Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%

Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%


Log-Analyse und Auswertung: Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 18.11.2013, 11:55   #1
Kittira
 
Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1% - Ausrufezeichen

Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%


Hallo!
Ich habe seit heute dauerhauft eine CPU Auslastung von 25%. Was für meinen PC absolut nicht normal ist.
Hoffe ihr könnt mir da helfen

HIer die Log File von Defogger ->

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:42 on 18/11/2013 (Kitty)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2013 02
Ran by Kitty (administrator) on KITTY-PC on 18-11-2013 11:43:36
Running from C:\Users\Kitty\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
() C:\PROGRAM FILES (X86)\RAINLENDAR2\RAINLENDAR2.EXE
(Spotify Ltd) C:\Users\Kitty\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\PROGRAM FILES (X86)\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.BIN
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Advanced Micro Devices Inc.) C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
(Oracle Corporation) C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
(ATI Technologies Inc.) C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-01-14] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKCU\...\Run: [Rainlendar2] - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2587136 2012-12-29] ()
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Kitty\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-25] (Spotify Ltd)
MountPoints2: {22014100-68cd-11e2-82f2-5404a638321a} - G:\Set-up.exe
MountPoints2: {31748957-3d47-11e3-ac90-5404a638321a} - D:\MI.exe
MountPoints2: {e3620929-6741-11e2-b449-806e6f6e6963} - F:\Setup.exe
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe [483328 2008-04-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\Kittira\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\Kittira\...\Run: [Rainlendar2] - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2587136 2012-12-29] ()
HKU\Kittira\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKU\Kittira\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3561816 2013-10-16] (Electronic Arts)
HKU\Kittira\...\Run: [updateMgr] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\Kittira\...\Run: [PlayNC Launcher] - [x]
HKU\Kittira\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-03] ()
HKU\Kittira\...\Run: [Spotify Web Helper] - C:\Users\Kitty\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-25] (Spotify Ltd)
HKU\Kittira\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKU\Kittira\...\Run: [Akamai NetSession Interface] - C:\Users\Kitty\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
Startup: C:\Users\Kittira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6DB3528AB3FBCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 176.9.129.100 L2authd.lineage2.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default
FF user.js: detected! => C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @4game.com/plugin - C:\Program Files (x86)\4game\npplugin4game.dll (Innova Co S.a r.l.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Kitty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: adblockpopups - C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: Adblock Plus - C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR HomePage: hxxp://www.direngrey.co.jp/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (4game) - C:\Program Files (x86)\4game\npplugin4game.dll (Innova Co S.a r.l.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (ArcPlugin) - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll No File
CHR Plugin: (Unity Player) - C:\Users\Kitty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
CHR Extension: (YouTube) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Cork Board) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\omedpokkgakfifajbapagggilbcenaga\1.0_0
CHR Extension: (Gmail) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

