 ___DC C:\WINDOWS\Panther
2013-07-29 19:32 - 2013-07-29 19:32 - 00000000 __SHD C:\Recovery
2013-07-29 19:31 - 2013-07-29 19:31 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-07-29 19:31 - 2013-07-29 19:31 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeXmlParser.dll
2013-07-29 19:29 - 2013-07-29 19:29 - 01538304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-07-29 19:29 - 2013-07-29 19:29 - 00395520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\Program Files\MSBuild
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-29 19:29 - 2013-05-29 03:35 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-07-29 19:29 - 2013-05-29 03:35 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-07-29 19:29 - 2013-05-29 03:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-07-29 19:29 - 2013-05-29 03:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-07-29 19:29 - 2013-05-29 03:35 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-07-29 19:29 - 2013-05-29 03:35 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-07-29 19:20 - 2013-07-29 19:20 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-29 19:18 - 2013-07-29 19:18 - 00001454 _____ C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-29 19:18 - 2013-07-29 19:18 - 00000020 ___SH C:\Users\Win 8 Erazer\ntuser.ini
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Programme
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-29 18:47 - 2013-07-29 18:47 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-07-29 18:45 - 2013-08-23 10:53 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-29 18:38 - 2013-08-23 10:46 - 00000000 ____D C:\Users\Win 8 Erazer
2013-07-29 18:38 - 2013-07-29 18:48 - 00030483 _____ C:\WINDOWS\diagwrn.xml
2013-07-29 18:38 - 2013-07-29 18:48 - 00030483 _____ C:\WINDOWS\diagerr.xml
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\WIN8ER~1\AppData\Local\Verlauf
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\WIN8ER~1\AppData\Local\Anwendungsdaten
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Vorlagen
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Startmenü
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Netzwerkumgebung
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Lokale Einstellungen
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Eigene Dateien
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Druckumgebung
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Documents\Eigene Musik
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Documents\Eigene Bilder
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Anwendungsdaten
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 ___RD C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-07-29 18:38 - 2013-06-16 07:37 - 00000000 ___RD C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-29 18:38 - 2013-06-16 07:37 - 00000000 ___RD C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-07-29 18:38 - 2013-06-16 07:37 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-07-29 18:36 - 2013-08-23 11:42 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-29 18:36 - 2013-07-29 18:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-07-29 18:36 - 2013-07-29 18:36 - 00000000 ____D C:\Program Files\Realtek
2013-07-29 18:36 - 2013-06-29 06:02 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-07-29 18:36 - 2013-06-29 06:02 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-07-29 18:36 - 2013-06-22 22:59 - 06581536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-07-29 18:36 - 2013-06-22 22:59 - 03444000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-07-29 18:36 - 2013-06-22 22:59 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-07-29 18:36 - 2013-06-22 22:59 - 00911136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-07-29 18:36 - 2013-06-22 22:59 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-07-29 18:36 - 2013-06-22 22:59 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-07-29 18:36 - 2013-06-18 21:29 - 03253909 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-07-29 18:35 - 2013-08-22 19:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-29 18:35 - 2013-07-29 18:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-29 18:35 - 2013-07-29 18:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-29 18:34 - 2013-07-29 18:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-29 18:33 - 2013-08-22 22:29 - 05026672 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== One Month Modified Files and Folders =======

