Windows 7: Langsames Internet? Sehr geehrte Damen und Herren,
und zwar läuft mein Computer seit ein paar Tagen langsamer.
Hier die Log's: defogger_disable.log: Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:52 on 14/09/2013 (Leon)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=- Gmer.log Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-14 16:09:30
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_DT01ACA200 rev.MX4OABB0 1863,02GB
Running: ddsv6ujt.exe; Driver: C:\Users\Leon\AppData\Local\Temp\kxldapog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 544 fffff80003000000 16 bytes [48, 3B, E8, 0F, 82, 93, FE, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 562 fffff80003000012 36 bytes {MOV EAX, [RSP+0x80]; MOV DWORD [RAX], 0x1; JMP 0xfffffffffffffecf}
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[1936] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000073181a22 2 bytes [18, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1936] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000073181ad0 2 bytes [18, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1936] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000073181b08 2 bytes [18, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1936] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000073181bba 2 bytes [18, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1936] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000073181bda 2 bytes [18, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764e1465 2 bytes [4E, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764e14bb 2 bytes [4E, 76]
.text ... * 2
.text C:\Users\Leon\AppData\Local\Akamai\netsession_win.exe[2152] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764e1465 2 bytes [4E, 76]
.text C:\Users\Leon\AppData\Local\Akamai\netsession_win.exe[2152] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764e14bb 2 bytes [4E, 76]
.text ... * 2
.text C:\Users\Leon\AppData\Local\Akamai\netsession_win.exe[2284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000764e1465 2 bytes [4E, 76]
.text C:\Users\Leon\AppData\Local\Akamai\netsession_win.exe[2284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000764e14bb 2 bytes [4E, 76]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{CE16E9AD-984A-4E6A-8E17-F92BE3E5FE81}@LeaseObtainedTime 1379167208
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{CE16E9AD-984A-4E6A-8E17-F92BE3E5FE81}@T1 1379167335
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{CE16E9AD-984A-4E6A-8E17-F92BE3E5FE81}@T2 1379167431
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{CE16E9AD-984A-4E6A-8E17-F92BE3E5FE81}@LeaseTerminatesTime 1379167463
---- EOF - GMER 2.1 ---- Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013 04
Ran by Leon at 2013-09-14 15:51:16
Running from C:\Users\Leon\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Akamai NetSession Interface (HKCU)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.1124.2)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0328.2218.38225)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
AMD Steady Video Plug-In (Version: 2.06.0000)
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225)
Arma 2 (x32)
Arma 2: DayZ Mod (x32)
Arma 2: Operation Arrowhead (x32)
ASRock App Charger v1.0.5
ASRock eXtreme Tuner v0.1.121 (x32)
ASRock InstantBoot v1.29 (x32)
Auslogics Disk Defrag (x32 Version: 3.6)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
BattlEye for OA Uninstall (x32)
BattlEye Uninstall (x32)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.3)
Call of Duty: Black Ops II - Multiplayer (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.05)
Corsair Headset Software (x32 Version: 2.0.7)
Counter-Strike: Global Offensive (x32)
DayZ Commander (x32 Version: 0.92.79)
ESN Sonar (x32 Version: 0.70.4)
Etron USB3.0 Host Controller (x32 Version: 0.105)
Fraps (remove only) (x32)
Google Chrome (HKCU Version: 29.0.1547.66)
Google Update Helper (x32 Version: 1.3.23.0)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
MagicTunePremium (x32 Version: 4.0.14)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
NVIDIA PhysX (x32 Version: 9.12.1031)
Origin (x32 Version: 9.3.1.4482)
Paragon Alignment Tool for Toshiba Advanced Format Drives (x32 Version: 90.00.0003)
PAYDAY 2 (x32)
PlanetSide 2 (x32)
PunkBuster Services (x32 Version: 0.991)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6378)
Samsung_MonSetup (x32 Version: 1.00.0000)
Skype™ 6.3 (x32 Version: 6.3.107)
Speccy (Version: 1.21)
Steam (x32 Version: 1.0.0.0)
Team Fortress 2 (x32)
TeamSpeak 3 Client (x32 Version: 3.0.11.1)
TeamViewer 8 (x32 Version: 8.0.20202)
The War Z (x32)
Tomb Raider (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Uplay (x32 Version: 3.0)
VirtualCloneDrive (x32)
VLC media player 2.0.6 (x32 Version: 2.0.6)
WinRAR 5.00 (64-bit) (Version: 5.00.0)
XFast LAN v6.61 (Version: 6.61)
XFastUSB (x32 Version: 3.02.31)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {33AEE819-8968-4A16-8A66-7861B1D81544} - System32\Tasks\{AD247132-D919-46F3-9723-F369CCCFA5F4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {35D3AC02-9C68-4A76-AEF5-4C3A80B32FD1} - \DealPlyLiveUpdateTaskMachineUA No Task File
Task: {3EA7EC2D-34CA-48BE-9730-F8C5F9A4CA7E} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {428F88CC-9756-41A1-8A37-D53952450F9D} - System32\Tasks\FGRun => C:\Users\Leon\AppData\Roaming\pack.exe
Task: {4291B635-6FCE-4210-AC4B-042D7D4C98D0} - \DealPlyLiveUpdateTaskMachineCore No Task File
Task: {4FEB8B15-DB5A-4998-95CD-15812D616956} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)
Task: {8772E510-D6CD-49DF-9200-8CDF482100E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000Core => C:\Users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-14] (Google Inc.)