S2 4game-service; C:\Program Files (x86)\4game\4game-service.exe [1133056 2013-05-23] (Innova Co S.a r.l.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-13] (Adobe Systems)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-01-14] (Crawler.com)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-27] (DT Soft Ltd)
R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [129792 2013-02-22] (Gemalto)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R2 SecDrv; C:\Windows\SysWow64\drivers\SECDRV.SYS [163644 2013-08-17] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-01-29] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-18 11:43 - 2013-11-18 11:44 - 00015532 _____ C:\Users\Kitty\Downloads\FRST.txt
2013-11-18 11:43 - 2013-11-18 11:43 - 00000000 ____D C:\FRST
2013-11-18 11:41 - 2013-11-18 11:42 - 00000472 _____ C:\Users\Kitty\Downloads\defogger_disable.log
2013-11-18 11:41 - 2013-11-18 11:41 - 00000168 _____ C:\Users\Kitty\defogger_reenable
2013-11-18 11:36 - 2013-11-18 11:36 - 01958026 _____ (Farbar) C:\Users\Kitty\Downloads\FRST64.exe
2013-11-18 11:35 - 2013-11-18 11:35 - 00050477 _____ C:\Users\Kitty\Downloads\Defogger.exe
2013-11-17 19:20 - 2013-11-17 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 17:03 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 17:03 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 17:03 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 17:03 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 17:03 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 17:03 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 17:03 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 17:03 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 17:03 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 17:03 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 17:03 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 17:03 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 13:05 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 13:05 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 13:04 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 13:04 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 13:04 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 13:04 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 13:04 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 13:04 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 13:04 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 13:04 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 13:04 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 13:04 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 13:04 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 13:04 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 13:04 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 13:04 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 13:04 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 13:04 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 13:04 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 13:04 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 13:04 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 13:04 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 13:04 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 13:04 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-11 20:59 - 2013-11-11 20:59 - 00009216 ___SH C:\Users\Public\Downloads\Thumbs.db
2013-11-09 12:47 - 2013-11-09 12:47 - 00000000 ____D C:\Users\Kittira\AppData\Local\My Games
2013-11-08 23:09 - 2013-11-08 23:09 - 00000222 _____ C:\Users\Kittira\Desktop\State of Decay.url
2013-11-06 01:22 - 2013-11-18 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-11-06 00:44 - 2013-11-06 01:19 - 00000000 ____D C:\Program Files\Recuva
2013-11-06 00:44 - 2013-11-06 00:44 - 03843072 _____ (Piriform Ltd) C:\Users\Kitty\Downloads\rcsetup148.exe
2013-11-06 00:44 - 2013-11-06 00:44 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-11-06 00:41 - 2013-11-06 00:42 - 00000000 ____D C:\Users\Kitty\Downloads\testdisk-6.14
2013-11-06 00:41 - 2013-11-06 00:41 - 03736125 _____ C:\Users\Kitty\Downloads\testdisk-6.14.win.zip
2013-11-03 19:23 - 2013-11-06 12:46 - 00000000 ____D C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP
2013-11-03 19:23 - 2013-11-06 12:45 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2013-11-03 15:34 - 2013-11-03 15:34 - 00000221 _____ C:\Users\Kittira\Desktop\Overlord II.url
2013-11-03 11:55 - 2013-11-03 14:24 - 00000000 ____D C:\Users\Kittira\Documents\Overlord
2013-11-02 21:12 - 2013-11-02 21:12 - 00000221 _____ C:\Users\Kittira\Desktop\Overlord.url
2013-11-02 17:37 - 2013-11-02 17:37 - 00000220 _____ C:\Users\Kittira\Desktop\Sid Meier's Pirates!.url
2013-11-01 15:20 - 2013-11-01 15:20 - 00000221 _____ C:\Users\Kittira\Desktop\Aliens Colonial Marines.url
2013-11-01 15:19 - 2013-11-01 15:19 - 00000927 _____ C:\Users\Kittira\Desktop\Steam.lnk
2013-10-31 00:33 - 2013-10-31 00:33 - 03411417 _____ C:\Users\Kitty\Desktop\TWDS4 Key Art.jpeg
2013-10-29 23:00 - 2013-11-05 13:01 - 00000000 ____D C:\Users\Kitty\Desktop\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage-TIw
2013-10-29 17:27 - 2013-10-29 17:27 - 00000000 ____D C:\Users\Kittira\Documents\telltale games
2013-10-29 17:26 - 2013-11-16 15:20 - 00000000 ____D C:\Users\Kittira\AppData\Local\PMB Files
2013-10-29 17:26 - 2013-11-16 14:58 - 00000000 ____D C:\Users\Kittira\AppData\Roaming\Skype
2013-10-29 17:26 - 2013-11-16 14:50 - 00000000 ____D C:\Users\Kittira\.rainlendar2
2013-10-28 20:59 - 2013-10-28 20:59 - 00000000 ____D C:\Users\Kitty\AppData\Local\My Games
2013-10-25 10:09 - 2013-10-25 10:09 - 00000000 ____D C:\Users\Kitty\AppData\Local\ArcSoft
2013-10-25 10:05 - 2013-10-28 12:24 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\ArcSoft
2013-10-25 10:05 - 2013-10-28 12:24 - 00000000 ____D C:\ProgramData\ArcSoft
2013-10-25 10:05 - 2013-10-25 10:05 - 00000000 ____D C:\Program Files (x86)\Kodak
2013-10-25 10:05 - 2006-11-14 10:31 - 00022784 _____ (Arcsoft, Inc.) C:\Windows\SysWOW64\Drivers\afc.sys

