Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 22.09.2013, 21:05   #1
PadderOF
 
Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher - Standard

Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher



Guten Abend liebe Community,

Wollte mich mal umhören und hoffe hier wird mir geholfen.
Als erstes habe ich das Problem, das wenn ich nur Opera geöffnet habe, der Physikalische Speicher bei ca. 40% liegt obwohl die CPU-Auslastung sehr gering ist.
Außerdem kann ich im Taskmanager sehen, das Opera.exe 6-7 Prozesse geöffnet hat, obwohl ich nur ein Fenster aufhabe.
Habe das gefühl, ich habe mir irgendwo etwas eingefangen.
Ich habe schon alles erledigt was im Thread: "Für alle Hilfesuchenden!" angegeben war.

Defogger:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:35 on 22/09/2013 (Patrick)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013
Ran by Patrick at 2013-09-22 21:38:14
Running from C:\Users\Patrick\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs ======================

Acer Backup Manager (x32 Version: 3.0.0.100)
Acer Crystal Eye Webcam (x32 Version: 1.5.3018.00)
Acer ePower Management (x32 Version: 6.00.3008)
Acer eRecovery Management (x32 Version: 5.00.3502)
Acer Registration (x32 Version: 1.04.3503)
Acer System Information (x32 Version: 1.0.0)
Acer Updater (x32 Version: 1.02.3502)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Driver Installation Program (x32 Version: 9.0)
Backup Manager V3 (x32 Version: 3.0.0.100)
Bonjour (Version: 3.0.0.10)
Bonjour-Druckdienste (Version: 2.0.0.36)
Broadcom Card Reader Driver Installer (Version: 14.8.2.2)
Broadcom NetLink Controller (Version: 14.8.4.1)
Canon Easy-WebPrint EX (x32 Version: 1.3.5.0)
Canon MP Navigator EX 1.0 (x32)
Canon MP610 series
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
clear.fi (x32 Version: 1.0.1517_36458)
clear.fi (x32 Version: 1.0.2228.00)
clear.fi (x32 Version: 9.0.8228)
clear.fi Client (x32 Version: 1.00.3500)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.4)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Flatcast Viewer Plugin 5.3.0.784 (x32)
Free YouTube to MP3 Converter version 3.12.12.827 (x32 Version: 3.12.12.827)
GeForce Experience NvStream Client Components (Version: 0.1.87)
Google Chrome (x32 Version: 29.0.1547.76)
Google Update Helper (x32 Version: 1.3.21.153)
Identity Card (x32 Version: 1.00.3501)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2418)
Intel(R) Rapid Storage Technology (x32 Version: 10.5.0.1026)
iTunes (Version: 11.1.0.126)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 31 (64-bit) (Version: 6.0.310)
Launch Manager (x32 Version: 5.1.7)
League of Legends (x32 Version: 1.02.0000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 - Deutsch (x32 Version: 14.0.6114.5002)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nokia Connectivity Cable Driver (x32 Version: 7.1.172.0)
Nokia Suite (x32 Version: 3.8.30.0)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA nTune (x32 Version: 1.00.0000)
NVIDIA Optimus 8.3.14 (Version: 8.3.14)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Systemsteuerung 306.97 (Version: 306.97)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
Opera 12.16 (x32 Version: 12.16.1860)
Opera Stable 16.0.1196.73 (x32 Version: 16.0.1196.73)
Pando Media Booster (x32 Version: 2.6.0.1)
PC Connectivity Solution (x32 Version: 12.0.109.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6339)
saveNusohaerE (x32 Version: 2.3.0.1859)
Search Assistant WebSearch 1.74 (x32)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
SHIELD Streaming (Version: 1.05.28)
Skype Click to Call (x32 Version: 5.9.9216)
Skype™ 6.6 (x32 Version: 6.6.106)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
ss helper 1.74 (x32)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.1.6.0)
System Explorer 4.2.2 (x32)
System Requirements Lab for Intel (x32 Version: 4.5.5.0)
TeamSpeak 3 Client (HKCU Version: 3.0.12)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Welcome Center (x32 Version: 1.02.3503)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
WinRAR 4.11 (64-Bit) (Version: 4.11.0)