Task: {A5BC2D03-B5B1-4096-BC95-2156E4D29CB4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000UA => C:\Users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-14] (Google Inc.)
Task: {C5A1B915-D5B2-4AAC-B827-B7D5EDB9CFE2} - \DealPlyUpdate No Task File
Task: {DCC3AB1C-CF3A-41A0-9ECD-12E10B8FD65A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {F814F0B1-19A9-48CD-9FD4-B6D926FE4E35} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000Core.job => C:\Users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000UA.job => C:\Users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-03-13 23:30 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-03-19 14:27 - 2013-08-07 11:28 - 00114528 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.dll
2009-07-14 01:37 - 2009-07-14 03:39 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Dwm.exe
2013-03-13 23:41 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE
2013-03-19 14:19 - 2013-08-22 19:01 - 00214104 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll
2013-03-13 22:54 - 2011-05-18 12:21 - 11855976 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2013-04-19 15:19 - 2013-04-19 15:19 - 18678376 ____R (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
2013-06-05 01:01 - 2013-06-05 01:01 - 04489472 _____ (Akamai Technologies, Inc.) C:\Users\Leon\AppData\Local\Akamai\netsession_win.exe
2013-03-13 22:57 - 2013-03-13 22:57 - 05021448 _____ (FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
2013-03-28 22:14 - 2013-03-28 22:14 - 00217088 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2013-03-28 22:14 - 2013-03-28 22:14 - 00335872 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2013-03-28 22:30 - 2013-03-28 22:30 - 00037888 _____ (AMD) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.ImplementationNet4.dll
2013-03-28 22:30 - 2013-03-28 22:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-03-28 22:17 - 2013-03-28 22:17 - 00028672 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2013-09-14 15:36 - 2013-09-14 15:36 - 01037278 _____ () C:\Users\Leon\Downloads\3003-adwcleaner(1).exe
2013-03-19 14:27 - 2013-08-07 11:42 - 11737952 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
2013-09-14 03:34 - 2013-09-02 22:35 - 00829392 _____ (Google Inc.) C:\Users\Leon\AppData\Local\Google\Chrome\Application\chrome.exe
2013-03-13 23:38 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-09-14 15:50 - 2013-09-14 15:47 - 01950312 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2013-09-07 14:07 - 2013-09-07 14:07 - 00506944 _____ () C:\Users\Leon\AppData\Local\DProtect\eBP.dll
2013-09-07 14:07 - 2013-09-07 14:07 - 00062016 _____ () C:\Users\Leon\AppData\Local\DProtect\eBPSD.dll
2013-03-19 14:27 - 2013-08-07 11:28 - 00095584 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll
2013-03-12 18:10 - 2013-08-22 00:18 - 00687104 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-02-25 08:39 - 2013-09-06 22:55 - 01120680 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-02-19 12:48 - 2013-08-07 21:31 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-03-19 14:27 - 2013-08-07 11:42 - 00350560 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_de.dll
2013-03-19 14:27 - 2013-08-07 11:42 - 03011936 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll
2013-09-14 03:34 - 2013-09-02 22:34 - 47074256 _____ (Google Inc.) C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll
2013-09-14 03:34 - 2013-09-02 22:35 - 09962960 _____ (The ICU Project) C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll
2013-09-14 03:34 - 2013-09-02 20:46 - 03231688 _____ (Microsoft Corporation) C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll
2013-09-14 03:34 - 2013-09-02 22:35 - 00709584 _____ () C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-14 03:34 - 2013-09-02 22:35 - 00099792 _____ () C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-14 03:34 - 2013-09-02 22:35 - 04053456 _____ () C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-14 03:34 - 2013-09-02 22:35 - 00410576 _____ () C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-14 03:34 - 2013-09-02 22:35 - 02110928 _____ (Google Inc.) C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll
2013-09-14 03:34 - 2013-09-02 22:35 - 01604560 _____ () C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2013 02:09:09 PM) (Source: Application Hang) (User: )
Description: Programm TombRaider.exe, Version 1.1.748.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11d0
Startzeit: 01ceb14272c3b4b6
Endzeit: 180
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
Berichts-ID:
Error: (09/14/2013 00:44:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2013 03:54:52 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cleanmgr.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc995
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb164a
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0000000000053520
ID des fehlerhaften Prozesses: 0x8ac
Startzeit der fehlerhaften Anwendung: 0xcleanmgr.exe0
Pfad der fehlerhaften Anwendung: cleanmgr.exe1
Pfad des fehlerhaften Moduls: cleanmgr.exe2
Berichtskennung: cleanmgr.exe3
Error: (09/14/2013 03:47:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2013 02:18:00 AM) (Source: Desktop Window Manager) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x88980406) festgestellt.
Error: (09/14/2013 02:17:51 AM) (Source: Desktop Window Manager) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x88980406) festgestellt.