==================== One Month Modified Files and Folders =======

2013-11-18 11:44 - 2013-11-18 11:43 - 00015532 _____ C:\Users\Kitty\Downloads\FRST.txt
2013-11-18 11:43 - 2013-11-18 11:43 - 00000000 ____D C:\FRST
2013-11-18 11:42 - 2013-11-18 11:41 - 00000472 _____ C:\Users\Kitty\Downloads\defogger_disable.log
2013-11-18 11:41 - 2013-11-18 11:41 - 00000168 _____ C:\Users\Kitty\defogger_reenable
2013-11-18 11:41 - 2013-01-25 23:59 - 00000000 ____D C:\Users\Kitty
2013-11-18 11:41 - 2009-07-14 05:45 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-18 11:41 - 2009-07-14 05:45 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-18 11:36 - 2013-11-18 11:36 - 01958026 _____ (Farbar) C:\Users\Kitty\Downloads\FRST64.exe
2013-11-18 11:35 - 2013-11-18 11:35 - 00050477 _____ C:\Users\Kitty\Downloads\Defogger.exe
2013-11-18 11:34 - 2013-01-27 17:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-18 11:22 - 2013-08-01 08:07 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-18 11:14 - 2013-05-07 11:37 - 00007602 _____ C:\Users\Kitty\AppData\Local\Resmon.ResmonCfg
2013-11-18 11:11 - 2011-04-12 08:43 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-11-18 11:11 - 2011-04-12 08:43 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-11-18 11:11 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-18 11:09 - 2013-11-06 01:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-11-18 11:09 - 2013-01-26 11:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-18 11:07 - 2013-01-25 23:59 - 01342188 _____ C:\Windows\WindowsUpdate.log
2013-11-18 11:04 - 2013-08-01 08:07 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-18 11:04 - 2013-01-27 17:35 - 00000000 ____D C:\Users\Kitty\.rainlendar2
2013-11-18 11:03 - 2013-01-28 02:10 - 00063620 _____ C:\Windows\setupact.log
2013-11-18 11:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-17 19:20 - 2013-11-17 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 17:15 - 2013-01-27 17:39 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-16 15:20 - 2013-10-29 17:26 - 00000000 ____D C:\Users\Kittira\AppData\Local\PMB Files
2013-11-16 14:58 - 2013-10-29 17:26 - 00000000 ____D C:\Users\Kittira\AppData\Roaming\Skype
2013-11-16 14:50 - 2013-10-29 17:26 - 00000000 ____D C:\Users\Kittira\.rainlendar2
2013-11-16 14:50 - 2013-02-07 21:09 - 00000000 ____D C:\Program Files (x86)\Origin
2013-11-16 01:41 - 2013-01-29 03:08 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-11-15 01:42 - 2013-09-06 18:12 - 00000000 ____D C:\Users\Kittira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-14 17:03 - 2013-07-15 21:10 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 17:01 - 2013-01-27 21:38 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 14:03 - 2013-02-12 12:30 - 00000000 ____D C:\Users\Kitty\AppData\Local\CrashDumps
2013-11-14 13:21 - 2013-03-12 17:19 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Winamp
2013-11-14 13:07 - 2013-01-27 19:39 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\vlc
2013-11-13 11:14 - 2013-03-28 20:01 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Skype
2013-11-11 20:59 - 2013-11-11 20:59 - 00009216 ___SH C:\Users\Public\Downloads\Thumbs.db
2013-11-11 20:57 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-09 12:47 - 2013-11-09 12:47 - 00000000 ____D C:\Users\Kittira\AppData\Local\My Games
2013-11-09 12:47 - 2013-07-22 10:47 - 00000000 ____D C:\Users\Kittira\Documents\my games
2013-11-08 23:09 - 2013-11-08 23:09 - 00000222 _____ C:\Users\Kittira\Desktop\State of Decay.url
2013-11-06 12:46 - 2013-11-03 19:23 - 00000000 ____D C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP
2013-11-06 12:45 - 2013-11-03 19:23 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2013-11-06 12:45 - 2013-02-08 18:01 - 00422549 _____ C:\Windows\DirectX.log