2013-08-23 11:44 - 2013-08-23 11:43 - 01576474 _____ (Farbar) C:\Users\Win 8 Erazer\Downloads\FRST64.exe
2013-08-23 11:44 - 2013-08-22 20:13 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{06A89E2D-990D-4F48-B647-84EA59F27D4E}
2013-08-23 11:44 - 2013-08-22 19:14 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2013-08-23 11:44 - 2013-08-08 18:27 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-23 11:43 - 2013-08-23 11:43 - 00003576 _____ C:\Users\Win 8 Erazer\Desktop\AdwCleaner[S0]123.txt
2013-08-23 11:43 - 2013-08-08 18:44 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Skype
2013-08-23 11:42 - 2013-08-22 20:49 - 00236446 _____ C:\WINDOWS\setupact.log
2013-08-23 11:42 - 2013-08-15 21:59 - 00000392 _____ C:\WINDOWS\Tasks\Lyrics-Pal Update.job
2013-08-23 11:42 - 2013-08-14 03:00 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-23 11:42 - 2013-08-08 18:33 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-23 11:42 - 2013-08-08 18:26 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-23 11:42 - 2013-08-08 18:26 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-23 11:42 - 2013-07-29 18:36 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-23 11:42 - 2013-06-16 06:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-23 11:41 - 2013-08-23 11:41 - 00000338 _____ C:\WINDOWS\PFRO.log
2013-08-23 11:41 - 2013-06-16 05:17 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-08-23 11:40 - 2013-08-23 11:38 - 00000000 ____D C:\AdwCleaner
2013-08-23 11:37 - 2013-08-23 11:37 - 00975858 _____ C:\Users\Win 8 Erazer\Downloads\adwcleaner.exe
2013-08-23 11:35 - 2013-08-23 11:35 - 00000105 _____ C:\prefs.js
2013-08-23 11:10 - 2013-08-22 20:49 - 00607543 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-23 11:00 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\system32\sru
2013-08-23 10:55 - 2013-08-22 19:50 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-496577320-1511247521-3890309592-1002
2013-08-23 10:53 - 2013-08-23 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Win 8 Erazer\Downloads\OTL.exe
2013-08-23 10:53 - 2013-07-29 18:45 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-23 10:53 - 2013-06-16 12:51 - 00765378 _____ C:\WINDOWS\system32\perfh007.dat
2013-08-23 10:53 - 2013-06-16 12:51 - 00159696 _____ C:\WINDOWS\system32\perfc007.dat
2013-08-23 10:46 - 2013-08-23 10:46 - 00000000 _____ C:\ProgramData\0x0304A000.sfl
2013-08-23 10:46 - 2013-07-29 18:38 - 00000000 ____D C:\Users\Win 8 Erazer
2013-08-23 00:07 - 2013-08-22 23:29 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-08-22 23:58 - 2013-08-22 23:58 - 00000000 ____D C:\ProgramData\BitRaider
2013-08-22 23:29 - 2013-08-08 18:45 - 00001115 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2013-08-22 23:27 - 2013-08-22 23:25 - 54085656 _____ (Blizzard Entertainment) C:\Users\Win 8 Erazer\Downloads\StarCraft-II-Setup-deDE.exe
2013-08-22 22:44 - 2013-08-19 09:21 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2013-08-22 22:44 - 2013-08-19 09:11 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-08-22 22:44 - 2013-08-19 09:11 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2013-08-22 22:29 - 2013-07-29 18:33 - 05026672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-08-22 21:33 - 2013-08-22 21:33 - 00001182 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-08-22 21:33 - 2013-08-22 21:33 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-08-22 21:31 - 2013-08-22 21:31 - 05536272 _____ (TeamViewer GmbH) C:\Users\Win 8 Erazer\Downloads\TeamViewer_Setup_de.exe
2013-08-22 21:28 - 2013-08-08 22:23 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\TS3Client
2013-08-22 21:08 - 2013-08-22 21:08 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Logitech
2013-08-22 21:08 - 2013-08-22 21:08 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Leadertech
2013-08-22 21:08 - 2013-08-22 21:08 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-22 21:08 - 2013-04-10 15:14 - 00000000 ___RD C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-22 21:07 - 2013-08-22 21:07 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-22 21:06 - 2013-08-22 21:06 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Logitech
2013-08-22 21:06 - 2013-08-22 21:06 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Logishrd