==================== Restore Points =========================

15-09-2013 18:59:21 Windows Update
18-09-2013 01:00:10 Windows Update
21-09-2013 11:02:35 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {1265D306-7696-4754-A725-80D65C45152A} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
Task: {1D987F9C-3674-400B-895D-EDF7276E6C78} - System32\Tasks\Games\UpdateCheck_S-1-5-21-633988642-1601714039-4110114373-1001
Task: {3369E379-E461-4A81-A315-3446E2140602} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {36C48E32-DBD6-4353-A4A6-0AC0F4988AD7} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {38AB495B-06AD-4576-8F08-654CE683FB3B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {3A8450AD-D5F8-43F0-81D3-B12D0B25E95F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B3380A0-7DA4-4A61-8ADA-87D5CC21394B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-15] (Google Inc.)
Task: {480EE213-61F7-42D5-B7C9-48788EB45CFE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {496F1441-742A-46A1-A797-F0485C63BAAB} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-10-28] (CyberLink Corp.)
Task: {4DDBB28D-58C2-4016-9A0E-D8CFA8DFC55D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {506E0C36-3A40-4735-8DD9-7330B66DDA22} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-09-03] (Adobe Systems Incorporated)
Task: {68751896-927A-4C8F-9D04-BDE8C6857B47} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {8B8FF4F0-1F7B-42C1-9061-7F5103E72071} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {97F26853-AA79-4326-A8B9-282EF2D572DD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {9F5E75EF-921F-4D15-8491-ABC69DC74930} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {C014E59F-FBA5-4581-B524-17325BE8925B} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-28] (Acer Incorporated)
Task: {CC3893FD-4012-425D-82F9-5A76EA87876B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-15] (Google Inc.)
Task: {D013CC52-E186-48E1-82B7-4D91E0058ADB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {D0D76D69-B90E-471D-A78E-6EA78C0686D5} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-28] (CyberLink)
Task: {D9D83E06-6230-4E2E-8F3C-0079B8F5B2DE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-633988642-1601714039-4110114373-1001UA => C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-25] (Facebook Inc.)
Task: {EDBE7D1B-A289-482D-AF29-E44C18780946} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {F3ED0F59-5B2C-4151-BA32-5600FCC81B4F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-633988642-1601714039-4110114373-1001Core => C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-25] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-633988642-1601714039-4110114373-1001Core.job => C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-633988642-1601714039-4110114373-1001UA.job => C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-01 23:01 - 2012-02-17 21:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-08-12 09:37 - 2011-06-10 19:45 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2011-08-12 09:37 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-22 11:13 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2012-09-24 18:04 - 2011-03-28 10:39 - 02931816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2011-02-03 13:50 - 2011-02-03 13:50 - 01071448 _____ (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4c.dll
2011-02-03 13:50 - 2011-02-03 13:50 - 00034136 _____ (Dolby Laboratories Inc.) C:\Dolby PCEE4\Dolby.Interop.dll
2011-09-22 11:13 - 2011-03-07 07:25 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2011-02-03 13:50 - 2011-02-03 13:50 - 00030040 _____ (Dolby Laboratories Inc.) C:\Dolby PCEE4\de\pcee4c.resources.dll

==================== Alternate Data Streams (whitelisted) ======


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2013 09:05:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2013 09:05:32 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (09/22/2013 09:05:32 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (09/22/2013 06:05:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14867707

Error: (09/22/2013 06:05:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14867707

Error: (09/22/2013 06:05:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/22/2013 06:05:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14866693

Error: (09/22/2013 06:05:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14866693

Error: (09/22/2013 06:05:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/22/2013 06:05:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14865694


System errors:
=============
Error: (09/22/2013 09:06:06 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/22/2013 09:05:06 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎22.‎09.‎2013 um 21:03:29 unerwartet heruntergefahren.

Error: (09/19/2013 11:26:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/12/2013 05:53:02 AM) (Source: Microsoft Antimalware) (User: )
Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt

Feature: %%886

Fehlercode: 0x8007045b

Fehlerbeschreibung: Der Computer wird heruntergefahren.

Grund: %%892

Error: (09/12/2013 05:52:18 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎12.‎09.‎2013 um 05:50:15 unerwartet heruntergefahren.

Error: (09/11/2013 04:20:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/11/2013 04:20:38 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.

Error: (09/11/2013 04:19:23 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎11.‎09.‎2013 um 04:17:49 unerwartet heruntergefahren.

Error: (09/10/2013 03:45:40 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/09/2013 07:50:31 PM) (Source: DCOM) (User: )
Description: {AD1B0A76-DBB2-45C2-8403-45B8DD7FD503}


Microsoft Office Sessions:
=========================
Error: (09/22/2013 09:05:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2013 09:05:32 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (09/22/2013 09:05:32 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (09/22/2013 06:05:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14867707

Error: (09/22/2013 06:05:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14867707

Error: (09/22/2013 06:05:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/22/2013 06:05:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14866693

Error: (09/22/2013 06:05:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14866693

Error: (09/22/2013 06:05:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/22/2013 06:05:38 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14865694