2013-11-06 12:43 - 2010-11-21 04:47 - 00252664 _____ C:\Windows\PFRO.log
2013-11-06 01:19 - 2013-11-06 00:44 - 00000000 ____D C:\Program Files\Recuva
2013-11-06 00:44 - 2013-11-06 00:44 - 03843072 _____ (Piriform Ltd) C:\Users\Kitty\Downloads\rcsetup148.exe
2013-11-06 00:44 - 2013-11-06 00:44 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-11-06 00:44 - 2013-02-08 12:54 - 00000000 ____D C:\Users\Kittira
2013-11-06 00:42 - 2013-11-06 00:41 - 00000000 ____D C:\Users\Kitty\Downloads\testdisk-6.14
2013-11-06 00:41 - 2013-11-06 00:41 - 03736125 _____ C:\Users\Kitty\Downloads\testdisk-6.14.win.zip
2013-11-06 00:37 - 2013-01-28 01:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-06 00:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-05 13:01 - 2013-10-29 23:00 - 00000000 ____D C:\Users\Kitty\Desktop\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage-TIw
2013-11-05 12:34 - 2013-01-27 14:29 - 00000000 ____D C:\Users\Kitty\AppData\Local\Spotify
2013-11-03 15:34 - 2013-11-03 15:34 - 00000221 _____ C:\Users\Kittira\Desktop\Overlord II.url
2013-11-03 14:24 - 2013-11-03 11:55 - 00000000 ____D C:\Users\Kittira\Documents\Overlord
2013-11-02 23:53 - 2013-04-20 12:06 - 00000000 ____D C:\Users\Kittira\AppData\Local\CrashDumps
2013-11-02 21:12 - 2013-11-02 21:12 - 00000221 _____ C:\Users\Kittira\Desktop\Overlord.url
2013-11-02 17:37 - 2013-11-02 17:37 - 00000220 _____ C:\Users\Kittira\Desktop\Sid Meier's Pirates!.url
2013-11-01 15:20 - 2013-11-01 15:20 - 00000221 _____ C:\Users\Kittira\Desktop\Aliens Colonial Marines.url
2013-11-01 15:19 - 2013-11-01 15:19 - 00000927 _____ C:\Users\Kittira\Desktop\Steam.lnk
2013-11-01 15:19 - 2013-02-08 12:54 - 00110936 _____ C:\Users\Kittira\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-31 08:52 - 2013-01-26 11:52 - 00110936 _____ C:\Users\Kitty\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-31 08:51 - 2009-07-14 05:45 - 00403328 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-31 02:28 - 2013-01-27 14:29 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Spotify
2013-10-31 00:33 - 2013-10-31 00:33 - 03411417 _____ C:\Users\Kitty\Desktop\TWDS4 Key Art.jpeg
2013-10-29 17:27 - 2013-10-29 17:27 - 00000000 ____D C:\Users\Kittira\Documents\telltale games
2013-10-28 20:59 - 2013-10-28 20:59 - 00000000 ____D C:\Users\Kitty\AppData\Local\My Games
2013-10-28 20:59 - 2013-08-01 20:27 - 00000000 ____D C:\Users\Kitty\Documents\My Games
2013-10-28 13:19 - 2013-02-05 17:53 - 00000000 ____D C:\Users\Kitty\dwhelper
2013-10-28 12:24 - 2013-10-25 10:05 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\ArcSoft
2013-10-28 12:24 - 2013-10-25 10:05 - 00000000 ____D C:\ProgramData\ArcSoft
2013-10-28 11:55 - 2013-01-27 19:12 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-10-25 10:18 - 2013-01-27 19:44 - 00000000 ____D C:\Program Files (x86)\RegCleaner
2013-10-25 10:17 - 2013-01-25 23:59 - 00000000 ___RD C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-25 10:11 - 2013-01-26 11:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-25 10:09 - 2013-10-25 10:09 - 00000000 ____D C:\Users\Kitty\AppData\Local\ArcSoft
2013-10-25 10:09 - 2013-01-25 23:59 - 00000000 ___RD C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-25 10:05 - 2013-10-25 10:05 - 00000000 ____D C:\Program Files (x86)\Kodak
2013-10-25 09:00 - 2013-03-03 23:02 - 00000000 ____D C:\Users\Kitty\AppData\Local\PMB Files
2013-10-25 08:30 - 2013-06-14 10:05 - 00000000 ____D C:\Users\Kitty\AppData\Local\Akamai
2013-10-23 08:18 - 2013-09-18 19:38 - 00000000 ____D C:\Users\Kitty\Documents\Telltale Games
2013-10-20 17:22 - 2013-09-26 23:35 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Apple Computer