2013-08-22 20:52 - 2013-08-22 20:50 - 52882496 _____ (Logitech Inc.) C:\Users\Win 8 Erazer\Downloads\lgs846_x64.exe
2013-08-22 20:49 - 2013-08-22 20:49 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-08-22 20:47 - 2013-08-22 20:47 - 02816072 _____ (LionSea SoftWare                                            ) C:\Users\Win 8 Erazer\Downloads\setup.exe
2013-08-22 20:47 - 2013-08-22 20:47 - 00138132 _____ C:\Users\Win 8 Erazer\Documents\cc_20130822_204750.reg
2013-08-22 20:43 - 2013-08-22 18:53 - 00000000 ____D C:\WINDOWS\Minidump
2013-08-22 20:43 - 2013-07-29 19:32 - 00000000 ___DC C:\WINDOWS\Panther
2013-08-22 20:29 - 2013-08-22 20:29 - 00002786 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-08-22 20:29 - 2013-08-22 20:29 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-22 20:29 - 2013-08-22 20:29 - 00000000 ____D C:\Program Files\CCleaner
2013-08-22 19:48 - 2013-08-22 19:48 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-08-22 19:47 - 2013-07-29 18:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-22 19:44 - 2013-08-22 19:38 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-08-22 19:39 - 2013-08-22 19:39 - 03395840 _____ (Piriform Ltd) C:\Users\Win 8 Erazer\Downloads\ccsetup404_slim.exe
2013-08-22 19:18 - 2013-08-22 19:16 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\panda4_0dn
2013-08-22 19:16 - 2013-08-22 19:16 - 00001302 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2013-08-22 19:16 - 2013-08-22 19:13 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-08-22 19:15 - 2013-08-22 19:15 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Panda Security
2013-08-22 19:13 - 2013-08-22 19:13 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-22 19:11 - 2013-08-22 19:11 - 01042952 _____ C:\Users\Win 8 Erazer\Downloads\PANDAIS14.exe
2013-08-22 19:09 - 2013-08-22 19:08 - 04491824 _____ (AVG Technologies) C:\Users\Win 8 Erazer\Downloads\avg_avct_stb_all_2013_3392_cm10.exe
2013-08-22 19:06 - 2013-08-22 19:06 - 00000546 _____ C:\WINDOWS\SysWOW64\bufferpool.txt
2013-08-22 18:11 - 2013-08-10 18:25 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Skyrim
2013-08-22 17:24 - 2013-08-22 17:24 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Mozilla
2013-08-22 01:56 - 2013-08-22 01:56 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\WinRAR
2013-08-22 01:56 - 2013-08-22 01:56 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-22 01:56 - 2013-08-22 01:56 - 00000000 ____D C:\Program Files\WinRAR
2013-08-22 01:38 - 2013-08-22 01:38 - 00002325 _____ C:\Users\Win 8 Erazer\Desktop\Skyrim (SKSE).lnk
2013-08-22 01:38 - 2013-08-22 01:38 - 00002325 _____ C:\Users\UpdatusUser\Desktop\Skyrim (SKSE).lnk
2013-08-20 23:37 - 2013-08-10 02:03 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Audacity
2013-08-20 23:35 - 2013-08-10 01:59 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Windows Live
2013-08-20 01:54 - 2013-08-20 01:54 - 00000000 ____D C:\BOSS
2013-08-20 00:51 - 2013-04-10 15:13 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\VirtualStore
2013-08-20 00:51 - 2012-03-14 04:04 - 00034816 _____ (ENB) C:\Users\Win 8 Erazer\Desktop\ENBInjector.exe
2013-08-19 23:09 - 2013-08-17 05:47 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Firestorm
2013-08-19 17:00 - 2013-08-19 09:11 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-08-19 09:21 - 2013-08-19 09:21 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\PunkBuster
2013-08-19 09:21 - 2013-08-19 09:21 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\Battlefield 3
2013-08-19 09:16 - 2013-08-19 09:16 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\ESN
2013-08-19 09:16 - 2013-08-19 09:16 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-08-19 09:13 - 2013-08-19 09:13 - 00000000 ____D C:\ProgramData\EA Core
2013-08-19 09:13 - 2013-08-14 03:07 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Origin
2013-08-19 09:13 - 2013-08-14 03:00 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-19 09:12 - 2013-08-19 09:12 - 00001190 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-08-18 16:30 - 2013-08-16 17:19 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-08-17 22:09 - 2013-08-17 19:13 - 00000000 ____D C:\Program Files (x86)\SpecialForce2Beta
2013-08-17 19:13 - 2013-08-17 19:13 - 00001069 _____ C:\Users\Public\Desktop\SKILL.lnk
