|
Windows 7 dauerhafte CPU Auslastung um die 25% anstatt 0-1% Hallo! Ich habe seit heute dauerhauft eine CPU Auslastung von 25%. Was für meinen PC absolut nicht normal ist. :pfui: Hoffe ihr könnt mir da helfen :) HIer die Log File von Defogger -> defogger_disable by jpshortstuff (23.02.10.1) Log created at 11:42 on 18/11/2013 (Kitty) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2013 02 Ran by Kitty (administrator) on KITTY-PC on 18-11-2013 11:43:36 Running from C:\Users\Kitty\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE () C:\PROGRAM FILES (X86)\RAINLENDAR2\RAINLENDAR2.EXE (Spotify Ltd) C:\Users\Kitty\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\PROGRAM FILES (X86)\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.BIN (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Advanced Micro Devices Inc.) C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE (Oracle Corporation) C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE (ATI Technologies Inc.) C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation) HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-01-14] (Crawler.com) HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com) HKCU\...\Run: [Rainlendar2] - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2587136 2012-12-29] () HKCU\...\Run: [Spotify Web Helper] - C:\Users\Kitty\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-25] (Spotify Ltd) MountPoints2: {22014100-68cd-11e2-82f2-5404a638321a} - G:\Set-up.exe MountPoints2: {31748957-3d47-11e3-ac90-5404a638321a} - D:\MI.exe MountPoints2: {e3620929-6741-11e2-b449-806e6f6e6963} - F:\Setup.exe HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] () HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-11-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 7.0] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe [483328 2008-04-23] (Adobe Systems Inc.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKU\Kittira\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\Kittira\...\Run: [Rainlendar2] - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2587136 2012-12-29] () HKU\Kittira\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation) HKU\Kittira\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3561816 2013-10-16] (Electronic Arts) HKU\Kittira\...\Run: [updateMgr] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated) HKU\Kittira\...\Run: [PlayNC Launcher] - [x] HKU\Kittira\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-03] () HKU\Kittira\...\Run: [Spotify Web Helper] - C:\Users\Kitty\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-25] (Spotify Ltd) HKU\Kittira\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.) HKU\Kittira\...\Run: [Akamai NetSession Interface] - C:\Users\Kitty\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.) Startup: C:\Users\Kittira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6DB3528AB3FBCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: 176.9.129.100 L2authd.lineage2.com Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default FF user.js: detected! => C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default\user.js FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin-x32: @4game.com/plugin - C:\Program Files (x86)\4game\npplugin4game.dll (Innova Co S.a r.l.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Kitty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: DownloadHelper - C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: adblockpopups - C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default\Extensions\adblockpopups@jessehakanen.net.xpi FF Extension: Adblock Plus - C:\Users\Kitty\AppData\Roaming\Mozilla\Firefox\Profiles\ifzhpd5l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi Chrome: ======= CHR HomePage: hxxp://www.direngrey.co.jp/ CHR RestoreOnStartup: "hxxp://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (4game) - C:\Program Files (x86)\4game\npplugin4game.dll (Innova Co S.a r.l.