Some content of TEMP:
====================
C:\Users\Kittira\AppData\Local\Temp\_is6BBD.exe
C:\Users\Kittira\AppData\Local\Temp\_is822A.exe
C:\Users\Kittira\AppData\Local\Temp\_isAF80.exe
C:\Users\Kittira\AppData\Local\Temp\_isBE30.exe
C:\Users\Kitty\AppData\Local\Temp\EBUC68B.EXE
C:\Users\Kitty\AppData\Local\Temp\EBUCABF.DLL
C:\Users\Kitty\AppData\Local\Temp\FreemakeVideoConverter_4.0.4.3.exe
C:\Users\Kitty\AppData\Local\Temp\Gw2.exe
C:\Users\Kitty\AppData\Local\Temp\ShellLink.dll
C:\Users\Kitty\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Kitty\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-12 13:37

==================== End Of Log ============================


Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2013 02
Ran by Kitty at 2013-11-18 11:44:33
Running from C:\Users\Kitty\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

4game (x32 Version: 3.1.0.154)
7-PDF Maker Version 1.4.1 (Build 128) (x32 Version: 7-PDF Maker - Version 1.4.1 (Build 128))
Adobe Acrobat 7.0 Standard - English, Français, Deutsch (x32 Version: 7.1.0)
Adobe Acrobat 7.1.0 Standard - English, Français, Deutsch (x32 Version: 7.1.0)
Adobe AIR (x32 Version: 3.6.0.5970)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Illustrator CS2 (x32 Version: 12.000.000)
Adobe InDesign CS2 (x32 Version: 004.000.000)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Adobe SVG Viewer 3.0 (x32 Version: 3.0)
AION Free-to-Play (x32)
Akamai NetSession Interface (HKCU)
Aliens: Colonial Marines (x32)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
Any Video Converter 5 5.0.2 (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft MediaImpression for Kodak (x32 Version: 2.0.24.761)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.0.0)
ATI AVIVO64 Codecs (Version: 11.6.0.51125)
ATI Catalyst Install Manager (Version: 3.0.812.0)
Audacity 2.0.3 (x32 Version: 2.0.3)
Bonjour (Version: 3.0.0.10)
CameraHelperMsi (x32 Version: 13.51.815.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.1125.2142.38865)
Catalyst Control Center Localization All (x32 Version: 2010.1125.2142.38865)
CCC Help Chinese Standard (x32 Version: 2010.1125.2141.38865)
CCC Help Chinese Traditional (x32 Version: 2010.1125.2141.38865)
CCC Help Czech (x32 Version: 2010.1125.2141.38865)
CCC Help Danish (x32 Version: 2010.1125.2141.38865)
CCC Help Dutch (x32 Version: 2010.1125.2141.38865)
CCC Help English (x32 Version: 2010.1125.2141.38865)
CCC Help Finnish (x32 Version: 2010.1125.2141.38865)
CCC Help French (x32 Version: 2010.1125.2141.38865)
CCC Help German (x32 Version: 2010.1125.2141.38865)
CCC Help Greek (x32 Version: 2010.1125.2141.38865)
CCC Help Hungarian (x32 Version: 2010.1125.2141.38865)
CCC Help Italian (x32 Version: 2010.1125.2141.38865)
CCC Help Japanese (x32 Version: 2010.1125.2141.38865)
CCC Help Korean (x32 Version: 2010.1125.2141.38865)
CCC Help Norwegian (x32 Version: 2010.1125.2141.38865)
CCC Help Polish (x32 Version: 2010.1125.2141.38865)
CCC Help Portuguese (x32 Version: 2010.1125.2141.38865)
CCC Help Russian (x32 Version: 2010.1125.2141.38865)
CCC Help Spanish (x32 Version: 2010.1125.2141.38865)
CCC Help Swedish (x32 Version: 2010.1125.2141.38865)
CCC Help Thai (x32 Version: 2010.1125.2141.38865)
CCC Help Turkish (x32 Version: 2010.1125.2141.38865)
ccc-core-static (x32 Version: 2010.1125.2142.38865)
ccc-utility64 (Version: 2010.1125.2142.38865)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Desura (x32 Version: 100.53)
erLT (x32 Version: 1.20.138.34)