Error: (09/14/2013 02:07:29 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cleanmgr.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc995
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb164a
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x000000000005626a
ID des fehlerhaften Prozesses: 0xe4c
Startzeit der fehlerhaften Anwendung: 0xcleanmgr.exe0
Pfad der fehlerhaften Anwendung: cleanmgr.exe1
Pfad des fehlerhaften Moduls: cleanmgr.exe2
Berichtskennung: cleanmgr.exe3
Error: (09/14/2013 01:51:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2013 01:50:32 AM) (Source: ESENT) (User: )
Description: taskhost (2312) Versuch, Datei "C:\Users\Leon\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (09/14/2013 01:47:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/14/2013 03:25:56 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/14/2013 02:00:36 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (09/14/2013 02:00:36 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (09/14/2013 02:00:36 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (09/14/2013 01:56:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (09/14/2013 01:49:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet:
%%-2147467243
Error: (09/13/2013 11:03:21 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (09/13/2013 03:35:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (09/13/2013 03:35:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1352
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (09/13/2013 03:35:55 PM) (Source: DCOM) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
Microsoft Office Sessions:
=========================
Error: (09/14/2013 02:09:09 PM) (Source: Application Hang)(User: )
Description: TombRaider.exe1.1.748.011d001ceb14272c3b4b6180C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
Error: (09/14/2013 00:44:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2013 03:54:52 AM) (Source: Application Error)(User: )
Description: cleanmgr.exe6.1.7600.163854a5bc995ntdll.dll6.1.7601.1822951fb164ac00000fd00000000000535208ac01ceb0ed543b0f25C:\Windows\system32\cleanmgr.exeC:\Windows\SYSTEM32\ntdll.dlla4b3a503-1ce0-11e3-b8c8-bc5ff48b3c0d
Error: (09/14/2013 03:47:05 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2013 02:18:00 AM) (Source: Desktop Window Manager)(User: )
Description: 0x88980406
Error: (09/14/2013 02:17:51 AM) (Source: Desktop Window Manager)(User: )
Description: 0x88980406
Error: (09/14/2013 02:07:29 AM) (Source: Application Error)(User: )
Description: cleanmgr.exe6.1.7600.163854a5bc995ntdll.dll6.1.7601.1822951fb164ac00000fd000000000005626ae4c01ceb0ddad72a54dC:\Windows\system32\cleanmgr.exeC:\Windows\SYSTEM32\ntdll.dlla4c83686-1cd1-11e3-a201-bc5ff48b3c0d
Error: (09/14/2013 01:51:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/14/2013 01:50:32 AM) (Source: ESENT)(User: )
Description: taskhost2312C:\Users\Leon\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (09/14/2013 01:47:02 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 7141.63 MB
Available physical RAM: 5006.55 MB
Total Pagefile: 14281.45 MB
Available Pagefile: 11300.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:585.84 GB) (Free:289.55 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1277.08 GB) (Free:1275.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: CF9FBAE7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=586 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=-827773157376) - (Type=07 NTFS)
==================== End Of Log ============================ FRST.txt
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013 04
Ran by Leon (administrator) on LEON-PC on 14-09-2013 15:53:12
Running from C:\Users\Leon\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Leon\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Leon\AppData\Local\Akamai\netsession_win.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Corsair) C:\Program Files (x86)\Corsair\Corsair Headset Software\HeadsetControlPanel.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Users\Leon\Downloads\3003-adwcleaner(1).exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Google Inc.) C:\Users\Leon\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leon\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leon\AppData\Local\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKCU\...\Run: [zASRockInstantBoot] - [x]
HKCU\...\Run: [ASRockXTU] - [x]
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Leon\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-14] (Google Inc.)
MountPoints2: {01ab9291-8c58-11e2-8429-806e6f6e6963} - D:\autorun.exe
HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2013-03-13] (FNet Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Headset Software] - C:\Program Files (x86)\Corsair\Corsair Headset Software\HeadsetControlPanel.exe [3160064 2013-03-25] (Corsair)
AppInit_DLLs: [0 ] ()
AppInit_DLLs-x32: C:\Users\Leon\AppData\Local\DProtect\eBP.dll,C:\Users\Leon\AppData\Local\DProtect\eBPSD.dll [62016 2013-09-07] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE8E0BF7E2E20CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {1FECA3D4-178A-4BEB-9191-F5B1072BB8AE} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=39c40d06-d53d-41d6-b9b9-28140e38a5db&apn_sauid=AFF0ECB0-5E76-4036-AF91-074A91ECDAB8
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files (x86)\DealPly\DealPlyIE.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\l0lgwbmo.default
FF NewTab: hxxp://en.v9.com/?utm_source=b&utm_medium=eBP&utm_campaign=eBP&utm_content=hp&from=eBP&uid=TOSHIBAXDT01ACA200_Z2Q9JP1ASXXZ2Q9JP1ASX&ts=1379166171
FF DefaultSearchEngine: v9
FF SearchEngineOrder.1: v9
FF SelectedSearchEngine: v9
FF Homepage: hxxp://en.v9.com/?utm_source=b&utm_medium=eBP&utm_campaign=eBP&utm_content=hp&from=eBP&uid=TOSHIBAXDT01ACA200_Z2Q9JP1ASXXZ2Q9JP1ASX&ts=1379166171
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Leon\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Leon\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\v9.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LyricXeeker - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\l0lgwbmo.default\Extensions\128
FF Extension: elemhidehelper - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\l0lgwbmo.default\Extensions\elemhidehelper@adblockplus.org.xpi
FF Extension: No Name - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\l0lgwbmo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR HomePage: hxxp://en.v9.com/?utm_source=b&utm_medium=eBP&utm_campaign=eBP&utm_content=hp&from=eBP&uid=TOSHIBAXDT01ACA200_Z2Q9JP1ASXXZ2Q9JP1ASX&ts=1379166265
CHR RestoreOnStartup: "hxxp://en.v9.com/?utm_source=b&utm_medium=eBP&utm_campaign=eBP&utm_content=hp&from=eBP&uid=TOSHIBAXDT01ACA200_Z2Q9JP1ASXXZ2Q9JP1ASX&ts=1379166265"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Leon\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
CHR Plugin: (Google Update) - C:\Users\Leon\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-03] (Avira Operations GmbH & Co. KG)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-28] ()
S4 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-15] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [291128 2013-09-14] ()
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-05-29] (Avira Operations GmbH & Co. KG)
R3 CorsairAudioFilter; C:\Windows\System32\DRIVERS\corsveng2kamd64.sys [103296 2013-03-15] (Corsair)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2013-03-13] (FNet Co., Ltd.)