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (ArcPlugin) - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll No File CHR Plugin: (Unity Player) - C:\Users\Kitty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) CHR Extension: (YouTube) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Cork Board) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\omedpokkgakfifajbapagggilbcenaga\1.0_0 CHR Extension: (Gmail) - C:\Users\Kitty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= S2 4game-service; C:\Program Files (x86)\4game\4game-service.exe [1133056 2013-05-23] (Innova Co S.a r.l.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-13] (Adobe Systems) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-01-14] (Crawler.com) ==================== Drivers (Whitelisted) ==================== R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-27] (DT Soft Ltd) R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [129792 2013-02-22] (Gemalto) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) R2 SecDrv; C:\Windows\SysWow64\drivers\SECDRV.SYS [163644 2013-08-17] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-01-29] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-18 11:43 - 2013-11-18 11:44 - 00015532 _____ C:\Users\Kitty\Downloads\FRST.txt 2013-11-18 11:43 - 2013-11-18 11:43 - 00000000 ____D C:\FRST 2013-11-18 11:41 - 2013-11-18 11:42 - 00000472 _____ C:\Users\Kitty\Downloads\defogger_disable.log 2013-11-18 11:41 - 2013-11-18 11:41 - 00000168 _____ C:\Users\Kitty\defogger_reenable 2013-11-18 11:36 - 2013-11-18 11:36 - 01958026 _____ (Farbar) C:\Users\Kitty\Downloads\FRST64.exe 2013-11-18 11:35 - 2013-11-18 11:35 - 00050477 _____ C:\Users\Kitty\Downloads\Defogger.exe 2013-11-17 19:20 - 2013-11-17 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-14 17:03 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-14 17:03 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-14 17:03 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-14 17:03 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-14 17:03 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-14 17:03 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-14 17:03 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-14 17:03 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-14 17:03 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-14 17:03 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-14 17:03 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-14 17:03 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-14 13:05 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-14 13:05 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-14 13:04 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-14 13:04 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-14 13:04 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 13:04 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-14 13:04 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-14 13:04 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-14 13:04 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-14 13:04 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-14 13:04 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-14 13:04 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-14 13:04 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-14 13:04 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-14 13:04 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-14 13:04 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-14 13:04 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-14 13:04 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-14 13:04 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-14 13:04 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-14 13:04 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-14 13:04 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-14 13:04 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-14 13:04 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-11 20:59 - 2013-11-11 20:59 - 00009216 ___SH C:\Users\Public\Downloads\Thumbs.db 2013-11-09 12:47 - 2013-11-09 12:47 - 00000000 ____D C:\Users\Kittira\AppData\Local\My Games 2013-11-08 23:09 - 2013-11-08 23:09 - 00000222 _____ C:\Users\Kittira\Desktop\State of Decay.url 2013-11-06 01:22 - 2013-11-18 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak 2013-11-06 00:44 - 2013-11-06 01:19 - 00000000 ____D C:\Program Files\Recuva 