==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 3947.86 MB
Available physical RAM: 1981.9 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5664.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:447.66 GB) (Free:310.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E870538A)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=448 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by Patrick (administrator) on PATRICK-PC on 22-09-2013 21:37:02
Running from C:\Users\Patrick\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
() C:\Program Files (x86)\Opera\16.0.1196.73\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [LiveSupport] - "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKCU\...\Run: [NVIDIA nTune] - "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
MountPoints2: {4fd11c56-4baf-11e2-b45b-b870f4edeecd} - E:\setup.exe
MountPoints2: {ebc431fc-be84-11e2-b430-3859f97156e8} - E:\AutoRun.exe
MountPoints2: {ebc43200-be84-11e2-b430-3859f97156e8} - E:\AutoRun.exe
MountPoints2: {ebc43353-be84-11e2-b430-b870f4edeecd} - E:\AutoRun.exe
MountPoints2: {ebc43357-be84-11e2-b430-b870f4edeecd} - E:\AutoRun.exe
MountPoints2: {ebc43359-be84-11e2-b430-b870f4edeecd} - E:\AutoRun.exe
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SystemExplorerAutoStart] - C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2851784 2013-05-16] (Mister Group)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll,c:\windows\syswow64\nvinit.dll c:\progra~2\sshelp~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll,C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
IMEO\avnotify.exe: [Debugger] null.exe
IMEO\ipmgui.exe: [Debugger] null.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.the-searcheng.info/?pid=34&r=2013/09/11&hid=210497651513244279&lg=EN&cc=DE&unqvl=35
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.the-searcheng.info/?pid=34&r=2013/09/11&hid=210497651513244279&lg=EN&cc=DE&unqvl=35
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.the-searcheng.info/?l=1&q={searchTerms}&pid=34&r=2013/09/11&hid=210497651513244279&lg=EN&cc=DE&unqvl=35
SearchScopes: HKCU - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.the-searcheng.info/?l=1&q={searchTerms}&pid=34&r=2013/09/11&hid=210497651513244279&lg=EN&cc=DE&unqvl=35
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=455
SearchScopes: HKCU - {090B296A-0606-473B-98D2-7CA405DD25EE} URL = hxxp://startsear.ch/?aff=2&src=sp&cf=6144f1a6-67cd-11e1-8e1c-b870f4edeecd&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=56685A59F97156E8&affID=119776&tt=080913_nch&tsp=5000
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.the-searcheng.info/?l=1&q={searchTerms}&pid=34&r=2013/09/11&hid=210497651513244279&lg=EN&cc=DE&unqvl=35
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: saveNusohaerE - {300E79D8-3FA5-61E4-DDC4-E86C4D3A83A6} - C:\ProgramData\saveNusohaerE\oCf83HQ.dll ()
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: SearchNewTab - {51B8493E-93BE-1DBC-A972-6C55118BF7A8} - C:\ProgramData\SearchNewTab\jmopK5.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: savensharee - {D661EEED-FA4A-0885-09F5-9785AB7B9D2A} - C:\ProgramData\savensharee\7R4N.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No File
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\infjrvpw.default
FF user.js: detected! => C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\infjrvpw.default\user.js
FF Homepage: user_pref("browser.startup.homepage", );
FF Homepage: hxxp://websearch.the-searcheng.info/?pid=34&r=2013/09/11&hid=210497651513244279&lg=EN&cc=DE&unqvl=35
FF SearchEngineOrder.1: WebSearch
FF DefaultSearchEngine: WebSearch
FF SelectedSearchEngine: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF Keyword.URL: hxxp://websearch.the-searcheng.info/?pid=34&r=2013/09/11&hid=210497651513244279&lg=EN&cc=DE&unqvl=35&l=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Patrick\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Patrick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 - C:\Users\Patrick\AppData\Roaming\Mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\infjrvpw.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\infjrvpw.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: Babylon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\infjrvpw.default\Extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\infjrvpw.default\Extensions\staged
FF Extension: Search Results Toolbar - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\infjrvpw.default\Extensions\{94366e2c-9923-431c-b0d6-747447dd0f2b}
FF Extension: Cookies Manager+ - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\infjrvpw.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
FF Extension: fhdp3 - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\infjrvpw.default\Extensions\fhdp3@freehdsp.tv.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (SearchNewTab) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicbobepdonfpmcfikggdkfogaahalkp\1.0
CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (savensharee ) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\eajjcegfcmpolbniplhhfibdifecbhno\5.10
CHR Extension: (SearchNewTab) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmlimoniobcffpolodmanaahkdcphpip\1.0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (saveNusohaerE ) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ophjigdkpinnldocacljhmhimnbjjhoc\5.10
CHR Extension: (Gmail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files (x86)\StartSearch plugin\vshareplg.crx

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [180224 2007-09-04] (NVIDIA)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-04-11] ()
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-25] (Mister Group)