R1 MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [23096 2008-11-04] (Samsung Electronics, Inc. )
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-14 15:52 - 2013-09-14 15:52 - 00000470 _____ C:\Users\Leon\Desktop\defogger_disable.log
2013-09-14 15:52 - 2013-09-14 15:52 - 00000000 _____ C:\Users\Leon\defogger_reenable
2013-09-14 15:50 - 2013-09-14 15:50 - 00000000 ____D C:\FRST
2013-09-14 15:50 - 2013-09-14 15:47 - 01950312 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2013-09-14 15:50 - 2013-09-14 15:47 - 00377856 _____ C:\Users\Leon\Desktop\ddsv6ujt.exe
2013-09-14 15:50 - 2013-09-14 15:47 - 00050477 _____ C:\Users\Leon\Desktop\Defogger.exe
2013-09-14 15:36 - 2013-09-14 15:37 - 00000000 ____D C:\AdwCleaner
2013-09-14 15:36 - 2013-09-14 15:36 - 01037278 _____ C:\Users\Leon\Downloads\3003-adwcleaner(1).exe
2013-09-14 12:44 - 2013-09-14 12:44 - 97519942 _____ C:\Windows\SysWOW64\꾬㷡轜š
2013-09-14 03:42 - 2013-09-14 03:42 - 01037278 _____ C:\Users\Leon\Downloads\3003-adwcleaner.exe
2013-09-14 03:34 - 2013-09-14 03:34 - 00002321 _____ C:\Users\Leon\Desktop\Google Chrome.lnk
2013-09-14 03:34 - 2013-09-14 03:34 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-14 03:33 - 2013-09-14 15:43 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000UA.job
2013-09-14 03:33 - 2013-09-14 03:43 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000Core.job
2013-09-14 03:33 - 2013-09-14 03:38 - 00004088 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000UA
2013-09-14 03:33 - 2013-09-14 03:38 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000Core
2013-09-14 03:33 - 2013-09-14 03:33 - 00739856 _____ (Google Inc.) C:\Users\Leon\Downloads\chrome_installer_29.0.1547.66.exe
2013-09-14 03:24 - 2013-09-14 14:11 - 00000000 ____D C:\Fraps
2013-09-14 03:24 - 2013-09-14 03:24 - 00000562 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-09-13 15:12 - 2013-09-13 15:12 - 00275552 _____ C:\Windows\Minidump\091313-19874-01.dmp
2013-09-13 15:02 - 2013-09-13 15:02 - 97463612 _____ C:\Windows\SysWOW64\礎嵬轜°
2013-09-12 19:09 - 2013-09-12 19:11 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-09-12 19:01 - 2013-09-12 19:01 - 00003282 _____ C:\Windows\System32\Tasks\{4682FC18-7FDD-4458-839B-869745C7617A}
2013-09-11 17:24 - 2013-09-11 17:24 - 00139264 _____ C:\Users\Leon\Downloads\BEServer.dll
2013-09-11 17:12 - 2013-09-11 17:56 - 00000000 ____D C:\Users\Leon\AppData\Local\ArmA 2
2013-09-11 16:14 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 16:14 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 16:14 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 16:14 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 16:14 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 16:14 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 16:14 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 16:14 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 16:14 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 16:14 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 16:14 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 16:14 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 16:14 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 16:14 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 16:14 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 16:14 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 16:14 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 16:14 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 16:14 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 16:14 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 16:14 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 14:12 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 14:12 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 14:12 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 14:12 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 14:12 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 14:12 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 14:12 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 14:12 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 14:12 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 14:12 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 14:12 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 14:12 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 14:12 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 14:12 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 14:12 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 14:12 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 14:12 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 14:12 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 14:12 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 14:12 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 14:12 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 14:12 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 14:12 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 14:12 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 14:12 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 14:12 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 14:12 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-08 15:41 - 2013-09-08 15:41 - 00000000 ____D C:\Users\Leon\Documents\WarZED Remake Entertainment