2013-08-17 19:13 - 2013-08-14 22:02 - 00000000 _____ C:\dfu.log
2013-08-17 12:23 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-08-17 05:48 - 2013-08-17 05:47 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Firestorm
2013-08-17 05:47 - 2013-08-17 05:47 - 00001333 _____ C:\Users\Public\Desktop\Firestorm-Release.lnk
2013-08-17 05:47 - 2013-08-17 05:45 - 00000000 ____D C:\Program Files (x86)\Firestorm-Release
2013-08-16 17:19 - 2013-08-14 03:07 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Origin
2013-08-16 17:19 - 2013-08-14 03:00 - 00000000 ____D C:\ProgramData\Origin
2013-08-16 09:26 - 2013-08-15 21:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Extensions
2013-08-15 21:58 - 2013-08-15 21:58 - 00000000 ____D C:\WINDOWS\SysWOW64\searchplugins
2013-08-15 21:58 - 2013-08-15 21:58 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\avgchrome
2013-08-15 21:58 - 2013-08-15 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 18:51 - 2013-08-15 18:51 - 00012031 _____ C:\Users\Win 8 Erazer\Documents\kündigung arbeit.odt
2013-08-15 18:45 - 2013-08-15 18:45 - 00000022 _____ C:\Users\Win 8 Erazer\Documents\ärztliche untersuchung.txt
2013-08-15 13:18 - 2013-08-15 13:18 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Need for Speed World
2013-08-15 12:19 - 2013-08-15 12:19 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Electronic_Arts_Inc
2013-08-15 12:18 - 2013-08-15 12:18 - 00002237 _____ C:\Users\Public\Desktop\Need For Speed World.lnk
2013-08-15 12:18 - 2013-08-09 11:46 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-08-14 03:00 - 2013-08-14 03:00 - 00000995 _____ C:\Users\Public\Desktop\Origin.lnk
2013-08-13 16:27 - 2013-08-13 16:27 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\OpenOffice
2013-08-13 16:23 - 2013-08-13 16:23 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2013-08-13 16:23 - 2013-08-13 16:22 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-13 16:22 - 2013-08-13 16:22 - 00000000 ____D C:\Users\Win 8 Erazer\Desktop\OpenOffice 4.0.0 (de) Installation Files
2013-08-12 17:06 - 2013-08-12 17:06 - 00000000 ____D C:\Games
2013-08-12 17:04 - 2013-08-12 17:04 - 00000906 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-08-12 17:04 - 2013-08-12 17:04 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Black_Tree_Gaming
2013-08-12 17:04 - 2013-08-12 17:04 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\Nexus Mod Manager
2013-08-12 17:04 - 2013-08-12 17:04 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-08-11 22:03 - 2013-08-11 22:03 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\Diablo III
2013-08-11 22:03 - 2013-08-08 19:06 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-08-11 17:39 - 2013-08-11 17:39 - 00000067 _____ C:\Users\Win 8 Erazer\Desktop\Zyriak Peter Zytonoize.url
2013-08-11 11:40 - 2013-08-09 12:03 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\My Games
2013-08-10 02:52 - 2013-08-10 02:52 - 00000222 _____ C:\Users\Win 8 Erazer\Desktop\Call of Duty Black Ops II.url
2013-08-10 02:13 - 2013-08-10 02:13 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\AVS4YOU
2013-08-10 02:07 - 2013-08-10 02:07 - 00001221 _____ C:\Users\Win 8 Erazer\Desktop\AVS Video Editor.lnk
2013-08-10 02:07 - 2013-08-10 02:07 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-08-10 02:07 - 2013-08-10 02:07 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\AVS4YOU
2013-08-10 02:07 - 2013-08-10 02:07 - 00000000 ____D C:\ProgramData\AVS4YOU
2013-08-10 02:07 - 2013-08-10 02:06 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2013-08-10 02:03 - 2013-08-10 02:03 - 00001023 _____ C:\Users\Win 8 Erazer\Desktop\Audacity.lnk
2013-08-10 02:03 - 2013-08-10 02:03 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-10 01:52 - 2013-08-10 01:50 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\DVDVideoSoft
2013-08-10 01:52 - 2013-08-10 01:49 - 00000000 ____D C:\Fraps
2013-08-10 01:51 - 2013-08-10 01:51 - 00001418 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-08-10 01:51 - 2013-08-10 01:51 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-10 01:49 - 2013-08-10 01:49 - 00000574 _____ C:\Users\Win 8 Erazer\Desktop\Fraps.lnk