2013-11-06 00:44 - 2013-11-06 00:44 - 03843072 _____ (Piriform Ltd) C:\Users\Kitty\Downloads\rcsetup148.exe 2013-11-06 00:44 - 2013-11-06 00:44 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk 2013-11-06 00:41 - 2013-11-06 00:42 - 00000000 ____D C:\Users\Kitty\Downloads\testdisk-6.14 2013-11-06 00:41 - 2013-11-06 00:41 - 03736125 _____ C:\Users\Kitty\Downloads\testdisk-6.14.win.zip 2013-11-03 19:23 - 2013-11-06 12:46 - 00000000 ____D C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP 2013-11-03 19:23 - 2013-11-06 12:45 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP 2013-11-03 15:34 - 2013-11-03 15:34 - 00000221 _____ C:\Users\Kittira\Desktop\Overlord II.url 2013-11-03 11:55 - 2013-11-03 14:24 - 00000000 ____D C:\Users\Kittira\Documents\Overlord 2013-11-02 21:12 - 2013-11-02 21:12 - 00000221 _____ C:\Users\Kittira\Desktop\Overlord.url 2013-11-02 17:37 - 2013-11-02 17:37 - 00000220 _____ C:\Users\Kittira\Desktop\Sid Meier's Pirates!.url 2013-11-01 15:20 - 2013-11-01 15:20 - 00000221 _____ C:\Users\Kittira\Desktop\Aliens Colonial Marines.url 2013-11-01 15:19 - 2013-11-01 15:19 - 00000927 _____ C:\Users\Kittira\Desktop\Steam.lnk 2013-10-31 00:33 - 2013-10-31 00:33 - 03411417 _____ C:\Users\Kitty\Desktop\TWDS4 Key Art.jpeg 2013-10-29 23:00 - 2013-11-05 13:01 - 00000000 ____D C:\Users\Kitty\Desktop\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage-TIw 2013-10-29 17:27 - 2013-10-29 17:27 - 00000000 ____D C:\Users\Kittira\Documents\telltale games 2013-10-29 17:26 - 2013-11-16 15:20 - 00000000 ____D C:\Users\Kittira\AppData\Local\PMB Files 2013-10-29 17:26 - 2013-11-16 14:58 - 00000000 ____D C:\Users\Kittira\AppData\Roaming\Skype 2013-10-29 17:26 - 2013-11-16 14:50 - 00000000 ____D C:\Users\Kittira\.rainlendar2 2013-10-28 20:59 - 2013-10-28 20:59 - 00000000 ____D C:\Users\Kitty\AppData\Local\My Games 2013-10-25 10:09 - 2013-10-25 10:09 - 00000000 ____D C:\Users\Kitty\AppData\Local\ArcSoft 2013-10-25 10:05 - 2013-10-28 12:24 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\ArcSoft 2013-10-25 10:05 - 2013-10-28 12:24 - 00000000 ____D C:\ProgramData\ArcSoft 2013-10-25 10:05 - 2013-10-25 10:05 - 00000000 ____D C:\Program Files (x86)\Kodak 2013-10-25 10:05 - 2006-11-14 10:31 - 00022784 _____ (Arcsoft, Inc.) C:\Windows\SysWOW64\Drivers\afc.sys ==================== One Month Modified Files and Folders ======= 2013-11-18 11:44 - 2013-11-18 11:43 - 00015532 _____ C:\Users\Kitty\Downloads\FRST.txt 2013-11-18 11:43 - 2013-11-18 11:43 - 00000000 ____D C:\FRST 2013-11-18 11:42 - 2013-11-18 11:41 - 00000472 _____ C:\Users\Kitty\Downloads\defogger_disable.log 2013-11-18 11:41 - 2013-11-18 11:41 - 00000168 _____ C:\Users\Kitty\defogger_reenable 2013-11-18 11:41 - 2013-01-25 23:59 - 00000000 ____D C:\Users\Kitty 2013-11-18 11:41 - 2009-07-14 05:45 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-18 11:41 - 2009-07-14 05:45 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-18 11:36 - 2013-11-18 11:36 - 01958026 _____ (Farbar) C:\Users\Kitty\Downloads\FRST64.exe 2013-11-18 11:35 - 2013-11-18 11:35 - 00050477 _____ C:\Users\Kitty\Downloads\Defogger.exe 2013-11-18 11:34 - 2013-01-27 17:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-18 11:22 - 2013-08-01 08:07 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-18 11:14 - 2013-05-07 11:37 - 00007602 _____ C:\Users\Kitty\AppData\Local\Resmon.ResmonCfg 2013-11-18 11:11 - 2011-04-12 08:43 - 00653928 _____ C:\Windows\system32\perfh007.dat 2013-11-18 11:11 - 2011-04-12 08:43 - 00129800 _____ C:\Windows\system32\perfc007.dat 2013-11-18 11:11 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-18 11:09 - 2013-11-06 01:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak 2013-11-18 11:09 - 2013-01-26 11:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-18 11:07 - 2013-01-25 23:59 - 01342188 _____ C:\Windows\WindowsUpdate.log 2013-11-18 11:04 - 2013-08-01 08:07 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-18 11:04 - 2013-01-27 17:35 - 00000000 ____D C:\Users\Kitty\.rainlendar2 2013-11-18 11:03 - 2013-01-28 02:10 - 00063620 _____ C:\Windows\setupact.log 2013-11-18 11:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-17 19:20 - 2013-11-17 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-16 