2013-09-08 15:18 - 2013-09-14 01:53 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-09-08 12:56 - 2013-09-08 12:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-09-08 02:29 - 2013-09-08 13:41 - 97713012 _____ C:\Users\Leon\Downloads\WarZlauncher.exe_1.1.4.rar
2013-09-07 18:49 - 2013-09-14 01:50 - 00000000 ____D C:\Users\Leon\AppData\Local\LogMeIn Hamachi
2013-09-07 18:47 - 2013-09-07 18:47 - 04292608 _____ C:\Users\Leon\Downloads\hamachi_2.1.0.362.msi
2013-09-07 18:35 - 2013-09-07 18:35 - 00001024 _____ C:\.rnd
2013-09-07 18:35 - 2013-09-07 18:35 - 00000000 ____D C:\Users\Leon\AppData\Local\LogMeIn
2013-09-07 18:24 - 2013-09-07 18:24 - 00000000 ___HD C:\Windows\PIF
2013-09-07 18:23 - 2013-09-09 19:12 - 00000000 ____D C:\Program Files (x86)\7DaysToDie-Alpha
2013-09-07 18:04 - 2013-09-07 18:15 - 314625943 _____ C:\Users\Leon\Downloads\7DTD_Alpha1_win64.zip
2013-09-07 16:04 - 2013-09-07 16:04 - 00000000 ____D C:\Users\Leon\AppData\Local\WarZED Remake Entertainment
2013-09-07 14:07 - 2013-09-14 03:33 - 00000000 ____D C:\Users\Leon\AppData\Local\Google
2013-09-07 14:07 - 2013-09-14 01:49 - 00000000 ____D C:\Users\Leon\AppData\Local\DProtect
2013-09-07 14:07 - 2013-09-07 14:07 - 00000000 ____D C:\User Data
2013-09-07 14:06 - 2013-09-07 14:06 - 01970848 _____ C:\Users\Leon\Downloads\winrar-x64-500.exe
2013-09-01 13:28 - 2013-09-01 13:28 - 00275552 _____ C:\Windows\Minidump\090113-17550-01.dmp
2013-08-30 22:13 - 2013-09-10 15:08 - 00000000 ____D C:\Users\Leon\AppData\Local\PAYDAY 2
2013-08-30 22:13 - 2013-08-30 22:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-30 22:13 - 2013-08-30 22:13 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-30 01:57 - 2013-08-30 18:36 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Natural Selection 2
2013-08-30 00:43 - 2013-08-30 00:43 - 00000000 ____D C:\Program Files (x86)\Corsair
2013-08-29 18:17 - 2013-03-26 05:10 - 07983104 _____ C:\Users\Leon\Desktop\CorsairHeadsetSetup_2.0.7.msi
2013-08-29 18:15 - 2013-08-29 18:15 - 04454952 _____ (Piriform Ltd) C:\Users\Leon\Downloads\ccsetup405.exe
2013-08-29 18:13 - 2013-08-29 18:13 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-29 18:13 - 2013-08-29 18:13 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-29 18:13 - 2013-08-29 18:13 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-29 18:13 - 2013-08-29 18:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-29 18:13 - 2013-08-29 18:13 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-29 18:11 - 2013-08-29 18:11 - 07107748 _____ C:\Users\Leon\Downloads\Corsair-Vengeance-Headset-Dolby-Driver-2_0_7.zip
2013-08-29 18:11 - 2013-08-29 18:11 - 00000000 ____D C:\Users\Leon\Downloads\Corsair-Vengeance-Headset-Dolby-Driver-2_0_7
2013-08-28 15:56 - 2013-08-28 15:56 - 00000000 ____D C:\ProgramData\Nexon
2013-08-28 15:49 - 2013-09-14 02:12 - 00000000 ____D C:\Nexon
2013-08-28 15:49 - 2013-08-28 15:57 - 00000000 ____D C:\ProgramData\NexonEU
2013-08-28 15:42 - 2013-08-28 15:48 - 1791726869 _____ (Nexon) C:\Users\Leon\Documents\Combatarms_eu.exe
2013-08-28 15:42 - 2013-08-28 15:44 - 00000000 ____D C:\Users\Leon\AppData\Local\Akamai
2013-08-28 15:42 - 2013-08-28 15:42 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\Leon\Downloads\NexonEU_Installer.exe
2013-08-27 02:44 - 2013-08-27 02:44 - 00000000 ____D C:\Users\Leon\Documents\EA Games
2013-08-27 02:44 - 2013-08-27 02:44 - 00000000 ____D C:\Users\Leon\AppData\Local\EA Games
2013-08-27 01:49 - 2013-08-27 01:49 - 01239552 _____ () C:\Users\Leon\Downloads\Assembly-CSharp.dll
2013-08-27 01:40 - 2013-08-27 01:40 - 00000000 ____D C:\Users\Leon\Downloads\BitTorrent-Linkin-Park-Free
2013-08-27 01:39 - 2013-08-27 12:45 - 00000000 ____D C:\Users\Leon\AppData\Roaming\uTorrent
2013-08-27 01:39 - 2013-08-27 01:39 - 01040720 _____ (BitTorrent Inc.) C:\Users\Leon\Downloads\uTorrent331_30017.exe
2013-08-20 21:23 - 2013-08-20 21:26 - 00000000 ____D C:\ProgramData\WarThunder
2013-08-20 21:23 - 2013-08-20 21:23 - 00000000 ____D C:\Users\Leon\AppData\Local\WarThunder
2013-08-19 02:15 - 2013-08-19 02:15 - 00000000 ____D C:\Users\Leon\AppData\Roaming\.mono