2013-08-10 01:49 - 2013-08-10 01:49 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2013-08-09 21:38 - 2013-08-09 21:38 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\SWTOR
2013-08-09 11:50 - 2013-08-09 11:50 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npDeployJava1.dll
2013-08-09 11:50 - 2013-08-09 11:50 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2013-08-09 11:50 - 2013-08-09 11:50 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-08-09 11:50 - 2013-08-09 11:50 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-08-09 11:50 - 2013-08-09 11:50 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-08-09 11:50 - 2013-08-09 11:50 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-08-09 11:50 - 2013-08-09 11:50 - 00000000 ____D C:\ProgramData\Sun
2013-08-09 11:50 - 2013-08-09 11:50 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-09 11:48 - 2013-08-09 11:48 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\SWTORPerf
2013-08-09 11:48 - 2013-08-09 11:48 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-09 11:46 - 2013-08-09 11:46 - 00013955 _____ C:\Users\Win 8 Erazer\Documents\Install STAR WARS The Old Republic.log
2013-08-09 11:46 - 2013-08-09 11:46 - 00000000 ____D C:\Users\hedev
2013-08-09 10:10 - 2013-08-09 10:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-08-09 02:23 - 2013-08-09 02:23 - 00000222 _____ C:\Users\Win 8 Erazer\Desktop\Call of Duty Black Ops II - Multiplayer.url
2013-08-09 02:23 - 2013-08-09 02:23 - 00000221 _____ C:\Users\Win 8 Erazer\Desktop\Transformers War for Cybertron.url
2013-08-09 00:38 - 2013-08-08 18:45 - 00000000 ____D C:\Users\Win 8 Erazer\Documents\StarCraft II
2013-08-08 21:22 - 2013-08-08 21:22 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Creative
2013-08-08 21:22 - 2013-08-08 21:18 - 00000000 ____D C:\ProgramData\Creative
2013-08-08 21:14 - 2013-08-08 21:14 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2013-08-08 21:14 - 2013-08-08 21:12 - 00000369 ___RH C:\WINDOWS\ctfile.rfc
2013-08-08 21:14 - 2013-08-08 21:12 - 00000000 ____D C:\Program Files\Creative
2013-08-08 21:14 - 2013-08-08 21:12 - 00000000 ____D C:\Program Files (x86)\Creative
2013-08-08 21:14 - 2012-11-05 19:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-08 21:12 - 2013-08-08 21:12 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2013-08-08 21:12 - 2013-08-08 21:12 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2013-08-08 21:12 - 2013-08-08 21:12 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2013-08-08 21:12 - 2013-08-08 21:12 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2013-08-08 20:44 - 2013-08-08 20:44 - 00001178 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-08 20:44 - 2013-08-08 20:44 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-08 19:06 - 2013-08-08 19:06 - 00001174 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-08-08 18:56 - 2013-08-08 18:56 - 00000222 _____ C:\Users\Win 8 Erazer\Desktop\Defiance.url
2013-08-08 18:55 - 2013-08-08 18:55 - 00000220 _____ C:\Users\Win 8 Erazer\Desktop\BioShock Infinite.url
2013-08-08 18:55 - 2013-08-08 18:55 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-08-08 18:45 - 2013-08-08 18:45 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-08-08 18:45 - 2013-08-08 18:45 - 00000000 ____D C:\ProgramData\Battle.net
2013-08-08 18:44 - 2013-08-08 18:44 - 00002533 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-08 18:44 - 2013-08-08 18:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-08 18:44 - 2013-08-08 18:44 - 00000000 ____D C:\ProgramData\Skype
2013-08-08 18:33 - 2013-08-08 18:33 - 00000933 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-08 18:27 - 2013-08-08 18:26 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Google
2013-08-08 18:27 - 2013-08-08 18:26 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-08 17:46 - 2013-07-20 12:23 - 00000000 ____D C:\ProgramData\Adobe
2013-08-08 17:45 - 2013-07-20 12:53 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-08-08 17:45 - 2013-07-20 11:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-08 17:40 - 2012-11-05 18:00 - 00000000 ____D C:\ProgramData\PRICache
2013-08-08 17:37 - 2013-04-10 15:46 - 01065984 _____ C:\Users\WIN8ER~1\AppData\Local\file__0.localstorage
2013-08-08 13:02 - 2013-07-20 11:42 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Adobe