==================== Drivers (Whitelisted) ====================

S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 NVR0Dev; C:\Windows\nvoclk64.sys [39968 2007-09-04] (NVidia Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 ALSysIO; \??\C:\Users\Patrick\AppData\Local\Temp\ALSysIO64.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-22 21:36 - 2013-09-22 21:36 - 01956670 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2013-09-22 21:36 - 2013-09-22 21:36 - 00000000 ____D C:\FRST
2013-09-22 21:35 - 2013-09-22 21:35 - 00000476 _____ C:\Users\Patrick\Desktop\defogger_disable.log
2013-09-22 21:35 - 2013-09-22 21:35 - 00000000 _____ C:\Users\Patrick\defogger_reenable
2013-09-22 21:33 - 2013-09-22 21:33 - 00050477 _____ C:\Users\Patrick\Desktop\Defogger.exe
2013-09-19 17:13 - 2013-09-19 17:18 - 00000000 ____D C:\Users\Patrick\Desktop\965YOKDJ
2013-09-19 12:06 - 2013-09-19 12:06 - 04200718 _____ C:\Users\Patrick\Desktop\bdb.bmp
2013-09-19 11:29 - 2013-09-19 11:29 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-19 11:28 - 2013-09-19 11:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 11:28 - 2013-09-19 11:29 - 00000000 ____D C:\Program Files\iTunes
2013-09-19 11:28 - 2013-09-19 11:29 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-19 11:28 - 2013-09-19 11:28 - 00000000 ____D C:\Program Files\iPod
2013-09-18 03:21 - 2013-09-18 03:21 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-09-18 03:21 - 2013-09-18 03:21 - 00000000 ____D C:\Windows\system32\NV
2013-09-18 03:03 - 2012-10-02 21:51 - 06200680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-18 03:03 - 2012-10-02 21:51 - 03536817 _____ C:\Windows\system32\nvcoproc.bin
2013-09-18 03:03 - 2012-10-02 21:51 - 03293544 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-18 03:03 - 2012-10-02 21:50 - 02557800 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-18 03:03 - 2012-10-02 21:50 - 00891240 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-18 03:03 - 2012-10-02 21:50 - 00866664 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2013-09-18 03:03 - 2012-10-02 21:50 - 00118120 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-18 03:03 - 2012-10-02 21:50 - 00063336 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-18 03:03 - 2012-10-02 21:50 - 00055144 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2013-09-12 03:14 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 03:14 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 03:14 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 03:14 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 03:14 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 03:14 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 03:14 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 03:14 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 03:14 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 03:14 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 03:14 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 03:14 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 03:14 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 03:14 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 03:14 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 03:14 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 03:14 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 03:14 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 03:14 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 03:14 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 03:14 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 01:01 - 2013-09-12 01:01 - 00000088 _____ C:\Windows\SysWOW64\1309635392358005036.log
2013-09-12 00:29 - 2013-09-12 00:51 - 00000000 ____D C:\ProgramData\SystemExplorer
2013-09-12 00:29 - 2013-09-12 00:29 - 02061008 _____ (Mister Group ) C:\Users\Patrick\Downloads\SystemExplorerSetup_422.exe
2013-09-12 00:29 - 2013-09-12 00:29 - 00000000 ____D C:\Program Files (x86)\System Explorer
2013-09-12 00:14 - 2013-09-12 00:14 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-09-12 00:13 - 2013-09-12 00:13 - 23334896 _____ (Simply Super Software ) C:\Users\Patrick\Downloads\trjsetup_688.exe
2013-09-11 20:33 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 20:33 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 20:33 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 20:33 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 20:33 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 20:33 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 20:33 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 20:33 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 20:33 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 20:33 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 20:33 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 20:33 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 20:33 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 20:33 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 20:33 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 20:33 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 20:33 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 20:33 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 20:33 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 20:33 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 20:33 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 20:33 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 20:33 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 20:33 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 20:33 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 20:33 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 20:33 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-11 15:30 - 2013-09-11 15:32 - 206491132 _____ C:\Users\Patrick\Downloads\Diary_Of_A_Trap_God-(DatPiff.com) (1).zip