2013-08-19 02:14 - 2013-08-19 02:14 - 00000000 ____D C:\Users\Leon\AppData\Local\UWebKit
2013-08-19 02:01 - 2013-09-14 03:47 - 00000000 ____D C:\Users\Leon\AppData\Roaming\TeamViewer
2013-08-19 01:04 - 2013-08-19 01:04 - 00275552 _____ C:\Windows\Minidump\081913-19734-01.dmp
2013-08-18 00:56 - 2013-08-18 00:56 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-08-15 16:16 - 2013-08-15 16:16 - 00000000 ____D C:\Users\Leon\Documents\Battlefield 3
2013-08-15 16:15 - 2013-08-15 16:15 - 03820480 _____ C:\Users\Leon\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-08-15 16:15 - 2013-08-15 16:15 - 00000000 ____D C:\Users\Leon\AppData\Local\ESN
2013-08-15 16:15 - 2013-08-15 16:15 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-08-15 15:51 - 2013-08-15 15:51 - 00000000 ____D C:\ProgramData\EA Core
2013-08-15 13:47 - 2013-09-14 02:04 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-08-15 13:42 - 2013-08-15 15:51 - 00000000 ____D C:\Users\Leon\AppData\Local\Origin
2013-08-15 13:42 - 2013-08-15 13:58 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Origin
2013-08-15 13:40 - 2013-09-14 01:50 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-15 13:40 - 2013-08-27 02:44 - 00000000 ____D C:\ProgramData\Origin
2013-08-15 13:40 - 2013-08-15 15:52 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-15 13:40 - 2013-08-15 13:40 - 16949128 _____ (Electronic Arts, Inc.) C:\Users\Leon\Downloads\OriginThinSetup.exe
2013-08-15 13:40 - 2013-08-15 13:40 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
==================== One Month Modified Files and Folders =======
2013-09-14 15:52 - 2013-09-14 15:52 - 00000470 _____ C:\Users\Leon\Desktop\defogger_disable.log
2013-09-14 15:52 - 2013-09-14 15:52 - 00000000 _____ C:\Users\Leon\defogger_reenable
2013-09-14 15:52 - 2013-03-13 22:49 - 00000000 ____D C:\Users\Leon
2013-09-14 15:50 - 2013-09-14 15:50 - 00000000 ____D C:\FRST
2013-09-14 15:50 - 2013-04-19 13:42 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Skype
2013-09-14 15:49 - 2013-04-14 13:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-14 15:47 - 2013-09-14 15:50 - 01950312 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2013-09-14 15:47 - 2013-09-14 15:50 - 00377856 _____ C:\Users\Leon\Desktop\ddsv6ujt.exe
2013-09-14 15:47 - 2013-09-14 15:50 - 00050477 _____ C:\Users\Leon\Desktop\Defogger.exe
2013-09-14 15:43 - 2013-09-14 03:33 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000UA.job
2013-09-14 15:37 - 2013-09-14 15:36 - 00000000 ____D C:\AdwCleaner
2013-09-14 15:36 - 2013-09-14 15:36 - 01037278 _____ C:\Users\Leon\Downloads\3003-adwcleaner(1).exe
2013-09-14 15:30 - 2013-06-22 14:50 - 00000000 ____D C:\Users\Leon\AppData\Roaming\.minecraft
2013-09-14 14:59 - 2013-03-14 12:59 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-14 14:27 - 2013-06-26 19:05 - 00011188 _____ C:\Users\Leon\Documents\TombRaider.log
2013-09-14 14:11 - 2013-09-14 03:24 - 00000000 ____D C:\Fraps
2013-09-14 13:58 - 2013-03-17 16:48 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-09-14 13:58 - 2013-03-17 16:10 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-14 12:50 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-14 12:50 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-14 12:46 - 2013-03-14 05:40 - 01228008 _____ C:\Windows\WindowsUpdate.log
2013-09-14 12:44 - 2013-09-14 12:44 - 97519942 _____ C:\Windows\SysWOW64\꾬㷡轜š
2013-09-14 12:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-14 12:43 - 2009-07-14 06:51 - 00058099 _____ C:\Windows\setupact.log
2013-09-14 03:47 - 2013-08-19 02:01 - 00000000 ____D C:\Users\Leon\AppData\Roaming\TeamViewer
2013-09-14 03:45 - 2010-11-21 05:47 - 00057692 _____ C:\Windows\PFRO.log
2013-09-14 03:43 - 2013-09-14 03:33 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000Core.job
2013-09-14 03:43 - 2013-03-13 23:26 - 00001049 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-14 03:43 - 2013-03-13 22:50 - 00000993 _____ C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-14 03:42 - 2013-09-14 03:42 - 01037278 _____ C:\Users\Leon\Downloads\3003-adwcleaner.exe
2013-09-14 03:38 - 2013-09-14 03:33 - 00004088 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000UA
2013-09-14 03:38 - 2013-09-14 03:33 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-162235013-2929316596-2072748549-1000Core
2013-09-14 03:34 - 2013-09-14 03:34 - 00002321 _____ C:\Users\Leon\Desktop\Google Chrome.lnk
2013-09-14 03:34 - 2013-09-14 03:34 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-14 03:33 - 2013-09-14 03:33 - 00739856 _____ (Google Inc.) C:\Users\Leon\Downloads\chrome_installer_29.0.1547.66.exe
2013-09-14 03:33 - 2013-09-07 14:07 - 00000000 ____D C:\Users\Leon\AppData\Local\Google