2013-08-02 15:43 - 2013-04-10 15:13 - 00000000 ____D C:\Users\WIN8ER~1\AppData\Local\Packages
2013-08-01 09:48 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\rescache
2013-07-31 10:08 - 2013-06-16 07:37 - 00000000 ___RD C:\WINDOWS\ToastData
2013-07-31 10:08 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\WinStore
2013-07-31 05:25 - 2013-08-14 12:26 - 22564864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-07-31 04:58 - 2013-08-14 12:26 - 16982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-07-31 03:52 - 2013-08-14 12:26 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-07-31 03:48 - 2013-08-14 12:26 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-07-31 03:38 - 2013-08-14 12:26 - 01788928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-07-31 03:37 - 2013-08-14 12:26 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-07-29 19:32 - 2013-07-29 19:32 - 00000000 __SHD C:\Recovery
2013-07-29 19:31 - 2013-07-29 19:31 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-07-29 19:31 - 2013-07-29 19:31 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeXmlParser.dll
2013-07-29 19:31 - 2013-06-16 07:37 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-07-29 19:31 - 2013-04-10 15:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-07-29 19:29 - 2013-07-29 19:29 - 01538304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-07-29 19:29 - 2013-07-29 19:29 - 00395520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\Program Files\MSBuild
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-29 19:20 - 2013-07-29 19:20 - 00000000 ____D C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-29 19:19 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\FileManager
2013-07-29 19:19 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\Camera
2013-07-29 19:19 - 2013-04-10 15:14 - 00000000 ___RD C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-29 19:18 - 2013-07-29 19:18 - 00001454 _____ C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-29 19:18 - 2013-07-29 19:18 - 00000020 ___SH C:\Users\Win 8 Erazer\ntuser.ini
2013-07-29 19:18 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\system32\restore
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Programme
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-29 18:48 - 2013-07-29 18:48 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-29 18:48 - 2013-07-29 18:38 - 00030483 _____ C:\WINDOWS\diagwrn.xml
2013-07-29 18:48 - 2013-07-29 18:38 - 00030483 _____ C:\WINDOWS\diagerr.xml
2013-07-29 18:48 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\Registration
2013-07-29 18:48 - 2013-06-16 07:37 - 00000000 ____D C:\Program Files\Windows NT
2013-07-29 18:48 - 2013-06-16 05:28 - 00000000 __RHD C:\Users\Default
2013-07-29 18:47 - 2013-07-29 18:47 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-07-29 18:45 - 2012-11-26 17:26 - 01776918 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2013-07-29 18:44 - 2013-06-16 07:37 - 00000000 __RSD C:\WINDOWS\Media
2013-07-29 18:44 - 2013-06-16 07:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-07-29 18:43 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\tracing
2013-07-29 18:41 - 2013-06-16 05:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-07-29 18:41 - 2012-11-05 19:37 - 00000000 ____D C:\WINDOWS\tr
2013-07-29 18:40 - 2013-07-20 15:01 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-07-29 18:40 - 2013-06-16 12:50 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-07-29 18:40 - 2013-06-16 12:50 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-07-29 18:40 - 2013-06-16 12:50 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-07-29 18:40 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-07-29 18:40 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-07-29 18:40 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-07-29 18:40 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-07-29 18:40 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\system32\spool
2013-07-29 18:40 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-07-29 18:40 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-07-29 18:40 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\system32\IME
