Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.12.2013, 22:46   #1
dwlubu1
 
Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht. - Standard

Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht.



Hallo.

Ich habe das Problem, dass meine Grafikkarte im Desktop Betrieb voll ausgelastet ist, obwohl keine Programme laufen, welche die Graka auslasten sollten. Dies geschieht nur, wenn eine Internetverbindung da ist.
Ich habe im Task Manager die Prozesse aller Benutzer kontrolliert, aber nichts verdächtiges gefunden. Die Cpu ist auch nur bei 1-2% Auslastung im Desktopbetrieb.

Mein System:

Windows 7 home premium 64 bit
Cpu : Intel Core i7 3770
Gpu : Gtx 660
Nur eine Festplatte ist vorhanden 120 gb SSD
Antiviren System: Bitdefender Free Antivirus.

Logfiles sind auch vorhanden:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2013 01
Ran by Administrator (administrator) on EBUBEKIR-PC on 27-12-2013 21:40:14
Running from C:\Users\Administrator\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(AddGadgets) C:\Users\Administrator\AppData\Local\Temp\Rar$EXa0.692\PCMeter\PCMeterV0.3.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Temp\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5019360 2012-12-22] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-11-02] (Spotify Ltd)
HKCU\...\RunOnce: [Temp] - C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Temp\system.vbs [2185 2013-12-27] ()
MountPoints2: E - E:\setup\rsrc\Autorun.exe
MountPoints2: {afb13531-17c1-11e3-abaf-bc5ff461785c} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {afb13537-17c1-11e3-abaf-bc5ff461785c} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {b07c5980-4c80-11e2-b61a-bc5ff461785c} - E:\pushinst.exe
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7033AB2AC839CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB36A2B1D-094B-4B17-98E1-F2D18AF2EEE7&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB36A2B1D-094B-4B17-98E1-F2D18AF2EEE7&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=F0B7BC5FF461785C&affID=44444&tsp=4919
SearchScopes: HKCU - {A3902B31-684F-4c5c-B154-750B5C8CBD0B} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wwh7ca68.default
FF NewTab: hxxp://search.conduit.com/?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=EB_SSPV&Lay=1&UM=2&UP=SPB36A2B1D-094B-4B17-98E1-F2D18AF2EEE7
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wwh7ca68.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: BlackFox V2 - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wwh7ca68.default\Extensions\zigboom@hotmail.com
FF Extension: Blue Fox - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wwh7ca68.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
FF Extension: WOT - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wwh7ca68.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Ghostery - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wwh7ca68.default\Extensions\firefox@ghostery.com.xpi
FF Extension: SmartVideo For YouTube - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wwh7ca68.default\Extensions\mytube@ashishmishra.in.xpi
FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wwh7ca68.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\15.2.0.5