2013-09-11 15:26 - 2013-09-12 00:49 - 00000000 ____D C:\ProgramData\saveNusohaerE
2013-09-11 15:25 - 2013-09-11 15:25 - 00303696 _____ (SummerSoft) C:\Users\Patrick\Downloads\DIARY OF A TRAP GOD.zip (1).exe
2013-09-11 15:24 - 2013-09-12 04:05 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-09-11 15:24 - 2013-09-11 15:26 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-09-11 15:24 - 2013-09-11 15:24 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SendSpace
2013-09-11 15:23 - 2013-09-12 00:49 - 00000000 ____D C:\ProgramData\savensharee
2013-09-11 15:23 - 2013-09-11 15:26 - 00000000 ____D C:\ProgramData\InstallMate
2013-09-11 15:23 - 2013-09-11 15:26 - 00000000 ____D C:\Program Files (x86)\ss helper
2013-09-11 15:23 - 2013-09-11 15:23 - 00000000 ____D C:\ProgramData\SummerSoft
2013-09-11 15:22 - 2013-09-11 15:22 - 00303696 _____ (SummerSoft) C:\Users\Patrick\Downloads\DIARY OF A TRAP GOD.zip.exe
2013-09-10 03:37 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-09-10 03:37 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-09-10 03:37 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-09-09 21:13 - 2013-09-09 21:14 - 00000000 ____D C:\Users\Patrick\AppData\Local\Purplizer
2013-09-09 16:26 - 2013-09-09 17:12 - 00000000 ____D C:\Users\Patrick\AppData\Local\Overwolf
2013-09-09 02:32 - 2013-09-09 02:32 - 00392256 _____ C:\Users\Patrick\Downloads\FirstRowSportApp_setup(18_4) (2).exe
2013-09-09 02:27 - 2013-09-09 02:27 - 00000000 ____D C:\Users\Patrick\AppData\Local\avgchrome
2013-09-09 02:26 - 2013-09-09 02:34 - 00000000 ____D C:\Program Files (x86)\FirstRowSportApp.com
2013-09-09 02:26 - 2013-09-09 02:26 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-09 02:26 - 2013-09-09 02:26 - 00000000 ____D C:\Program Files (x86)\FreeHDSport.TV
2013-09-09 02:24 - 2013-09-09 02:24 - 00392256 _____ C:\Users\Patrick\Downloads\FirstRowSportApp_setup(18_4) (1).exe
2013-09-09 02:23 - 2013-09-09 02:24 - 00392256 _____ C:\Users\Patrick\Downloads\FirstRowSportApp_setup(18_4).exe
2013-09-06 02:07 - 2013-09-06 02:07 - 29255112 _____ (DVDVideoSoft Ltd. ) C:\Users\Patrick\Downloads\FreeYouTubeToMP3Converter.exe
2013-09-03 15:52 - 2013-09-03 15:52 - 00000000 _____ C:\Users\Patrick\Sti_Trace.log
2013-09-03 15:35 - 2013-09-03 15:52 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Canon
2013-09-03 15:33 - 2013-09-03 15:33 - 00003172 _____ C:\Windows\System32\Tasks\{E68CCFEE-5882-4589-BD0E-C03EDC838336}
2013-09-03 15:32 - 2013-09-03 15:32 - 00002059 _____ C:\Users\Public\Desktop\MP Navigator EX 1.0.lnk
2013-09-03 15:31 - 2013-09-03 15:31 - 25158984 _____ C:\Users\Patrick\Downloads\mp610swin64101ea24 (1).exe
2013-09-03 15:30 - 2013-09-03 15:31 - 46582904 _____ C:\Users\Patrick\Downloads\mpnx_1_0-win-1_07-ea23_2 (1).exe
2013-09-03 15:28 - 2013-09-03 15:28 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-09-03 15:28 - 2007-04-16 05:00 - 00258560 _____ (CANON INC.) C:\Windows\system32\CNMLM93.DLL
2013-09-03 15:27 - 2013-09-03 15:27 - 00000000 ___HD C:\Program Files\CanonBJ
2013-09-03 15:27 - 2007-04-13 14:46 - 00246272 _____ (CANON INC.) C:\Windows\system32\CNC610L.DLL
2013-09-03 15:27 - 2007-03-23 16:33 - 01439744 _____ (CANON INC.) C:\Windows\system32\CNC610C.DLL
2013-09-03 15:27 - 2007-03-23 16:32 - 00092672 _____ (CANON INC.) C:\Windows\system32\CNC610I.DLL
2013-09-03 15:27 - 2007-03-15 14:13 - 00229888 _____ (Canon Inc.) C:\Windows\system32\CNC610O.DLL
2013-09-03 15:26 - 2013-09-03 15:27 - 25158984 _____ C:\Users\Patrick\Downloads\mp610swin64101ea24.exe
2013-09-03 15:25 - 2013-09-03 15:25 - 09637016 _____ C:\Users\Patrick\Downloads\ewpx-win-1_3_5-ea23.exe
2013-09-03 15:23 - 2013-09-03 15:25 - 00000000 ____D C:\Program Files (x86)\Canon
2013-09-03 15:22 - 2013-09-03 15:23 - 46582904 _____ C:\Users\Patrick\Downloads\mpnx_1_0-win-1_07-ea23_2.exe
2013-09-03 15:22 - 2013-09-03 15:22 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-08-27 19:48 - 2013-08-27 19:49 - 00000466 _____ C:\Users\Patrick\Downloads\url.htm
2013-08-25 18:07 - 2013-08-25 18:41 - 119377718 _____ C:\Users\Patrick\Downloads\Juicy_J-Stay_Trippy-2013.zip
2013-08-25 17:32 - 2013-08-25 17:32 - 00000320 _____ C:\Users\Patrick\Downloads\Carmen.vcf
2013-08-23 12:48 - 2013-08-23 13:32 - 220723703 _____ C:\Users\Patrick\Downloads\EF2cddeluxe.01.rar
2013-08-23 12:41 - 2013-08-23 13:15 - 104533389 _____ C:\Users\Patrick\Downloads\ASAP_Ferg-Trap_Lord-2013-CR.rar