2013-07-29 18:40 - 2013-06-16 05:28 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-07-29 18:40 - 2013-06-16 05:28 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2013-07-29 18:40 - 2013-06-16 05:28 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-07-29 18:40 - 2012-11-05 19:37 - 00000000 ____D C:\WINDOWS\sv
2013-07-29 18:40 - 2012-11-05 19:37 - 00000000 ____D C:\WINDOWS\sl
2013-07-29 18:40 - 2012-11-05 19:37 - 00000000 ____D C:\WINDOWS\pl
2013-07-29 18:40 - 2012-11-05 19:37 - 00000000 ____D C:\WINDOWS\nl
2013-07-29 18:40 - 2012-11-05 19:37 - 00000000 ____D C:\WINDOWS\it
2013-07-29 18:40 - 2012-11-05 19:37 - 00000000 ____D C:\WINDOWS\hu
2013-07-29 18:40 - 2012-11-05 19:37 - 00000000 ____D C:\WINDOWS\da
2013-07-29 18:40 - 2012-11-05 19:36 - 00000000 ____D C:\WINDOWS\fr
2013-07-29 18:40 - 2012-11-05 19:36 - 00000000 ____D C:\WINDOWS\es
2013-07-29 18:40 - 2012-11-05 19:36 - 00000000 ____D C:\WINDOWS\el
2013-07-29 18:40 - 2012-11-05 19:36 - 00000000 ____D C:\WINDOWS\de
2013-07-29 18:40 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\en-GB
2013-07-29 18:40 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated
2013-07-29 18:39 - 2013-06-16 07:40 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-07-29 18:39 - 2013-06-16 07:37 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-07-29 18:39 - 2013-06-16 07:37 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-07-29 18:39 - 2013-06-16 07:37 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-07-29 18:39 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-07-29 18:39 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\IME
2013-07-29 18:39 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\Help
2013-07-29 18:39 - 2013-06-16 07:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-29 18:39 - 2013-06-16 07:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\WIN8ER~1\AppData\Local\Verlauf
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\WIN8ER~1\AppData\Local\Anwendungsdaten
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Vorlagen
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Startmenü
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Netzwerkumgebung
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Lokale Einstellungen
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Eigene Dateien
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Druckumgebung
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Documents\Eigene Musik
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Documents\Eigene Bilder
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\Win 8 Erazer\Anwendungsdaten
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 ___RD C:\Users\Win 8 Erazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-07-29 18:38 - 2013-07-29 18:38 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-07-29 18:38 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-07-29 18:36 - 2013-07-29 18:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-07-29 18:36 - 2013-07-29 18:36 - 00000000 ____D C:\Program Files\Realtek
2013-07-29 18:36 - 2013-07-29 18:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-29 18:35 - 2013-07-29 18:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-07-29 18:34 - 2013-07-29 18:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-29 09:43 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-07-29 09:17 - 2013-08-14 12:26 - 00432904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-07-29 09:17 - 2013-08-14 12:26 - 00258264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2013-07-29 06:43 - 2013-08-14 12:26 - 00338896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-07-29 06:43 - 2013-08-14 12:26 - 00206048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2013-07-29 06:42 - 2013-06-16 07:38 - 00702440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-07-29 06:42 - 2013-06-16 07:38 - 00108520 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-29 03:36 - 2013-08-14 12:26 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2013-07-29 03:22 - 2013-08-14 12:26 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2013-07-26 17:59 - 2012-11-05 19:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-26 17:59 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-07-25 15:51 - 2013-08-13 16:28 - 00000541 _____ C:\Users\Win 8 Erazer\Desktop\Beobachtung.lnk