17:15 - 2013-01-27 17:39 - 00000000 ____D C:\Program Files (x86)\Steam 2013-11-16 15:20 - 2013-10-29 17:26 - 00000000 ____D C:\Users\Kittira\AppData\Local\PMB Files 2013-11-16 14:58 - 2013-10-29 17:26 - 00000000 ____D C:\Users\Kittira\AppData\Roaming\Skype 2013-11-16 14:50 - 2013-10-29 17:26 - 00000000 ____D C:\Users\Kittira\.rainlendar2 2013-11-16 14:50 - 2013-02-07 21:09 - 00000000 ____D C:\Program Files (x86)\Origin 2013-11-16 01:41 - 2013-01-29 03:08 - 00000000 ____D C:\ProgramData\Spyware Terminator 2013-11-15 01:42 - 2013-09-06 18:12 - 00000000 ____D C:\Users\Kittira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-11-14 17:03 - 2013-07-15 21:10 - 00000000 ____D C:\Windows\system32\MRT 2013-11-14 17:01 - 2013-01-27 21:38 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-14 14:03 - 2013-02-12 12:30 - 00000000 ____D C:\Users\Kitty\AppData\Local\CrashDumps 2013-11-14 13:21 - 2013-03-12 17:19 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Winamp 2013-11-14 13:07 - 2013-01-27 19:39 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\vlc 2013-11-13 11:14 - 2013-03-28 20:01 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Skype 2013-11-11 20:59 - 2013-11-11 20:59 - 00009216 ___SH C:\Users\Public\Downloads\Thumbs.db 2013-11-11 20:57 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-11-09 12:47 - 2013-11-09 12:47 - 00000000 ____D C:\Users\Kittira\AppData\Local\My Games 2013-11-09 12:47 - 2013-07-22 10:47 - 00000000 ____D C:\Users\Kittira\Documents\my games 2013-11-08 23:09 - 2013-11-08 23:09 - 00000222 _____ C:\Users\Kittira\Desktop\State of Decay.url 2013-11-06 12:46 - 2013-11-03 19:23 - 00000000 ____D C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP 2013-11-06 12:45 - 2013-11-03 19:23 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP 2013-11-06 12:45 - 2013-02-08 18:01 - 00422549 _____ C:\Windows\DirectX.log 2013-11-06 12:43 - 2010-11-21 04:47 - 00252664 _____ C:\Windows\PFRO.log 2013-11-06 01:19 - 2013-11-06 00:44 - 00000000 ____D C:\Program Files\Recuva 2013-11-06 00:44 - 2013-11-06 00:44 - 03843072 _____ (Piriform Ltd) C:\Users\Kitty\Downloads\rcsetup148.exe 2013-11-06 00:44 - 2013-11-06 00:44 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk 2013-11-06 00:44 - 2013-02-08 12:54 - 00000000 ____D C:\Users\Kittira 2013-11-06 00:42 - 2013-11-06 00:41 - 00000000 ____D C:\Users\Kitty\Downloads\testdisk-6.14 2013-11-06 00:41 - 2013-11-06 00:41 - 03736125 _____ C:\Users\Kitty\Downloads\testdisk-6.14.win.zip 2013-11-06 00:37 - 2013-01-28 01:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-11-06 00:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2013-11-05 13:01 - 2013-10-29 23:00 - 00000000 ____D C:\Users\Kitty\Desktop\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage-TIw 2013-11-05 12:34 - 2013-01-27 14:29 - 00000000 ____D C:\Users\Kitty\AppData\Local\Spotify 2013-11-03 15:34 - 2013-11-03 15:34 - 00000221 _____ C:\Users\Kittira\Desktop\Overlord II.url 2013-11-03 14:24 - 2013-11-03 11:55 - 00000000 ____D C:\Users\Kittira\Documents\Overlord 2013-11-02 23:53 - 2013-04-20 12:06 - 00000000 ____D C:\Users\Kittira\AppData\Local\CrashDumps 2013-11-02 21:12 - 2013-11-02 21:12 - 00000221 _____ C:\Users\Kittira\Desktop\Overlord.url 2013-11-02 17:37 - 2013-11-02 17:37 - 00000220 _____ C:\Users\Kittira\Desktop\Sid Meier's Pirates!.url 2013-11-01 15:20 - 2013-11-01 15:20 - 00000221 _____ C:\Users\Kittira\Desktop\Aliens Colonial Marines.url 2013-11-01 15:19 - 2013-11-01 15:19 - 00000927 _____ C:\Users\Kittira\Desktop\Steam.lnk 2013-11-01 15:19 - 2013-02-08 12:54 - 00110936 _____ C:\Users\Kittira\AppData\Local\GDIPFONTCACHEV1.DAT 2013-10-31 08:52 - 2013-01-26 11:52 - 00110936 _____ C:\Users\Kitty\AppData\Local\GDIPFONTCACHEV1.DAT 2013-10-31 08:51 - 2009-07-14 05:45 - 00403328 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-31 02:28 - 2013-01-27 14:29 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Spotify 2013-10-31 00:33 - 2013-10-31 00:33 - 03411417 _____ C:\Users\Kitty\Desktop\TWDS4 Key Art.jpeg 2013-10-29 17:27 - 2013-10-29 17:27 - 00000000 ____D C:\Users\Kittira\Documents\telltale games 2013-10-28 20:59 - 2013-10-28 20:59 - 00000000 ____D C:\Users\Kitty\AppData\Local\My Games 2013-10-28 20:59 - 2013-08-01 20:27 - 