Fable - The Lost Chapters (x32 Version: 1.00.0000)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0)
Fraps (remove only) (x32)
Free Video to MP3 Converter version 5.0.28.812 (x32 Version: 5.0.28.812)
Free YouTube to MP3 Converter version 3.12.11.812 (x32 Version: 3.12.11.812)
Freemake Video Converter Version 4.0.4 (x32 Version: 4.0.4)
Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0)
GemPcCCID (Version: 2.0.3)
Google Chrome (x32 Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
Guild Wars 2 (x32)
Hitman: Absolution (x32)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (Version: 28.0.1313.0)
HP Update (x32 Version: 5.003.003.001)
HydraVision (x32 Version: 4.2.184.0)
iTunes (Version: 11.1.0.126)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
JMicron JMB36X Driver (x32 Version: 1.17.62.0)
Lineage II (HKCU)
LineageII DE (x32)
Logitech Webcam-Software (x32 Version: 2.51)
LOST PLANET 2 (x32 Version: 1.0.0002.133)
LWS Facebook (x32 Version: 13.50.854.0)
LWS Gallery (x32 Version: 13.51.827.0)
LWS Help_main (x32 Version: 13.51.828.0)
LWS Launcher (x32 Version: 13.51.828.0)
LWS Motion Detection (x32 Version: 13.51.815.0)
LWS Pictures And Video (x32 Version: 13.51.815.0)
LWS Twitter (x32 Version: 13.30.1346.0)
LWS Webcam Software (x32 Version: 13.51.815.0)
LWS WLM Plugin (x32 Version: 1.30.1201.0)
LWS YouTube Plugin (x32 Version: 13.31.1038.0)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MAGIX Video deluxe 17 Plus Sonderedition (Designelemente) (x32 Version: 1.0.0.0)
MAGIX Video deluxe 17 Plus Sonderedition (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0)
MAGIX Video deluxe 17 Plus Sonderedition (Menüvorlagen 1) (x32 Version: 1.1.0.0)
MAGIX Video deluxe 17 Plus Sonderedition (Menüvorlagen 2) (x32 Version: 1.0.0.0)
MAGIX Video deluxe 17 Plus Sonderedition (Titeleffekte) (x32 Version: 1.0.0.0)
MAGIX Video deluxe 17 Plus Sonderedition (Überblendeffekte) (x32 Version: 1.0.0.0)
MAGIX Video deluxe 17 Plus Sonderedition Download-Version (x32 Version: 10.0.11.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NCsoft Launcher (x32 Version: 1.5.19002)
Notepad++ (x32 Version: 6.3)
NVIDIA PhysX (x32 Version: 9.10.0222)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Origin (x32 Version: 9.1.12.73)
Pando Media Booster (x32 Version: 2.6.0.8)
Phase 5 HTML-Editor (x32 Version: 5.6.2.3)
Project64 1.6 (x32 Version: 1.6)
Rainlendar2 (remove only) (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.43.321.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6251)
Recuva (Version: 1.48)
Sid Meier's Civilization V (x32)
Skype™ 6.3 (x32 Version: 6.3.107)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
Spybot - Search & Destroy (x32 Version: 2.0.12)
Spyware Terminator 2012 (x32 Version: 3.0.0.80)
StarCraft II (x32 Version: 2.0.11.26825)
State of Decay (x32)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
TeamSpeak 3 Client (x32 Version: 3.0.10.1)
TERA (x32 Version: 19.04.02.03.hf3)
The Elder Scrolls V: Skyrim (x32)
The Secret World (x32)
The Walking Dead (x32)
The Wolf Among Us (x32)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Unity Web Player (HKCU Version: )
Vegas Pro 12.0 (64-bit) (Version: 12.0.563)
VLC media player 2.0.5 (x32 Version: 2.0.5)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (x32)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (x32)
Warhammer® 40,000™: Dawn of War® II (x32)
Webocton - Scriptly 0.8.95.6 (x32 Version: 0.8.95.6)
Winamp (x32 Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WMV9/VC-1 Video Playback (Version: 1.00.0000)