==================== Services (Whitelisted) =================

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-24] (Bitdefender)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 SystemStoreService; "C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe"  -displayname "System Store" -servicename "SystemStoreService" [x]
S2 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-08-29] (Bitdefender SRL)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-01-08] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-12-22] (FNet Co., Ltd.)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-12-27] ()
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2013-08-10] (BitDefender)
S1 avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 WinRing0_1_2_0; \??\C:\Users\Administrator\AppData\Local\Temp\tmp7138.tmp [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-27 21:40 - 2013-12-27 21:40 - 00015061 _____ C:\Users\Administrator\Downloads\FRST.txt
2013-12-27 21:39 - 2013-12-27 21:39 - 01930746 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2013-12-27 21:39 - 2013-12-27 21:39 - 00000000 ____D C:\FRST
2013-12-27 21:11 - 2013-12-27 21:16 - 00000031 _____ C:\Users\Administrator\Desktop\Neues Textdokument.txt
2013-12-24 23:19 - 2013-12-24 23:19 - 00000989 _____ C:\Users\Administrator\Desktop\PDF Architect.lnk
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Users\Administrator\Documents\PDF Architect Files
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\pdfforge
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PDF Architect
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2013-12-24 23:19 - 2013-04-09 14:13 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2013-12-24 23:19 - 2013-01-09 14:52 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2013-12-24 23:19 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2013-12-24 23:19 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2013-12-24 23:19 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2013-12-24 23:19 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2013-12-24 23:19 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2013-12-24 23:19 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2013-12-24 23:17 - 2013-12-24 23:17 - 69734576 _____ (pdfforge                                                    ) C:\Users\Administrator\Downloads\PDFCreator-1_7_2_setup_offline.exe
2013-12-24 22:47 - 2013-12-24 22:47 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-12-24 22:47 - 2013-12-24 22:47 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Canon
2013-12-24 22:39 - 2013-12-24 22:40 - 00000000 ____D C:\Program Files (x86)\Canon
2013-12-24 22:39 - 2013-12-24 22:39 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2013-12-24 22:39 - 2013-12-24 22:39 - 00000000 ____D C:\Program Files\Canon
2013-12-24 22:39 - 2009-09-17 09:12 - 00303104 _____ (CANON INC.) C:\Windows\SysWOW64\CNC990L.dll
2013-12-24 22:39 - 2009-05-25 05:00 - 00336896 _____ (CANON INC.) C:\Windows\system32\CNMXLMA3.DLL
2013-12-24 22:39 - 2009-04-14 11:19 - 00059232 _____ C:\Windows\SysWOW64\CNC990W.DAT
2013-12-24 22:39 - 2009-04-03 15:57 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNC990U.dll
2013-12-24 22:39 - 2009-01-16 09:55 - 00016128 _____ C:\Windows\SysWOW64\CNC1740D.TBL
2013-12-24 22:39 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2013-12-24 22:32 - 2013-12-24 22:32 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 22:32 - 2013-12-24 22:32 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-12-24 22:32 - 2013-12-24 22:32 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 22:32 - 2013-12-24 22:32 - 00000000 ____D C:\Windows\system32\STRING
2013-12-24 22:32 - 2012-06-14 17:18 - 00366592 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2013-12-24 22:32 - 2012-06-14 17:18 - 00359936 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2013-12-24 22:32 - 2012-06-14 17:18 - 00039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2013-12-24 22:32 - 2010-04-24 05:00 - 00336896 _____ (CANON INC.) C:\Windows\system32\CNMLMA3.DLL
2013-12-24 22:32 - 2009-03-18 09:10 - 00244736 _____ (CANON INC.) C:\Windows\system32\CNMIUA3.DLL
2013-12-24 22:31 - 2013-12-24 22:31 - 49904760 _____ C:\Users\Administrator\Downloads\mpnx_3_0-win-3_05-ea23_2.exe
2013-12-24 22:31 - 2013-12-24 22:31 - 28015760 _____ C:\Users\Administrator\Downloads\mp68-win-mp990-1_05-ea24.exe
2013-12-24 22:31 - 2013-12-24 22:31 - 16956568 _____ C:\Users\Administrator\Downloads\xp68-win-mp990-5_30c-ea7.exe
2013-12-24 22:31 - 2013-12-24 22:31 - 05368984 _____ C:\Users\Administrator\Downloads\mypr-win-3_1_0-ea11_2.exe
2013-12-22 00:37 - 2013-12-22 00:37 - 00000000 ____D C:\Users\Administrator\Documents\ACR
2013-12-22 00:37 - 2013-12-22 00:37 - 00000000 ____D C:\Users\Administrator\AppData\Local\CrashRpt
2013-12-22 00:30 - 2013-12-22 00:33 - 857640504 _____ (Eutechnyx, Ltd                                              ) C:\Users\Administrator\Downloads\ACR_setup.exe
2013-12-21 23:09 - 2013-12-21 23:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-21 23:09 - 2013-12-21 23:09 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-21 22:55 - 2013-12-21 22:56 - 06400680 _____ (Electronic Arts                                             ) C:\Users\Administrator\Downloads\setup_nfsw.exe