00000000 ____D C:\Users\Kitty\Documents\My Games 2013-10-28 13:19 - 2013-02-05 17:53 - 00000000 ____D C:\Users\Kitty\dwhelper 2013-10-28 12:24 - 2013-10-25 10:05 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\ArcSoft 2013-10-28 12:24 - 2013-10-25 10:05 - 00000000 ____D C:\ProgramData\ArcSoft 2013-10-28 11:55 - 2013-01-27 19:12 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2013-10-25 10:18 - 2013-01-27 19:44 - 00000000 ____D C:\Program Files (x86)\RegCleaner 2013-10-25 10:17 - 2013-01-25 23:59 - 00000000 ___RD C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-25 10:11 - 2013-01-26 11:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-25 10:09 - 2013-10-25 10:09 - 00000000 ____D C:\Users\Kitty\AppData\Local\ArcSoft 2013-10-25 10:09 - 2013-01-25 23:59 - 00000000 ___RD C:\Users\Kitty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-25 10:05 - 2013-10-25 10:05 - 00000000 ____D C:\Program Files (x86)\Kodak 2013-10-25 09:00 - 2013-03-03 23:02 - 00000000 ____D C:\Users\Kitty\AppData\Local\PMB Files 2013-10-25 08:30 - 2013-06-14 10:05 - 00000000 ____D C:\Users\Kitty\AppData\Local\Akamai 2013-10-23 08:18 - 2013-09-18 19:38 - 00000000 ____D C:\Users\Kitty\Documents\Telltale Games 2013-10-20 17:22 - 2013-09-26 23:35 - 00000000 ____D C:\Users\Kitty\AppData\Roaming\Apple Computer Some content of TEMP: ==================== C:\Users\Kittira\AppData\Local\Temp\_is6BBD.exe C:\Users\Kittira\AppData\Local\Temp\_is822A.exe C:\Users\Kittira\AppData\Local\Temp\_isAF80.exe C:\Users\Kittira\AppData\Local\Temp\_isBE30.exe C:\Users\Kitty\AppData\Local\Temp\EBUC68B.EXE C:\Users\Kitty\AppData\Local\Temp\EBUCABF.DLL C:\Users\Kitty\AppData\Local\Temp\FreemakeVideoConverter_4.0.4.3.exe C:\Users\Kitty\AppData\Local\Temp\Gw2.exe C:\Users\Kitty\AppData\Local\Temp\ShellLink.dll C:\Users\Kitty\AppData\Local\Temp\swt-win32-3740.dll C:\Users\Kitty\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-12 13:37 ==================== End Of Log ============================ Addition Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2013 02 Ran by Kitty at 2013-11-18 11:44:33 Running from C:\Users\Kitty\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== 4game (x32 Version: 3.1.0.154) 7-PDF Maker Version 1.4.1 (Build 128) (x32 Version: 7-PDF Maker - Version 1.4.1 (Build 128)) Adobe Acrobat 7.0 Standard - English, Français, Deutsch (x32 Version: 7.1.0) Adobe Acrobat 7.1.0 Standard - English, Français, Deutsch (x32 Version: 7.1.0) Adobe AIR (x32 Version: 3.6.0.5970) Adobe Bridge 1.0 (x32 Version: 001.000.001) Adobe Common File Installer (x32 Version: 1.00.001) Adobe Download Assistant (x32 Version: 1.2.5) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) Adobe Help Center 1.0 (x32 Version: 1.0.1) Adobe Illustrator CS2 (x32 Version: 12.000.000) Adobe InDesign CS2 (x32 Version: 004.000.000) Adobe Photoshop CS2 (x32 Version: 9.0) Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05) Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133) Adobe Stock Photos 1.0 (x32 Version: 1.0.1) Adobe SVG Viewer 3.0 (x32 Version: 3.0) AION Free-to-Play (x32) Akamai NetSession Interface (HKCU) Aliens: Colonial Marines (x32) AMD Drag and Drop Transcoding (Version: 2.00.0000) Any Video Converter 5 5.0.2 (x32) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) ArcSoft MediaImpression for Kodak (x32 Version: 2.0.24.761) Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.0.0) ATI AVIVO64 Codecs (Version: 11.6.0.51125) ATI Catalyst Install Manager (Version: 3.0.812.0) Audacity 2.0.3 (x32 Version: 2.0.3) Bonjour (Version: 3.0.0.10) CameraHelperMsi (x32 Version: 13.51.815.0) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2010.1125.2142.38865) Catalyst Control Center Localization All (x32 Version: 2010.1125.2142.38865) CCC Help Chinese Standard (x32 Version: 2010.1125.2141.38865) CCC Help Chinese Traditional (x32 Version: 2010.1125.2141.38865) CCC Help Czech (x32 Version: 2010.1125.2141.38865) CCC Help Danish (x32 Version: 2010.1125.2141.38865) CCC Help Dutch (x32 Version: 2010.1125.2141.38865) CCC Help English (x32 Version: 2010.1125.2141.38865) CCC Help Finnish (x32 Version: 2010.1125.2141.38865) CCC Help French (x32 Version: 2010.1125.2141.38865) CCC Help German (x32 Version: 2010.1125.2141.38865) CCC