==================== One Month Modified Files and Folders =======

2013-09-22 21:36 - 2013-09-22 21:36 - 01956670 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2013-09-22 21:36 - 2013-09-22 21:36 - 00000000 ____D C:\FRST
2013-09-22 21:36 - 2012-10-15 11:07 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-22 21:35 - 2013-09-22 21:35 - 00000476 _____ C:\Users\Patrick\Desktop\defogger_disable.log
2013-09-22 21:35 - 2013-09-22 21:35 - 00000000 _____ C:\Users\Patrick\defogger_reenable
2013-09-22 21:35 - 2011-12-21 17:08 - 00000000 ____D C:\Users\Patrick
2013-09-22 21:33 - 2013-09-22 21:33 - 00050477 _____ C:\Users\Patrick\Desktop\Defogger.exe
2013-09-22 21:12 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-22 21:12 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-22 21:08 - 2011-09-22 11:01 - 01617290 _____ C:\Windows\WindowsUpdate.log
2013-09-22 21:06 - 2011-12-22 13:58 - 00000000 ____D C:\ProgramData\clear.fi
2013-09-22 21:05 - 2013-04-16 09:58 - 00021160 _____ C:\Windows\setupact.log
2013-09-22 21:05 - 2012-10-15 11:07 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-22 21:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 21:03 - 2012-04-04 23:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-22 21:03 - 2011-12-21 18:23 - 00000000 ____D C:\Users\Patrick\AppData\Local\PMB Files
2013-09-22 21:03 - 2011-12-21 18:23 - 00000000 ____D C:\ProgramData\PMB Files
2013-09-22 21:01 - 2011-12-28 01:41 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client
2013-09-22 19:51 - 2012-07-27 21:09 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-633988642-1601714039-4110114373-1001UA.job
2013-09-22 13:51 - 2012-07-27 21:09 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-633988642-1601714039-4110114373-1001Core.job
2013-09-21 13:57 - 2011-09-22 20:54 - 00697550 _____ C:\Windows\system32\perfh007.dat
2013-09-21 13:57 - 2011-09-22 20:54 - 00148556 _____ C:\Windows\system32\perfc007.dat
2013-09-21 13:57 - 2009-07-14 07:13 - 01614964 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-20 20:42 - 2013-02-08 20:24 - 00002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-20 16:00 - 2012-04-15 21:37 - 00001983 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-09-20 15:58 - 2013-08-22 21:29 - 00000000 ____D C:\Users\Patrick\Documents\Neuer Ordner
2013-09-20 12:03 - 2012-04-04 23:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 12:03 - 2012-04-04 23:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 12:03 - 2011-08-12 09:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-19 17:18 - 2013-09-19 17:13 - 00000000 ____D C:\Users\Patrick\Desktop\965YOKDJ
2013-09-19 12:06 - 2013-09-19 12:06 - 04200718 _____ C:\Users\Patrick\Desktop\bdb.bmp
2013-09-19 11:29 - 2013-09-19 11:29 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-19 11:29 - 2013-09-19 11:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 11:29 - 2013-09-19 11:28 - 00000000 ____D C:\Program Files\iTunes
2013-09-19 11:29 - 2013-09-19 11:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-19 11:28 - 2013-09-19 11:28 - 00000000 ____D C:\Program Files\iPod
2013-09-18 03:21 - 2013-09-18 03:21 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-09-18 03:21 - 2013-09-18 03:21 - 00000000 ____D C:\Windows\system32\NV
2013-09-18 03:21 - 2012-08-01 02:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-18 03:03 - 2011-09-22 11:05 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-18 03:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-09-18 03:02 - 2012-10-11 00:53 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-18 03:02 - 2011-09-22 11:05 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-13 05:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 04:06 - 2011-12-21 17:10 - 00000000 ___RD C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 04:06 - 2011-12-21 17:10 - 00000000 ___RD C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 04:05 - 2013-09-11 15:24 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-09-12 04:05 - 2013-04-26 01:17 - 00024034 _____ C:\Windows\PFRO.log
2013-09-12 04:05 - 2009-07-14 06:45 - 00365480 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 03:14 - 2012-01-17 14:21 - 01642582 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-12 03:14 - 2012-01-17 14:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-12 03:13 - 2013-08-15 03:05 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 03:09 - 2012-11-24 09:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 03:09 - 2011-12-23 02:11 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 01:01 - 2013-09-12 01:01 - 00000088 _____ C:\Windows\SysWOW64\1309635392358005036.log
2013-09-12 00:58 - 2011-12-22 14:04 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Skype
2013-09-12 00:51 - 2013-09-12 00:29 - 00000000 ____D C:\ProgramData\SystemExplorer
2013-09-12 00:49 - 2013-09-11 15:26 - 00000000 ____D C:\ProgramData\saveNusohaerE
2013-09-12 00:49 - 2013-09-11 15:23 - 00000000 ____D C:\ProgramData\savensharee
2013-09-12 00:29 - 2013-09-12 00:29 - 02061008 _____ (Mister Group ) C:\Users\Patrick\Downloads\SystemExplorerSetup_422.exe
2013-09-12 00:29 - 2013-09-12 00:29 - 00000000 ____D C:\Program Files (x86)\System Explorer