2013-12-21 03:29 - 2013-12-21 03:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-15 22:35 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-15 22:35 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-15 22:35 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-15 22:35 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-15 22:32 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-15 22:32 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-15 22:32 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-15 22:32 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-15 22:32 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-15 22:32 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-15 22:32 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-15 22:32 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-15 22:32 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-15 22:32 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-15 22:32 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-15 22:32 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-15 22:32 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-15 22:32 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-15 22:32 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-15 22:32 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-15 22:32 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-15 22:32 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-15 22:32 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-15 22:32 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-15 22:32 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-15 22:32 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-15 22:30 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-15 22:30 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-15 22:30 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-15 22:30 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-15 22:30 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-15 22:30 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-15 22:30 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-15 22:30 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-15 22:30 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-15 22:30 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-15 22:30 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-15 22:30 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-15 22:30 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-15 22:30 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-15 22:30 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-15 22:30 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-15 22:30 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-15 22:30 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-15 22:30 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-15 22:30 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-15 22:30 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-15 22:30 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-15 22:30 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-15 22:30 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-15 22:30 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-15 22:30 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-15 22:30 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-15 22:30 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-15 22:30 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-15 22:30 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-15 22:30 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-15 22:30 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-15 22:30 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-15 22:30 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-15 22:30 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-15 22:30 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-15 22:30 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-15 22:30 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-15 22:30 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-15 22:30 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-15 22:30 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-15 22:30 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-15 22:30 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-15 22:30 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-15 22:30 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-15 22:30 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-15 22:30 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-15 22:30 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-15 22:30 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-13 19:33 - 2013-12-13 19:33 - 00000000 ____D C:\Users\Administrator\Downloads\Gameforge Live
2013-12-08 20:26 - 2013-12-08 20:26 - 00214374 _____ C:\Users\Administrator\Downloads\ConquestAION.rar
2013-12-08 15:56 - 2013-12-08 15:56 - 05003264 _____ (NC Interactive, LLC) C:\Users\Administrator\Downloads\AionInstaller.exe
2013-12-06 23:41 - 2013-12-06 23:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\IsolatedStorage
2013-12-06 23:41 - 2013-12-06 23:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Futuremark
2013-12-06 23:40 - 2013-12-06 23:40 - 00000363 _____ C:\Windows\DirectX.log
2013-12-06 23:40 - 2013-12-06 23:40 - 00000000 ____D C:\Program Files (x86)\Futuremark
2013-12-06 23:27 - 2013-12-13 17:44 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\NVIDIA
2013-12-06 15:45 - 2013-12-06 15:45 - 00000000 ____D C:\ProgramData\McAfee
2013-12-06 15:44 - 2013-12-24 22:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe

==================== One Month Modified Files and Folders =======

2013-12-27 21:40 - 2013-12-27 21:40 - 00015061 _____ C:\Users\Administrator\Downloads\FRST.txt
2013-12-27 21:39 - 2013-12-27 21:39 - 01930746 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2013-12-27 21:39 - 2013-12-27 21:39 - 00000000 ____D C:\FRST
2013-12-27 21:26 - 2012-12-22 19:41 - 00007618 _____ C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2013-12-27 21:26 - 2009-07-14 05:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-27 21:26 - 2009-07-14 05:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-27 21:24 - 2012-12-22 03:13 - 01366151 _____ C:\Windows\WindowsUpdate.log
2013-12-27 21:24 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2013-12-27 21:24 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2013-12-27 21:24 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-27 21:22 - 2012-12-22 23:41 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-12-27 21:19 - 2013-07-25 21:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-27 21:19 - 2013-07-23 00:02 - 00267548 _____ C:\Windows\PFRO.log
2013-12-27 21:19 - 2013-07-22 23:59 - 00025637 _____ C:\Windows\setupact.log
2013-12-27 21:19 - 2013-05-18 10:13 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2013-12-27 21:19 - 2012-12-22 20:36 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2013-12-27 21:19 - 2012-12-22 20:35 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-12-27 21:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-27 21:18 - 2013-11-20 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\PMB Files
2013-12-27 21:18 - 2013-05-28 23:09 - 00003044 _____ C:\Windows\System32\Tasks\MSIAfterburner
2013-12-27 21:16 - 2013-12-27 21:11 - 00000031 _____ C:\Users\Administrator\Desktop\Neues Textdokument.txt
2013-12-27 21:02 - 2012-12-22 17:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-27 20:59 - 2013-05-29 22:34 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-26 15:27 - 2013-11-20 20:45 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-26 02:14 - 2012-12-23 15:07 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2013-12-25 20:31 - 2013-01-11 15:17 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TS3Client
2013-12-25 00:51 - 2013-01-24 13:34 - 00000271 _____ C:\Users\Administrator\Documents\aionmemo_f08472a8.dat
2013-12-24 23:38 - 2013-06-03 10:16 - 00000000 ____D C:\Users\Administrator\Desktop\Neuer Ordner
2013-12-24 23:19 - 2013-12-24 23:19 - 00000989 _____ C:\Users\Administrator\Desktop\PDF Architect.lnk
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Users\Administrator\Documents\PDF Architect Files
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\pdfforge
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PDF Architect
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-12-24 23:19 - 2013-12-24 23:19 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2013-12-24 23:17 - 2013-12-24 23:17 - 69734576 _____ (pdfforge                                                    ) C:\Users\Administrator\Downloads\PDFCreator-1_7_2_setup_offline.exe
2013-12-24 22:47 - 2013-12-24 22:47 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-12-24 22:47 - 2013-12-24 22:47 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Canon
2013-12-24 22:42 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-24 22:40 - 2013-12-24 22:39 - 00000000 ____D C:\Program Files (x86)\Canon
2013-12-24 22:39 - 2013-12-24 22:39 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2013-12-24 22:39 - 2013-12-24 22:39 - 00000000 ____D C:\Program Files\Canon
2013-12-24 22:39 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2013-12-24 22:32 - 2013-12-24 22:32 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 22:32 - 2013-12-24 22:32 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-12-24 22:32 - 2013-12-24 22:32 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 22:32 - 2013-12-24 22:32 - 00000000 ____D C:\Windows\system32\STRING