Help Greek (x32 Version: 2010.1125.2141.38865) CCC Help Hungarian (x32 Version: 2010.1125.2141.38865) CCC Help Italian (x32 Version: 2010.1125.2141.38865) CCC Help Japanese (x32 Version: 2010.1125.2141.38865) CCC Help Korean (x32 Version: 2010.1125.2141.38865) CCC Help Norwegian (x32 Version: 2010.1125.2141.38865) CCC Help Polish (x32 Version: 2010.1125.2141.38865) CCC Help Portuguese (x32 Version: 2010.1125.2141.38865) CCC Help Russian (x32 Version: 2010.1125.2141.38865) CCC Help Spanish (x32 Version: 2010.1125.2141.38865) CCC Help Swedish (x32 Version: 2010.1125.2141.38865) CCC Help Thai (x32 Version: 2010.1125.2141.38865) CCC Help Turkish (x32 Version: 2010.1125.2141.38865) ccc-core-static (x32 Version: 2010.1125.2142.38865) ccc-utility64 (Version: 2010.1125.2142.38865) DAEMON Tools Lite (x32 Version: 4.46.1.0327) Dead Space™ 3 (x32 Version: 1.0.0.0) Desura (x32 Version: 100.53) erLT (x32 Version: 1.20.138.34) Fable - The Lost Chapters (x32 Version: 1.00.0000) Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0) Fraps (remove only) (x32) Free Video to MP3 Converter version 5.0.28.812 (x32 Version: 5.0.28.812) Free YouTube to MP3 Converter version 3.12.11.812 (x32 Version: 3.12.11.812) Freemake Video Converter Version 4.0.4 (x32 Version: 4.0.4) Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0) GemPcCCID (Version: 2.0.3) Google Chrome (x32 Version: 31.0.1650.57) Google Update Helper (x32 Version: 1.3.21.165) Guild Wars 2 (x32) Hitman: Absolution (x32) HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (Version: 28.0.1313.0) HP Update (x32 Version: 5.003.003.001) HydraVision (x32 Version: 4.2.184.0) iTunes (Version: 11.1.0.126) Java 7 Update 21 (x32 Version: 7.0.210) Java Auto Updater (x32 Version: 2.1.9.5) JMicron JMB36X Driver (x32 Version: 1.17.62.0) Lineage II (HKCU) LineageII DE (x32) Logitech Webcam-Software (x32 Version: 2.51) LOST PLANET 2 (x32 Version: 1.0.0002.133) LWS Facebook (x32 Version: 13.50.854.0) LWS Gallery (x32 Version: 13.51.827.0) LWS Help_main (x32 Version: 13.51.828.0) LWS Launcher (x32 Version: 13.51.828.0) LWS Motion Detection (x32 Version: 13.51.815.0) LWS Pictures And Video (x32 Version: 13.51.815.0) LWS Twitter (x32 Version: 13.30.1346.0) LWS Webcam Software (x32 Version: 13.51.815.0) LWS WLM Plugin (x32 Version: 1.30.1201.0) LWS YouTube Plugin (x32 Version: 13.31.1038.0) MAGIX Screenshare (x32 Version: 4.3.6.1987) MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6) MAGIX Video deluxe 17 Plus Sonderedition (Designelemente) (x32 Version: 1.0.0.0) MAGIX Video deluxe 17 Plus Sonderedition (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0) MAGIX Video deluxe 17 Plus Sonderedition (Menüvorlagen 1) (x32 Version: 1.1.0.0) MAGIX Video deluxe 17 Plus Sonderedition (Menüvorlagen 2) (x32 Version: 1.0.0.0) MAGIX Video deluxe 17 Plus Sonderedition (Titeleffekte) (x32 Version: 1.0.0.0) MAGIX Video deluxe 17 Plus Sonderedition (Überblendeffekte) (x32 Version: 1.0.0.0) MAGIX Video deluxe 17 Plus Sonderedition Download-Version (x32 Version: 10.0.11.0) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0) Microsoft Security Client (Version: 4.3.0219.0) Microsoft Security Essentials (Version: 4.3.219.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1) Mozilla Maintenance Service (x32 Version: 25.0.1) Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8) MSVCRT Redists (Version: 1.0) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) NCsoft Launcher (x32 Version: 1.5.19002) Notepad++ (x32 Version: 6.3) NVIDIA PhysX (x32 Version: 9.10.0222) OpenOffice.org 3.4.1 (x32 Version: 3.41.9593) Origin (x32 Version: 9.1.12.73) Pando Media Booster (x32 Version: 2.6.0.8) Phase 5 HTML-Editor (x32 Version: 5.6.2.3) Project64 1.6 (x32 Version: 1.6) Rainlendar2 (remove only) (x32) Realtek Ethernet Controller Driver (x32 Version: 7.43.321.