==================== Restore Points =========================

01-11-2013 16:34:57 DirectX wurde installiert
01-11-2013 16:35:53 DirectX wurde installiert
02-11-2013 01:20:46 Windows Update
03-11-2013 18:22:26 DirectX wurde installiert
05-11-2013 16:06:33 Windows Update
05-11-2013 23:36:30 Wiederherstellungsvorgang
05-11-2013 23:48:59 Windows Update
06-11-2013 11:45:05 DirectX wurde installiert
09-11-2013 20:57:02 Windows Update
14-11-2013 12:10:25 Windows Update
14-11-2013 16:01:19 Windows Update
17-11-2013 18:12:51 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-06-17 10:17 - 00000868 ____A C:\Windows\system32\Drivers\etc\hosts
176.9.129.100 L2authd.lineage2.com

==================== Scheduled Tasks (whitelisted) =============

Task: {1198D44D-9B0B-4D4C-B05F-51DC4E013D97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-01] (Google Inc.)
Task: {48EF6C1D-40E0-40F4-A48A-853C076D3BEE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {75468A24-2BAC-40E7-A1E4-36A8A067C923} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {84C39D1A-A8A6-4642-ABBE-4B3994919AA6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {98106CAB-CF5A-4BAD-945D-F3AA7BC16B33} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {9BB3AC35-270D-48DB-B55D-9D3FED8CF00E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2010-11-25 21:41 - 2010-11-25 21:41 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-28 01:29 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-01-28 01:29 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-01-28 01:29 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-01-28 01:29 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-01-28 01:29 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2012-05-16 20:01 - 2012-05-16 20:01 - 00140800 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2012-12-29 10:30 - 2012-12-29 10:30 - 00209408 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 14:22 - 2012-06-17 14:22 - 00012800 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-02-20 19:06 - 2006-01-12 21:20 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.deu
2013-02-20 19:06 - 2006-01-12 21:13 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.FRA
2013-11-17 19:20 - 2013-11-17 19:20 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-01-28 01:29 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/18/2013 11:04:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/17/2013 07:02:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2013 02:50:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2013 01:41:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2013 00:49:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2013 00:49:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2013 02:03:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001ed7
ID des fehlerhaften Prozesses: 0x17cc
Startzeit der fehlerhaften Anwendung: 0xStateOfDecay.exe0
Pfad der fehlerhaften Anwendung: StateOfDecay.exe1
Pfad des fehlerhaften Moduls: StateOfDecay.exe2
Berichtskennung: StateOfDecay.exe3

Error: (11/14/2013 01:59:42 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827
Name des fehlerhaften Moduls: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00df94f5
ID des fehlerhaften Prozesses: 0x624
Startzeit der fehlerhaften Anwendung: 0xStateOfDecay.exe0
Pfad der fehlerhaften Anwendung: StateOfDecay.exe1
Pfad des fehlerhaften Moduls: StateOfDecay.exe2
Berichtskennung: StateOfDecay.exe3

Error: (11/14/2013 01:41:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827
Name des fehlerhaften Moduls: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00e0fb3b
ID des fehlerhaften Prozesses: 0x1790
Startzeit der fehlerhaften Anwendung: 0xStateOfDecay.exe0
Pfad der fehlerhaften Anwendung: StateOfDecay.exe1
Pfad des fehlerhaften Moduls: StateOfDecay.exe2
Berichtskennung: StateOfDecay.exe3

Error: (11/14/2013 01:00:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/18/2013 11:04:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/18/2013 11:04:10 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht.

Error: (11/17/2013 07:02:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/17/2013 07:02:46 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht.

Error: (11/16/2013 02:50:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/16/2013 02:50:38 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht.

Error: (11/16/2013 01:41:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/16/2013 01:41:26 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht.

Error: (11/15/2013 00:49:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/15/2013 00:49:33 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht.


Microsoft Office Sessions:
=========================
Error: (11/18/2013 11:04:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/17/2013 07:02:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2013 02:50:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2013 01:41:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2013 00:49:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2013 00:49:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2013 02:03:28 PM) (Source: Application Error)(User: )
Description: StateOfDecay.exe13.11.5.860652799827MSVCR100.dll10.0.40219.3254df2be1ec000000500001ed717cc01cee13977a8c2d6E:\Spiele\SteamLibrary\steamapps\common\Stat e of Decay\StateOfDecay.exeC:\Windows\system32\MSVCR100.dll2748b358-4d2d-11e3-98d5-5404a638321a

Error: (11/14/2013 01:59:42 PM) (Source: Application Error)(User: )
Description: StateOfDecay.exe13.11.5.860652799827StateOfDecay.exe13.11.5.860652799827c000000500df94f562401cee136f80a1965E:\Spiele\SteamLibrary\steamapps\common\Sta te of Decay\StateOfDecay.exeE:\Spiele\SteamLibrary\steamapps\common\State of Decay\StateOfDecay.exea09659c3-4d2c-11e3-98d5-5404a638321a

Error: (11/14/2013 01:41:49 PM) (Source: Application Error)(User: )
Description: StateOfDecay.exe13.11.5.860652799827StateOfDecay.exe13.11.5.860652799827c000000500e0fb3b179001cee1356b6edeedE:\Spiele\SteamLibrary\steamapps\common\St ate of Decay\StateOfDecay.exeE:\Spiele\SteamLibrary\steamapps\common\State of Decay\StateOfDecay.exe2079132f-4d2a-11e3-98d5-5404a638321a

Error: (11/14/2013 01:00:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8137.22 MB
Available physical RAM: 6013.79 MB
Total Pagefile: 16272.62 MB
Available Pagefile: 14085.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:22.72 GB) NTFS
Drive e: (Elements) (Fixed) (Total:1863.01 GB) (Free:301.97 GB) NTFS
Drive g: (Photoshop CS5) (CDROM) (Total:2.38 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 76636AE2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0007A3EF)
Partition 1: (Not Active) - (Size=-198627557376) - (Type=07 NTFS)

==================== End Of Log ============================



Das andere Tool hat leider nicht funktioniert.
Ich hoffe auf Hilfe Danke schonmal im vorraus!