2013-12-24 22:31 - 2013-12-24 22:31 - 49904760 _____ C:\Users\Administrator\Downloads\mpnx_3_0-win-3_05-ea23_2.exe
2013-12-24 22:31 - 2013-12-24 22:31 - 28015760 _____ C:\Users\Administrator\Downloads\mp68-win-mp990-1_05-ea24.exe
2013-12-24 22:31 - 2013-12-24 22:31 - 16956568 _____ C:\Users\Administrator\Downloads\xp68-win-mp990-5_30c-ea7.exe
2013-12-24 22:31 - 2013-12-24 22:31 - 05368984 _____ C:\Users\Administrator\Downloads\mypr-win-3_1_0-ea11_2.exe
2013-12-24 22:11 - 2013-12-06 15:44 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2013-12-24 22:11 - 2012-12-22 17:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2013-12-24 18:53 - 2013-01-03 23:55 - 00000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2013-12-22 20:01 - 2012-12-23 15:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-22 20:01 - 2012-12-23 15:07 - 00000000 ____D C:\ProgramData\Skype
2013-12-22 00:37 - 2013-12-22 00:37 - 00000000 ____D C:\Users\Administrator\Documents\ACR
2013-12-22 00:37 - 2013-12-22 00:37 - 00000000 ____D C:\Users\Administrator\AppData\Local\CrashRpt
2013-12-22 00:33 - 2013-12-22 00:30 - 857640504 _____ (Eutechnyx, Ltd                                              ) C:\Users\Administrator\Downloads\ACR_setup.exe
2013-12-21 23:09 - 2013-12-21 23:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-21 23:09 - 2013-12-21 23:09 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-21 22:56 - 2013-12-21 22:55 - 06400680 _____ (Electronic Arts                                             ) C:\Users\Administrator\Downloads\setup_nfsw.exe
2013-12-21 22:49 - 2013-08-11 00:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 03:29 - 2013-12-21 03:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 17:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-17 22:20 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-16 14:35 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-16 14:35 - 2009-07-14 05:45 - 00297280 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-15 22:33 - 2013-05-28 21:35 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-15 22:31 - 2013-07-15 08:33 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 19:33 - 2013-12-13 19:33 - 00000000 ____D C:\Users\Administrator\Downloads\Gameforge Live
2013-12-13 18:56 - 2012-12-22 20:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-13 17:44 - 2013-12-06 23:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\NVIDIA
2013-12-11 10:02 - 2012-12-22 17:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 10:02 - 2012-12-22 17:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 10:02 - 2012-12-22 17:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-08 20:41 - 2012-12-22 19:43 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-12-08 20:26 - 2013-12-08 20:26 - 00214374 _____ C:\Users\Administrator\Downloads\ConquestAION.rar
2013-12-08 15:56 - 2013-12-08 15:56 - 05003264 _____ (NC Interactive, LLC) C:\Users\Administrator\Downloads\AionInstaller.exe
2013-12-06 23:41 - 2013-12-06 23:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\IsolatedStorage
2013-12-06 23:41 - 2013-12-06 23:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Futuremark
2013-12-06 23:40 - 2013-12-06 23:40 - 00000363 _____ C:\Windows\DirectX.log
2013-12-06 23:40 - 2013-12-06 23:40 - 00000000 ____D C:\Program Files (x86)\Futuremark
2013-12-06 15:45 - 2013-12-06 15:45 - 00000000 ____D C:\ProgramData\McAfee
2013-12-05 11:21 - 2012-12-22 20:35 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-12-01 14:42 - 2012-12-23 18:37 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\nsd853D.exe
C:\Users\Administrator\AppData\Local\Temp\nsj4204.exe
C:\Users\Administrator\AppData\Local\Temp\nsj433D.exe
C:\Users\Administrator\AppData\Local\Temp\nst8414.exe
C:\Users\Administrator\AppData\Local\Temp\nszAB6F.exe
C:\Users\Administrator\AppData\Local\Temp\nvStInst.exe
C:\Users\Administrator\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Administrator\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-22 22:40
         