Files to move or delete:
====================
C:\Users\Win 8 Erazer\SC_SCREENSAVER.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2013-06-16 00:48] - [2013-06-16 00:48] - 0558080 ____A (Microsoft Corporation) DEB887EA2EBEDF01644A200B4BDB181B

C:\Windows\System32\wininit.exe
[2013-06-16 00:52] - [2013-06-16 00:52] - 0145408 ____A (Microsoft Corporation) CACA6578AF9C48C29D7BF6AEFAF00599

C:\Windows\explorer.exe
[2013-06-16 00:01] - [2013-06-16 04:25] - 2254384 ____A (Microsoft Corporation) 2CF1204E913AEA5A492D89C153F3345E

C:\Windows\SysWOW64\explorer.exe
[2013-06-15 23:33] - [2013-06-16 03:33] - 2009104 ____A (Microsoft Corporation) 253252BBC9E61728986CB54261F8AECD

C:\Windows\System32\svchost.exe
[2013-06-16 00:48] - [2013-06-16 04:30] - 0037768 ____A (Microsoft Corporation) F7191317F1CD10F35DC74E24C1B71E06

C:\Windows\SysWOW64\svchost.exe
[2013-06-16 00:07] - [2013-06-16 03:38] - 0031552 ____A (Microsoft Corporation) D9F8FA4911FBF85919BA17FFE5B34430

C:\Windows\System32\services.exe
[2013-06-16 05:17] - [2013-06-16 05:17] - 0403408 ____A (Microsoft Corporation) 258527780FC8FFCF0A29F7455073C529

C:\Windows\System32\User32.dll
[2013-06-16 00:50] - [2013-06-16 04:25] - 1513264 ____A (Microsoft Corporation) 42F67E93E2C853A915E73F3A4645E3C9

C:\Windows\SysWOW64\User32.dll
[2013-06-16 00:10] - [2013-06-16 00:10] - 1359360 ____A (Microsoft Corporation) FCDCDEFD5A8BA26FDCD950607162339C

C:\Windows\System32\userinit.exe
[2013-06-16 00:56] - [2013-06-16 00:56] - 0025088 ____A (Microsoft Corporation) 166CB1E28BED6196B5030E91AD932998

C:\Windows\SysWOW64\userinit.exe
[2013-06-16 00:13] - [2013-06-16 00:13] - 0021504 ____A (Microsoft Corporation) 7AFC7764F71DBB1BC5A60EE67FE94C70

C:\Windows\System32\Drivers\volsnap.sys
[2013-06-16 02:36] - [2013-06-16 04:26] - 0312072 ___AC (Microsoft Corporation) 9365B092503F8B0B6C724D1A8E4433D4



LastRegBack: 2013-08-23 08:57

==================== End Of Log ============================

--- --- ---

ryder · 23.08.2013, 10:48

frst.txt fehlt

Zyriak · 23.08.2013, 12:16

Hoffe ist jetzt alles da was ihr braucht

Aleles da?

ryder · 23.08.2013, 13:14

Schauen wir mal weiter:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Zyriak · 23.08.2013, 15:03

Hallo das Programm startet bei mir nicht "ComboFix is not meant to run in "compatibility Mode" the programm shall now exit."

wollte es ganz normal starten ohne kompatibilitätsänderung

ryder · 23.08.2013, 15:20

Zitat:

Windows 8.1 Preview (X64)

Deswegen läuft es auch nicht. Du hast schon Windows 8.1

Ich weise dich nur vorsorglich darauf hin, dass wir eventuell dies alles abbrechen. Denn ein noch nicht erschienenes Betriebssystem supporten wir logischerweise auch nicht.

Dann weichen wir aus:

Scan mit MBAR
Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

schrauber · 24.08.2013, 20:13

Hi,

ich übernehme ab hier. Bitte mal ein Update der Probleme, die noch bestehen.

23.08.2013, 10:48	#5
ryder /// TB-Ausbilder	win 8 schwarzer hintergrund leistung versagt spiele mauszeiger unsichtbar frst.txt fehlt __________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM!

24.08.2013, 20:13	#10
schrauber /// the machine /// TB-Ausbilder	win 8 schwarzer hintergrund leistung versagt spiele mauszeiger unsichtbar Hi, ich übernehme ab hier. Bitte mal ein Update der Probleme, die noch bestehen. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

win 8 schwarzer hintergrund leistung versagt spiele mauszeiger unsichtbar

Plagegeister aller Art und deren Bekämpfung: win 8 schwarzer hintergrund leistung versagt spiele mauszeiger unsichtbar