2013-09-14 03:24 - 2013-09-14 03:24 - 00000562 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-09-14 02:16 - 2013-03-14 13:04 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-14 02:12 - 2013-08-28 15:49 - 00000000 ____D C:\Nexon
2013-09-14 02:06 - 2013-06-09 13:22 - 00000000 ____D C:\Program Files\CCleaner
2013-09-14 02:04 - 2013-08-15 13:47 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-09-14 02:00 - 2013-05-07 17:34 - 00000000 ____D C:\Windows\pss
2013-09-14 01:53 - 2013-09-08 15:18 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-09-14 01:50 - 2013-09-07 18:49 - 00000000 ____D C:\Users\Leon\AppData\Local\LogMeIn Hamachi
2013-09-14 01:50 - 2013-08-15 13:40 - 00000000 ____D C:\Program Files (x86)\Origin
2013-09-14 01:49 - 2013-09-07 14:07 - 00000000 ____D C:\Users\Leon\AppData\Local\DProtect
2013-09-13 20:56 - 2013-06-09 13:22 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-13 20:56 - 2013-03-22 16:28 - 00001740 _____ C:\Users\Public\Desktop\MagicTunePremium.lnk
2013-09-13 20:56 - 2013-03-13 23:36 - 00000840 _____ C:\Users\Public\Desktop\Speccy.lnk
2013-09-13 19:41 - 2013-03-17 16:41 - 00000000 ____D C:\Users\Leon\AppData\Roaming\TS3Client
2013-09-13 15:12 - 2013-09-13 15:12 - 00275552 _____ C:\Windows\Minidump\091313-19874-01.dmp
2013-09-13 15:12 - 2013-05-21 00:34 - 556540234 _____ C:\Windows\MEMORY.DMP
2013-09-13 15:12 - 2013-05-21 00:34 - 00000000 ____D C:\Windows\Minidump
2013-09-13 15:02 - 2013-09-13 15:02 - 97463612 _____ C:\Windows\SysWOW64\礎嵬轜°
2013-09-12 19:16 - 2013-05-26 14:09 - 00000000 ____D C:\Users\Leon\AppData\Local\ArmA 2 OA
2013-09-12 19:11 - 2013-09-12 19:09 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2013-09-12 19:01 - 2013-09-12 19:01 - 00003282 _____ C:\Windows\System32\Tasks\{4682FC18-7FDD-4458-839B-869745C7617A}
2013-09-12 15:24 - 2013-03-17 16:10 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-11 17:56 - 2013-09-11 17:12 - 00000000 ____D C:\Users\Leon\AppData\Local\ArmA 2
2013-09-11 17:24 - 2013-09-11 17:24 - 00139264 _____ C:\Users\Leon\Downloads\BEServer.dll
2013-09-11 17:12 - 2013-05-26 14:09 - 00000000 ____D C:\Users\Leon\Documents\ArmA 2
2013-09-11 16:58 - 2013-03-13 22:50 - 00000000 ___RD C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-11 16:58 - 2013-03-13 22:50 - 00000000 ___RD C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 16:28 - 2009-07-14 06:45 - 00277648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 16:14 - 2013-08-09 23:24 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 16:12 - 2013-03-14 01:24 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 14:49 - 2013-04-14 13:02 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-11 14:49 - 2013-03-13 23:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-11 14:49 - 2013-03-13 23:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-10 15:08 - 2013-08-30 22:13 - 00000000 ____D C:\Users\Leon\AppData\Local\PAYDAY 2
2013-09-10 14:20 - 2013-03-17 16:41 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-09 19:12 - 2013-09-07 18:23 - 00000000 ____D C:\Program Files (x86)\7DaysToDie-Alpha
2013-09-08 15:41 - 2013-09-08 15:41 - 00000000 ____D C:\Users\Leon\Documents\WarZED Remake Entertainment
2013-09-08 13:41 - 2013-09-08 02:29 - 97713012 _____ C:\Users\Leon\Downloads\WarZlauncher.exe_1.1.4.rar
2013-09-08 12:56 - 2013-09-08 12:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-09-08 02:13 - 2013-03-19 14:19 - 00000000 ____D C:\Program Files\WinRAR
2013-09-07 18:47 - 2013-09-07 18:47 - 04292608 _____ C:\Users\Leon\Downloads\hamachi_2.1.0.362.msi
2013-09-07 18:35 - 2013-09-07 18:35 - 00001024 _____ C:\.rnd
2013-09-07 18:35 - 2013-09-07 18:35 - 00000000 ____D C:\Users\Leon\AppData\Local\LogMeIn
2013-09-07 18:24 - 2013-09-07 18:24 - 00000000 ___HD C:\Windows\PIF
2013-09-07 18:15 - 2013-09-07 18:04 - 314625943 _____ C:\Users\Leon\Downloads\7DTD_Alpha1_win64.zip
2013-09-07 16:04 - 2013-09-07 16:04 - 00000000 ____D C:\Users\Leon\AppData\Local\WarZED Remake Entertainment
2013-09-07 14:07 - 2013-09-07 14:07 - 00000000 ____D C:\User Data
2013-09-07 14:06 - 2013-09-07 14:06 - 01970848 _____ C:\Users\Leon\Downloads\winrar-x64-500.exe
2013-09-07 14:06 - 2013-03-19 14:20 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-05 15:38 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-03 18:27 - 2013-03-14 13:30 - 00211779 _____ C:\Windows\DirectX.log
2013-09-03 12:06 - 2013-05-29 21:12 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-03 12:06 - 2013-05-29 15:06 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-03 12:06 - 2013-05-29 15:06 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-01 13:28 - 2013-09-01 13:28 - 00275552 _____ C:\Windows\Minidump\090113-17550-01.dmp