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6251) Recuva (Version: 1.48) Sid Meier's Civilization V (x32) Skype™ 6.3 (x32 Version: 6.3.107) Spotify (HKCU Version: 0.9.4.185.g7545a404) Spybot - Search & Destroy (x32 Version: 2.0.12) Spyware Terminator 2012 (x32 Version: 3.0.0.80) StarCraft II (x32 Version: 2.0.11.26825) State of Decay (x32) Steam (x32 Version: 1.0.0.0) swMSM (x32 Version: 12.0.0.1) TeamSpeak 3 Client (x32 Version: 3.0.10.1) TERA (x32 Version: 19.04.02.03.hf3) The Elder Scrolls V: Skyrim (x32) The Secret World (x32) The Walking Dead (x32) The Wolf Among Us (x32) Ubisoft Game Launcher (x32 Version: 1.0.0.0) Unity Web Player (HKCU Version: ) Vegas Pro 12.0 (64-bit) (Version: 12.0.563) VLC media player 2.0.5 (x32 Version: 2.0.5) Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (x32) Warhammer® 40,000™: Dawn of War® II – Retribution™ (x32) Warhammer® 40,000™: Dawn of War® II (x32) Webocton - Scriptly 0.8.95.6 (x32 Version: 0.8.95.6) Winamp (x32 Version: 5.63 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Live ID Sign-in Assistant (Version: 6.500.3165.0) WinRAR 4.20 (64-Bit) (Version: 4.20.0) WMV9/VC-1 Video Playback (Version: 1.00.0000) ==================== Restore Points ========================= 01-11-2013 16:34:57 DirectX wurde installiert 01-11-2013 16:35:53 DirectX wurde installiert 02-11-2013 01:20:46 Windows Update 03-11-2013 18:22:26 DirectX wurde installiert 05-11-2013 16:06:33 Windows Update 05-11-2013 23:36:30 Wiederherstellungsvorgang 05-11-2013 23:48:59 Windows Update 06-11-2013 11:45:05 DirectX wurde installiert 09-11-2013 20:57:02 Windows Update 14-11-2013 12:10:25 Windows Update 14-11-2013 16:01:19 Windows Update 17-11-2013 18:12:51 Windows Update ==================== Hosts content: ========================== 2009-07-14 03:34 - 2013-06-17 10:17 - 00000868 ____A C:\Windows\system32\Drivers\etc\hosts 176.9.129.100 L2authd.lineage2.com ==================== Scheduled Tasks (whitelisted) ============= Task: {1198D44D-9B0B-4D4C-B05F-51DC4E013D97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-01] (Google Inc.) Task: {48EF6C1D-40E0-40F4-A48A-853C076D3BEE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated) Task: {75468A24-2BAC-40E7-A1E4-36A8A067C923} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {84C39D1A-A8A6-4642-ABBE-4B3994919AA6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {98106CAB-CF5A-4BAD-945D-F3AA7BC16B33} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {9BB3AC35-270D-48DB-B55D-9D3FED8CF00E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-01] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll 2010-11-25 21:41 - 2010-11-25 21:41 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-01-28 01:29 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2013-01-28 01:29 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2013-01-28 01:29 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2013-01-28 01:29 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2013-01-28 01:29 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl 2012-05-16 20:01 - 2012-05-16 20:01 - 00140800 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll 2012-12-29 10:30 - 2012-12-29 10:30 - 00209408 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll 2012-06-17 14:22 - 2012-06-17 14:22 - 00012800 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll 2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2013-02-20 19:06 - 2006-01-12 21:20 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.deu 2013-02-20 19:06 - 2006-01-12 21:13 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.FRA 2013-11-17 19:20 - 2013-11-17 19:20 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-01-28 01:29 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/18/2013 11:04:13 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/17/2013 07:02:49 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/16/2013 02:50:41 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/16/2013 01:41:29 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/15/2013 00:49:36 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/15/2013 00:49:41 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/14/2013 02:03:28 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827 Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00001ed7 ID des fehlerhaften Prozesses: 0x17cc Startzeit der fehlerhaften Anwendung: 0xStateOfDecay.exe0 Pfad der fehlerhaften Anwendung: StateOfDecay.exe1 Pfad des fehlerhaften Moduls: StateOfDecay.exe2 Berichtskennung: StateOfDecay.exe3 Error: (11/14/2013 01:59:42 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827 Name des fehlerhaften