Addition :
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2013 01
Ran by Administrator at 2013-12-27 21:40:28
Running from C:\Users\Administrator\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

Acrobat.com (x32 Version: 0.0.0)
Acrobat.com (x32 Version: 1.1.377)
Adobe AIR (x32 Version: 1.0.4990)
Adobe AIR (x32 Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader 9 (x32 Version: 9.0.0)
AION Free-to-Play Version 1.0 (x32 Version: 1.0)
Akamai NetSession Interface (HKCU)
ASRock App Charger v1.0.5
ASRock eXtreme Tuner v0.1.248 (x32)
ASRock InstantBoot v1.29 (x32)
ASRock SmartConnect v1.0.6
ASRock XFast RAM v2.0.9
AVM FRITZ!WLAN (x32)
Bitdefender Antivirus Free Edition (Version: 1.0.21.1099)
Canon IJ Network Scan Utility (x32)
Canon IJ Network Tool (x32 Version: 3.1.1)
Canon MP Navigator EX 3.0 (x32)
Canon MP990 series MP Drivers
Canon My Printer (x32 Version: 3.1.0)
CCleaner (Version: 4.02)
CrystalDiskInfo 5.2.0 (x32 Version: 5.2.0)
Fraps (x32)
Free YouTube to MP3 Converter version 3.11.37.1212 (x32 Version: 3.11.37.1212)
Futuremark SystemInfo (x32 Version: 4.17.0)
Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0)
HTC Driver Installer (x32 Version: 4.0.1.002)
Intel(R) Control Center (x32 Version: 1.2.1.1008)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.35342)
Intel(R) Management Engine Components (x32 Version: 8.0.3.1427)
Intel(R) OpenCL CPU Runtime (x32)
Intel(R) Rapid Storage Technology (x32 Version: 11.2.0.1006)
Intel(R) Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
IPTInstaller (x32 Version: 4.0.8)
jetAudio Basic VX (x32 Version: 8.0.17)
League of Legends (x32 Version: 3.0.1)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
MotioninJoy Gamepad tool 0.7.1001 (Version: 0.7.1001)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSI Afterburner 2.3.1 (x32 Version: 2.3.1)
MSI Kombustor 2.5.0 (x32)
MyFreeCodec (HKCU)
Need For Speed™ World (x32 Version: 1.0.0.1599)
Notepad++ (x32 Version: 6.3.3)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.133.889)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 1.15.2 (Version: 1.15.2)
NVIDIA Update Components (Version: 1.15.2)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
oZone3D.Net FurMark v1.6.0 (x32)
Pando Media Booster (x32 Version: 2.6.0.7)
PDF Architect (x32 Version: 1.1.83.9982)
PDFCreator (x32 Version: 1.7.2)
PowerISO (x32 Version: 5.5)
Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6343)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
Skype™ 6.11 (x32 Version: 6.11.102)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.13.1)
TechPowerUp GPU-Z (x32)
Unlocker 1.9.2 (Version: 1.9.2)
VLC media player 2.0.7 (Version: 2.0.7)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
XFastUSB (x32 Version: 3.02.30)

==================== Restore Points  =========================

22-12-2013 21:47:49 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01428715-3DDB-4C09-9F6B-06256C7E9D84} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {1F083868-E60E-4821-B148-8E4FDDE72832} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {311B8D58-DA1C-4A3B-AB8E-C051B226B545} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {31A39601-3853-4359-A766-2E0FE93C1936} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {43555377-E0EF-4076-9CE1-E3A972B9A909} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe
Task: {4F7F7945-DFED-4868-B3BC-6203D8BE2A5C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {6AD6CCA3-988F-48D4-8A11-41806BE578A0} - System32\Tasks\EPUpdater => C:\Users\Administrator\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
Task: {79CDCA63-4932-42BC-912B-EB75F1FF7B96} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2013-01-23] ()
Task: {A728B108-B94D-441A-BC55-8CB9E50CE571} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {B8E85250-4B43-4B60-8435-9914AF1B517E} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe
Task: {BC01C136-6C68-42A4-A21C-58D4AA7475EA} - System32\Tasks\{DB364934-D4B3-4B06-99F8-7315086F8ABF} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: {BE17AE7B-6090-403D-8171-ABEB5D3593DA} - System32\Tasks\PCMeter\Startup => C:\Users\Administrator\AppData\Local\Temp\Rar$EXa0.692\PCMeter\PCMeterV0.3.exe [2012-08-25] (AddGadgets)
Task: {C36A4761-738B-45CF-8154-43C2D26A0621} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {DED43124-217D-402A-A640-186A259D9B8E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-05-13] (Microsoft)
Task: {FFA04C18-DE3B-461E-84A4-421D5187EA50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (whitelisted) =============