2013-08-30 22:13 - 2013-08-30 22:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-30 22:13 - 2013-08-30 22:13 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-30 18:36 - 2013-08-30 01:57 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Natural Selection 2
2013-08-30 00:43 - 2013-08-30 00:43 - 00000000 ____D C:\Program Files (x86)\Corsair
2013-08-29 18:15 - 2013-08-29 18:15 - 04454952 _____ (Piriform Ltd) C:\Users\Leon\Downloads\ccsetup405.exe
2013-08-29 18:13 - 2013-08-29 18:13 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-29 18:13 - 2013-08-29 18:13 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-29 18:13 - 2013-08-29 18:13 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-29 18:13 - 2013-08-29 18:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-29 18:13 - 2013-08-29 18:13 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-29 18:13 - 2013-03-13 23:48 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-29 18:13 - 2013-03-13 23:48 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-29 18:11 - 2013-08-29 18:11 - 07107748 _____ C:\Users\Leon\Downloads\Corsair-Vengeance-Headset-Dolby-Driver-2_0_7.zip
2013-08-29 18:11 - 2013-08-29 18:11 - 00000000 ____D C:\Users\Leon\Downloads\Corsair-Vengeance-Headset-Dolby-Driver-2_0_7
2013-08-28 15:57 - 2013-08-28 15:49 - 00000000 ____D C:\ProgramData\NexonEU
2013-08-28 15:56 - 2013-08-28 15:56 - 00000000 ____D C:\ProgramData\Nexon
2013-08-28 15:48 - 2013-08-28 15:42 - 1791726869 _____ (Nexon) C:\Users\Leon\Documents\Combatarms_eu.exe
2013-08-28 15:44 - 2013-08-28 15:42 - 00000000 ____D C:\Users\Leon\AppData\Local\Akamai
2013-08-28 15:42 - 2013-08-28 15:42 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\Leon\Downloads\NexonEU_Installer.exe
2013-08-27 12:45 - 2013-08-27 01:39 - 00000000 ____D C:\Users\Leon\AppData\Roaming\uTorrent
2013-08-27 02:44 - 2013-08-27 02:44 - 00000000 ____D C:\Users\Leon\Documents\EA Games
2013-08-27 02:44 - 2013-08-27 02:44 - 00000000 ____D C:\Users\Leon\AppData\Local\EA Games
2013-08-27 02:44 - 2013-08-15 13:40 - 00000000 ____D C:\ProgramData\Origin
2013-08-27 01:49 - 2013-08-27 01:49 - 01239552 _____ () C:\Users\Leon\Downloads\Assembly-CSharp.dll
2013-08-27 01:40 - 2013-08-27 01:40 - 00000000 ____D C:\Users\Leon\Downloads\BitTorrent-Linkin-Park-Free
2013-08-27 01:39 - 2013-08-27 01:39 - 01040720 _____ (BitTorrent Inc.) C:\Users\Leon\Downloads\uTorrent331_30017.exe
2013-08-20 21:26 - 2013-08-20 21:23 - 00000000 ____D C:\ProgramData\WarThunder
2013-08-20 21:23 - 2013-08-20 21:23 - 00000000 ____D C:\Users\Leon\AppData\Local\WarThunder
2013-08-20 21:23 - 2013-03-24 15:33 - 00000000 ____D C:\Users\Leon\Documents\My Games
2013-08-20 17:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-20 17:38 - 2013-03-19 14:27 - 00001090 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-08-20 01:41 - 2013-05-12 16:11 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Awesomium
2013-08-19 02:15 - 2013-08-19 02:15 - 00000000 ____D C:\Users\Leon\AppData\Roaming\.mono
2013-08-19 02:14 - 2013-08-19 02:14 - 00000000 ____D C:\Users\Leon\AppData\Local\UWebKit
2013-08-19 01:04 - 2013-08-19 01:04 - 00275552 _____ C:\Windows\Minidump\081913-19734-01.dmp
2013-08-19 00:49 - 2013-03-13 23:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 12:57 - 2013-08-09 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 00:56 - 2013-08-18 00:56 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-08-17 20:24 - 2013-08-12 19:48 - 00000000 ____D C:\Users\Leon\Desktop\FTB
2013-08-15 16:32 - 2013-03-17 16:10 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-15 16:16 - 2013-08-15 16:16 - 00000000 ____D C:\Users\Leon\Documents\Battlefield 3
2013-08-15 16:16 - 2013-03-17 16:48 - 00000000 ____D C:\Users\Leon\AppData\Local\PunkBuster
2013-08-15 16:15 - 2013-08-15 16:15 - 03820480 _____ C:\Users\Leon\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-08-15 16:15 - 2013-08-15 16:15 - 00000000 ____D C:\Users\Leon\AppData\Local\ESN
2013-08-15 16:15 - 2013-08-15 16:15 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-08-15 15:52 - 2013-08-15 13:40 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-15 15:51 - 2013-08-15 15:51 - 00000000 ____D C:\ProgramData\EA Core
2013-08-15 15:51 - 2013-08-15 13:42 - 00000000 ____D C:\Users\Leon\AppData\Local\Origin
2013-08-15 13:58 - 2013-08-15 13:42 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Origin
2013-08-15 13:40 - 2013-08-15 13:40 - 16949128 _____ (Electronic Arts, Inc.) C:\Users\Leon\Downloads\OriginThinSetup.exe
2013-08-15 13:40 - 2013-08-15 13:40 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
Some content of TEMP:
====================
C:\Users\Leon\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 13:47
==================== End Of Log ============================ --- --- ---
--- --- ---
Mit freundlichen Grüßen
Dzana |