Moduls: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00df94f5 ID des fehlerhaften Prozesses: 0x624 Startzeit der fehlerhaften Anwendung: 0xStateOfDecay.exe0 Pfad der fehlerhaften Anwendung: StateOfDecay.exe1 Pfad des fehlerhaften Moduls: StateOfDecay.exe2 Berichtskennung: StateOfDecay.exe3 Error: (11/14/2013 01:41:49 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827 Name des fehlerhaften Moduls: StateOfDecay.exe, Version: 13.11.5.8606, Zeitstempel: 0x52799827 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00e0fb3b ID des fehlerhaften Prozesses: 0x1790 Startzeit der fehlerhaften Anwendung: 0xStateOfDecay.exe0 Pfad der fehlerhaften Anwendung: StateOfDecay.exe1 Pfad des fehlerhaften Moduls: StateOfDecay.exe2 Berichtskennung: StateOfDecay.exe3 Error: (11/14/2013 01:00:34 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (11/18/2013 11:04:10 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/18/2013 11:04:10 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht. Error: (11/17/2013 07:02:46 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/17/2013 07:02:46 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht. Error: (11/16/2013 02:50:38 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/16/2013 02:50:38 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht. Error: (11/16/2013 01:41:26 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/16/2013 01:41:26 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht. Error: (11/15/2013 00:49:33 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "4game-service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/15/2013 00:49:33 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 4game-service erreicht. Microsoft Office Sessions: ========================= Error: (11/18/2013 11:04:13 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/17/2013 07:02:49 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/16/2013 02:50:41 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/16/2013 01:41:29 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/15/2013 00:49:36 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/15/2013 00:49:41 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/14/2013 02:03:28 PM) (Source: Application Error)(User: ) Description: StateOfDecay.exe13.11.5.860652799827MSVCR100.dll10.0.40219.3254df2be1ec000000500001ed717cc01cee13977a8c2d6E:\Spiele\SteamLibrary\steamapps\common\Stat e of Decay\StateOfDecay.exeC:\Windows\system32\MSVCR100.dll2748b358-4d2d-11e3-98d5-5404a638321a Error: (11/14/2013 01:59:42 PM) (Source: Application Error)(User: ) Description: StateOfDecay.exe13.11.5.860652799827StateOfDecay.exe13.11.5.860652799827c000000500df94f562401cee136f80a1965E:\Spiele\SteamLibrary\steamapps\common\Sta te of Decay\StateOfDecay.exeE:\Spiele\SteamLibrary\steamapps\common\State of Decay\StateOfDecay.exea09659c3-4d2c-11e3-98d5-5404a638321a Error: (11/14/2013 01:41:49 PM) (Source: Application Error)(User: ) Description: StateOfDecay.exe13.11.5.860652799827StateOfDecay.exe13.11.5.860652799827c000000500e0fb3b179001cee1356b6edeedE:\Spiele\SteamLibrary\steamapps\common\St ate of Decay\StateOfDecay.exeE:\Spiele\SteamLibrary\steamapps\common\State of Decay\StateOfDecay.exe2079132f-4d2a-11e3-98d5-5404a638321a Error: (11/14/2013 01:00:34 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8137.22 MB Available physical RAM: 6013.79 MB Total Pagefile: 16272.62 MB Available Pagefile: 14085.98 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:22.72 GB) NTFS Drive e: (Elements) (Fixed) (Total:1863.01 GB) (Free:301.97 GB) NTFS Drive g: (Photoshop CS5) (CDROM) (Total:2.38 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 76636AE2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0007A3EF) Partition 1: (Not Active) - (Size=-198627557376) - (Type=07 NTFS) ==================== End Of Log ============================ Das andere Tool hat leider nicht funktioniert. Ich hoffe auf Hilfe :D Danke schonmal im vorraus! MFG Kittira |
Hallo und :hallo: Zitat:
Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
|
Nein ist nicht gewerblich genutzt :D Und nein weitere Logs habe ich nicht ;( |
Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 09:34 Uhr. |
Copyright ©2000-2025, Trojaner-Board