2013-10-24 13:20 - 2013-10-24 13:20 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-05-31 22:20 - 2013-01-12 19:33 - 00012520 _____ () C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\CoreTempReader.dll
2013-05-31 22:20 - 2013-01-12 19:33 - 00015080 _____ () C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\GetCoreTempInfoNET.dll
2013-05-31 22:20 - 2013-01-12 19:33 - 00014056 _____ () C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\SystemInfo.dll
2013-01-16 17:01 - 2013-01-16 17:01 - 00069632 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2013-01-16 17:00 - 2013-01-16 17:00 - 00061440 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2013-01-16 17:01 - 2013-01-16 17:01 - 00229376 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2013-01-16 17:00 - 2013-01-16 17:00 - 00143360 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2013-01-16 17:01 - 2013-01-16 17:01 - 00348160 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2011-04-30 20:04 - 2011-04-30 20:04 - 00013312 _____ () C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
2012-11-08 13:56 - 2012-11-30 11:45 - 00122880 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
2013-12-27 21:04 - 2012-09-25 23:46 - 00445800 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Temp\cudart32_50_35.dll
2013-12-27 21:04 - 2012-05-27 01:36 - 00054272 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Temp\pthreadVC2.dll
2012-11-30 11:24 - 2012-11-30 11:24 - 00061440 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll
2012-11-30 11:26 - 2012-11-30 11:26 - 00147456 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll
2012-11-30 11:48 - 2012-11-30 11:48 - 00061440 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll
2011-04-30 20:04 - 2011-04-30 20:04 - 00013312 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll
2013-12-21 03:29 - 2013-12-21 03:29 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-17 12:49 - 2013-08-17 12:49 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d5fbd408c39e0de3296b93ac03a5c147\IsdiInterop.ni.dll
2012-12-22 20:32 - 2012-05-30 13:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-12-22 20:34 - 2012-02-21 12:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Administrator\Downloads\ACR_setup.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\AionInstaller.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\dfx11Setup.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\Firefox_Setup_23.0.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\HTCDriver.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\install_flashplayer11x32au_mssd_aaa_aih(1).exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\jre-7u25-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\mp68-win-mp990-1_05-ea24.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\mpnx_3_0-win-3_05-ea23_2.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\mypr-win-3_1_0-ea11_2.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\PDFCreator-1_7_2_setup_offline.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\setup_nfsw.exe:BDU
AlternateDataStreams: C:\Users\Administrator\Downloads\xp68-win-mp990-5_30c-ea7.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: avgtp
Description: avgtp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avgtp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2013 09:19:10 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/27/2013 06:37:47 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/27/2013 01:47:56 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/27/2013 00:44:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (12/26/2013 09:37:04 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/26/2013 05:08:45 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/26/2013 04:27:42 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (12/26/2013 02:41:10 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/25/2013 08:12:25 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/25/2013 11:54:13 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


System errors:
=============
Error: (12/27/2013 09:32:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Internet Pass-Through Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/27/2013 09:19:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/27/2013 09:19:11 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
avgtp
cdrom

Error: (12/27/2013 09:19:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/27/2013 09:19:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/27/2013 06:38:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/27/2013 06:37:48 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
avgtp
cdrom

Error: (12/27/2013 06:37:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/27/2013 06:37:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/27/2013 01:48:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (12/27/2013 09:19:10 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/27/2013 06:37:47 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/27/2013 01:47:56 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/27/2013 00:44:28 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (12/26/2013 09:37:04 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/26/2013 05:08:45 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/26/2013 04:27:42 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (12/26/2013 02:41:10 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/25/2013 08:12:25 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/25/2013 11:54:13 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


==================== Memory info =========================== 

Percentage of memory in use: 30%
Total physical RAM: 8155.01 MB
Available physical RAM: 5694.31 MB
Total Pagefile: 8553.19 MB
Available Pagefile: 5204.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:41.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 3B61F3E6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


Ich hoffe ich habe die Information richtig gepostet, bin nämlich neu im Forum.
Für Hilfe wäre ich dankbar.

Mit freundlichen Grüßen

Dwlubu1

Problem gelöst. Es war ein Programm welches die Gpu für Mining Zwecke missbraucht. Dieser Prozess war unter dem Namen dllhost.exe getarnt. Beim Rechtsklick > Daeipfad öffnen war die Datei nicht die eigentliche dllhost.exe Datei, die sich im Windows System 32 Ordner befindet, sondern eine Datei die im Temp Ordner war. Wenn man das gleiche Problem hat, kann man ebenfalls die svchost.exe Prozesse kontrollieren. Die sollten ebenfalls im System 32 Ordner sein.