2013-09-12 00:14 - 2013-09-12 00:14 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-09-12 00:13 - 2013-09-12 00:13 - 23334896 _____ (Simply Super Software ) C:\Users\Patrick\Downloads\trjsetup_688.exe
2013-09-11 15:44 - 2011-12-25 22:44 - 00000000 ____D C:\Users\Patrick\AppData\Local\Adobe
2013-09-11 15:32 - 2013-09-11 15:30 - 206491132 _____ C:\Users\Patrick\Downloads\Diary_Of_A_Trap_God-(DatPiff.com) (1).zip
2013-09-11 15:26 - 2013-09-11 15:24 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-09-11 15:26 - 2013-09-11 15:23 - 00000000 ____D C:\ProgramData\InstallMate
2013-09-11 15:26 - 2013-09-11 15:23 - 00000000 ____D C:\Program Files (x86)\ss helper
2013-09-11 15:25 - 2013-09-11 15:25 - 00303696 _____ (SummerSoft) C:\Users\Patrick\Downloads\DIARY OF A TRAP GOD.zip (1).exe
2013-09-11 15:24 - 2013-09-11 15:24 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SendSpace
2013-09-11 15:23 - 2013-09-11 15:23 - 00000000 ____D C:\ProgramData\SummerSoft
2013-09-11 15:22 - 2013-09-11 15:22 - 00303696 _____ (SummerSoft) C:\Users\Patrick\Downloads\DIARY OF A TRAP GOD.zip.exe
2013-09-10 03:35 - 2012-04-10 17:51 - 00000000 ____D C:\ProgramData\Origin
2013-09-10 03:35 - 2012-04-10 17:51 - 00000000 ____D C:\Program Files (x86)\Origin
2013-09-10 02:58 - 2012-04-10 21:43 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-09-10 02:58 - 2012-03-06 22:46 - 00000000 ____D C:\Program Files (x86)\StartSearch plugin
2013-09-09 21:14 - 2013-09-09 21:13 - 00000000 ____D C:\Users\Patrick\AppData\Local\Purplizer
2013-09-09 17:12 - 2013-09-09 16:26 - 00000000 ____D C:\Users\Patrick\AppData\Local\Overwolf
2013-09-09 16:26 - 2011-12-27 22:30 - 00000000 ____D C:\Users\Patrick\AppData\Local\TeamSpeak 3 Client
2013-09-09 02:34 - 2013-09-09 02:26 - 00000000 ____D C:\Program Files (x86)\FirstRowSportApp.com
2013-09-09 02:32 - 2013-09-09 02:32 - 00392256 _____ C:\Users\Patrick\Downloads\FirstRowSportApp_setup(18_4) (2).exe
2013-09-09 02:27 - 2013-09-09 02:27 - 00000000 ____D C:\Users\Patrick\AppData\Local\avgchrome
2013-09-09 02:26 - 2013-09-09 02:26 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-09 02:26 - 2013-09-09 02:26 - 00000000 ____D C:\Program Files (x86)\FreeHDSport.TV
2013-09-09 02:24 - 2013-09-09 02:24 - 00392256 _____ C:\Users\Patrick\Downloads\FirstRowSportApp_setup(18_4) (1).exe
2013-09-09 02:24 - 2013-09-09 02:23 - 00392256 _____ C:\Users\Patrick\Downloads\FirstRowSportApp_setup(18_4).exe
2013-09-06 02:09 - 2013-06-21 18:04 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-09-06 02:09 - 2011-12-24 11:24 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\DVDVideoSoft
2013-09-06 02:07 - 2013-09-06 02:07 - 29255112 _____ (DVDVideoSoft Ltd. ) C:\Users\Patrick\Downloads\FreeYouTubeToMP3Converter.exe
2013-09-05 23:56 - 2012-09-05 05:29 - 00120780 ____H C:\Windows\SysWOW64\mlfcache.dat
2013-09-05 16:32 - 2011-12-22 13:48 - 00000000 ____D C:\Program Files (x86)\Opera
2013-09-04 14:59 - 2011-08-12 09:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-04 14:59 - 2011-08-12 09:12 - 00000000 ____D C:\ProgramData\Skype
2013-09-03 15:52 - 2013-09-03 15:52 - 00000000 _____ C:\Users\Patrick\Sti_Trace.log
2013-09-03 15:52 - 2013-09-03 15:35 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Canon
2013-09-03 15:35 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2013-09-03 15:33 - 2013-09-03 15:33 - 00003172 _____ C:\Windows\System32\Tasks\{E68CCFEE-5882-4589-BD0E-C03EDC838336}
2013-09-03 15:32 - 2013-09-03 15:32 - 00002059 _____ C:\Users\Public\Desktop\MP Navigator EX 1.0.lnk
2013-09-03 15:31 - 2013-09-03 15:31 - 25158984 _____ C:\Users\Patrick\Downloads\mp610swin64101ea24 (1).exe
2013-09-03 15:31 - 2013-09-03 15:30 - 46582904 _____ C:\Users\Patrick\Downloads\mpnx_1_0-win-1_07-ea23_2 (1).exe
2013-09-03 15:28 - 2013-09-03 15:28 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-09-03 15:27 - 2013-09-03 15:27 - 00000000 ___HD C:\Program Files\CanonBJ
2013-09-03 15:27 - 2013-09-03 15:26 - 25158984 _____ C:\Users\Patrick\Downloads\mp610swin64101ea24.exe
2013-09-03 15:25 - 2013-09-03 15:25 - 09637016 _____ C:\Users\Patrick\Downloads\ewpx-win-1_3_5-ea23.exe
2013-09-03 15:25 - 2013-09-03 15:23 - 00000000 ____D C:\Program Files (x86)\Canon
2013-09-03 15:23 - 2013-09-03 15:22 - 46582904 _____ C:\Users\Patrick\Downloads\mpnx_1_0-win-1_07-ea23_2.exe
2013-09-03 15:22 - 2013-09-03 15:22 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-08-30 20:37 - 2013-05-10 18:58 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Spotify
2013-08-27 19:49 - 2013-08-27 19:48 - 00000466 _____ C:\Users\Patrick\Downloads\url.htm
2013-08-27 19:13 - 2013-05-10 18:59 - 00000000 ____D C:\Users\Patrick\AppData\Local\Spotify
2013-08-25 18:41 - 2013-08-25 18:07 - 119377718 _____ C:\Users\Patrick\Downloads\Juicy_J-Stay_Trippy-2013.zip
2013-08-25 17:32 - 2013-08-25 17:32 - 00000320 _____ C:\Users\Patrick\Downloads\Carmen.vcf
2013-08-23 23:28 - 2012-08-02 00:08 - 00001912 _____ C:\Windows\epplauncher.mif
2013-08-23 23:28 - 2012-08-02 00:07 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-23 23:28 - 2012-08-02 00:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-23 13:32 - 2013-08-23 12:48 - 220723703 _____ C:\Users\Patrick\Downloads\EF2cddeluxe.01.rar
2013-08-23 13:15 - 2013-08-23 12:41 - 104533389 _____ C:\Users\Patrick\Downloads\ASAP_Ferg-Trap_Lord-2013-CR.rar

Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Patrick\AppData\Local\Temp\FastDownload.exe
C:\Users\Patrick\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Patrick\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Patrick\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Patrick\AppData\Local\Temp\LiveSupport_update.exe
C:\Users\Patrick\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Patrick\AppData\Local\Temp\NEventMessages.dll
C:\Users\Patrick\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Patrick\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\Patrick\AppData\Local\Temp\ResetDevice.exe
C:\Users\Patrick\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Patrick\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-22 03:52

==================== End Of Log ============================

GMER:

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-22 21:48:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: dsl2sywl.exe; Driver: C:\Users\Patrick\AppData\Local\Temp\afdiyfob.sys


---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1948] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076da1465 2 bytes [DA, 76]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1948] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076da14bb 2 bytes [DA, 76]
.text ... * 2
.text C:\Windows\SysWOW64\PnkBstrA.exe[2060] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000072ed1a22 2 bytes [ED, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2060] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000072ed1ad0 2 bytes [ED, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2060] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000072ed1b08 2 bytes [ED, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2060] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000072ed1bba 2 bytes [ED, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2060] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000072ed1bda 2 bytes [ED, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076da1465 2 bytes [DA, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076da14bb 2 bytes [DA, 76]
.text ... * 2
? C:\Windows\system32\mssprxy.dll [2440] entry point in ".rdata" section 0000000070ef71e6
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076da1465 2 bytes [DA, 76]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076da14bb 2 bytes [DA, 76]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\LManager.exe[5180] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076da1465 2 bytes [DA, 76]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[5180] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076da14bb 2 bytes [DA, 76]
.text ... * 2

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000ea1341fa5
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000ea1341fa5@fce557560904 0x41 0x60 0x58 0x42 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000ea1341fa5 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000ea1341fa5@fce557560904 0x41 0x60 0x58 0x42 ...

---- EOF - GMER 2.1 ----

Schonmal im Vorraus, vielen Dank für eure Hilfe!

Alt 23.09.2013, 04:58   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher - Standard

Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher



hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________

Antwort

Themen zu Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher
browser, computer, converter, desktop, device driver, dsl, dvdvideosoft ltd., error, excel, failed, farbar, farbar recovery scan tool, fehler, flash player, helper, home, homepage, installation, livesupport, mozilla, mp3, plug-in, problem, prozesse, registry, scan, security, software, super, svchost.exe, system, taskmanager




Ähnliche Themen: Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher


  1. Win Vista: Hohe physikalischer Speicher Auslastung & viele Prozesse
    Alles rund um Windows - 18.09.2015 (4)
  2. CPU physikalischer Speicher und Leerlaufprozeß sehr hoch, ständig "keine Rückmeldung" und Rechenleistung am Boden
    Log-Analyse und Auswertung - 15.08.2015 (3)
  3. Physikalischer Speicher nach Start bei 40% und nach längerer Benutzung bei über 85%
    Log-Analyse und Auswertung - 13.07.2015 (29)
  4. CPU-Auslastung + physikalischer Speicher extrem hoch durch svchost (netsvcs)
    Log-Analyse und Auswertung - 19.03.2015 (3)
  5. Windows 7: PC oft langsam, Physikalischer Speicher über 90%
    Log-Analyse und Auswertung - 06.03.2015 (10)
  6. Windows 7 Physikalischer Speicher 30-50 %
    Plagegeister aller Art und deren Bekämpfung - 22.01.2015 (7)
  7. Windows 7 : physikalischer Speicher extrem ausgelastet
    Log-Analyse und Auswertung - 10.07.2014 (9)
  8. WIN 7 Physikalischer Speicher ständig zu 45 - 60% ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (7)
  9. WIN 7 Physikalischer Speicher ständig zu 45 - 60% ausgelastet
    Alles rund um Windows - 15.12.2013 (1)
  10. Win XP Home, unendlich langsam trotz niedriger CPU, mbar startet nicht
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (21)
  11. Computer ist langsam für die verbaute Hardware und den CPU/Speicher Last - Deltasearch?
    Plagegeister aller Art und deren Bekämpfung - 03.07.2013 (7)
  12. Sehr hoher physikalischer Speicherverbrauch
    Log-Analyse und Auswertung - 28.06.2013 (28)
  13. Physikalischer Speicher ständig nahezu ausgelastet
    Netzwerk und Hardware - 29.03.2013 (4)
  14. Physikalischer Speicher sehr hoch
    Log-Analyse und Auswertung - 22.10.2011 (1)
  15. tr/ag.cfx trojaner - physikalischer Speicher überlastet
    Plagegeister aller Art und deren Bekämpfung - 30.11.2010 (1)
  16. viel zu hoher virtueller Speicher(>2GB)
    Log-Analyse und Auswertung - 15.04.2007 (2)
  17. viel zu hoher virtueller speicher(>2GB)
    Mülltonne - 13.04.2007 (1)

Zum Thema Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher - Guten Abend liebe Community, Wollte mich mal umhören und hoffe hier wird mir geholfen. Als erstes habe ich das Problem, das wenn ich nur Opera geöffnet habe, der Physikalische Speicher - Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher...
Archiv
Du betrachtest: Computer Langsam. Niedriger CPU-Wert und hoher physikalischer Speicher auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.