MFG
Kittira

Alt 18.11.2013, 12:15   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1% - Standard

Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%


Hallo und

Zitat:
Adobe Acrobat 7.0 Standard - English, Français, Deutsch (x32 Version: 7.1.0)
Adobe Acrobat 7.1.0 Standard - English, Français, Deutsch (x32 Version: 7.1.0)

Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Ist das ein gewerblich genutztes System?

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 18.11.2013, 12:27   #3
Kittira
 
Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1% - Standard

Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%


Nein ist nicht gewerblich genutzt

Und nein weitere Logs habe ich nicht ;(
__________________
Alt 18.11.2013, 12:48   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1% - Standard

Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%


Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%
akamai, auslastung, bonjour, branding, browser, cpu, defender, desktop, farbar recovery scan tool, firefox, firefox 25.0.1, flash player, frst:, homepage, installation, log file, mozilla, mp3, pirates, plug-in, realtek, refresh, registry, security, services.exe, software, spotify web helper, spyware, svchost.exe, system, usb, windows, windows xp


« Ihavenet-Trojaner eingefangen | Sperrbildschirm BKA usw. »


Ähnliche Themen: Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%


  1. Windows 8.1: PC zeigt auf USB-Stick nur Verknüpfungen anstatt die Dateien
    Log-Analyse und Auswertung - 09.07.2015 (9)
  2. Werbung auf jeder Seite im Browser und dauerhafte Popups (Win 8.1)
    Log-Analyse und Auswertung - 22.03.2015 (7)
  3. Dauerhafte Werbung und Abspielen von Videos in Chrome und Safari
    Plagegeister aller Art und deren Bekämpfung - 29.08.2014 (5)
  4. Windows 7 prof. bricht das booten ab und zeigt schwarzen Bildschirm anstatt Benutzeranmeldung
    Log-Analyse und Auswertung - 25.04.2014 (7)
  5. Dauerhafte Werbung im Hintergrund zu hören !
    Plagegeister aller Art und deren Bekämpfung - 24.02.2014 (7)
  6. Windows 8.1 / Zuvor Sporadische nun dauerhafte Leistungseinbrüche
    Mülltonne - 20.12.2013 (0)
  7. Windows 7: Certifed-Toolbar Search anstatt Google nach Eingabe in Adressleiste
    Log-Analyse und Auswertung - 09.11.2013 (7)
  8. Windows XP CMD.exe startet anstatt Explorer.exe
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (11)
  9. MBR überschreiben, anstatt bei VT zu prüfen
    Lob, Kritik und Wünsche - 21.02.2013 (20)
  10. Google Suchergebnisse führen auf Werbeseiten, sowie dauerhafte Deaktivierung Windows Sicherheitscenter
    Log-Analyse und Auswertung - 10.01.2013 (5)
  11. Dauerhafte CPU Auslastung, PC Verlangsamt & Sound ruckelt - mögl. Virus ?
    Plagegeister aller Art und deren Bekämpfung - 11.05.2012 (9)
  12. Windows 7 Firewall anstatt Zonealarm und Spybot S&D ?
    Antiviren-, Firewall- und andere Schutzprogramme - 21.07.2010 (2)
  13. Trojaner/Virusbefall Verdachtsgrund: Dauerhafte (abnormale) Systemauslastung!
    Plagegeister aller Art und deren Bekämpfung - 17.05.2010 (1)
  14. anstatt öffnen erscheint Löschfenster
    Log-Analyse und Auswertung - 13.05.2009 (0)
  15. CPU 100% ? Dauerhafte ausgehende und eingehende E-mails?
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (3)
  16. Trojaner erzeugt usb496.dat - quarantäne, aber dauerhafte Lösung?
    Log-Analyse und Auswertung - 17.05.2007 (5)
  17. Prozess 'System' sorgt für dauerhafte CPU-Auslastung von 100% nach Einwahl ins Inet
    Plagegeister aller Art und deren Bekämpfung - 16.05.2007 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1% - Hallo! Ich habe seit heute dauerhauft eine CPU Auslastung von 25%. Was für meinen PC absolut nicht normal ist. Hoffe ihr könnt mir da helfen HIer die Log File von - Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1%...
Archiv
Du betrachtest: Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1% auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129