Alt 28.12.2013, 01:43   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht. - Standard

Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht.



Also brauchst Du keine Hilfe mehr?
__________________

__________________

Alt 28.12.2013, 17:00   #3
dwlubu1
 
Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht. - Standard

Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht.



Nein ich brauch keine Hilfe mehr.
Vielen dank. Leute die das selbe Problem haben, können das Gleiche machen wie ich. Indem sie die Prozesse und die Dateipfade abchecken.
__________________

Alt 29.12.2013, 12:29   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht. - Standard

Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht.



ok.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht.
adblock, akamai, ausgelastet, auslastung, browser, converter, desktop, error, fehler, festplatte, firefox, flash player, home, homepage, installation, launch, mozilla, mp3, newtab, problem, realtek, registry, richtlinie, scan, secure search, security, software, spotify web helper, svchost.exe, system, usb, virus, vollast, vtoolbarupdater



Ähnliche Themen: Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht.


  1. Außer dem Browser hat nichts eine Internet Verbindung.
    Alles rund um Windows - 06.09.2015 (58)
  2. Ich kann meine Browser nicht benutzten obwohl ich eine Internet Verbindung habe!!!!
    Alles rund um Windows - 01.04.2015 (8)
  3. Desktop wird plötzlich schwarz, wenn ich im Internet bin.
    Plagegeister aller Art und deren Bekämpfung - 30.12.2014 (53)
  4. Windows 7 - Internetausfall, obwohl Verbindung besteht; Chrome öffnet ungefragt Fenster
    Plagegeister aller Art und deren Bekämpfung - 26.09.2014 (9)
  5. Internet lädt ewigs obwohl gute verbindung besteht
    Alles rund um Windows - 21.03.2014 (4)
  6. Internet lädt ewigs obwohl gute verbindung besteht
    Plagegeister aller Art und deren Bekämpfung - 18.03.2014 (23)
  7. Grafikkarte bei voller Auslatung anstieg im Desktop
    Log-Analyse und Auswertung - 30.12.2013 (1)
  8. Hilfe Bitte. kein Internet über den Browser, obwohl eine Internet Verbindung besteht. ...
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (9)
  9. internet geht nicht obwohl w-lan-verbindung besteht
    Plagegeister aller Art und deren Bekämpfung - 02.07.2013 (11)
  10. Polizei Trojaner, PC gesperrt, sobald Verbindung zum Internet besteht
    Log-Analyse und Auswertung - 21.01.2013 (7)
  11. "Es besteht noch keine Verbindung zum Internet"-Fenster blockiert alles - XP SP3
    Log-Analyse und Auswertung - 29.09.2012 (2)
  12. Laptop blockiert / Weißes Bild / "Es besteht noch keine Verbindung zum Internet" + OTL Logs
    Log-Analyse und Auswertung - 09.07.2012 (1)
  13. Pc startet in unregelmässigen abständen neu wenn internertverbinding besteht.
    Plagegeister aller Art und deren Bekämpfung - 20.05.2012 (6)
  14. Weißer Bildschirm: Bitte warten, bis eine Verbindung mit dem Internet usw.
    Plagegeister aller Art und deren Bekämpfung - 26.02.2012 (3)
  15. Trojaner oder Virus nur aktiv wenn Internetverbindung besteht ?
    Plagegeister aller Art und deren Bekämpfung - 26.01.2010 (1)
  16. Trojaner (Virus) löscht alles wenn Internetverbindung besteht
    Plagegeister aller Art und deren Bekämpfung - 01.09.2009 (19)
  17. Internet geht nicht aber es besteht eine verbindung
    Alles rund um Windows - 22.02.2009 (0)

Zum Thema Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht. - Hallo. Ich habe das Problem, dass meine Grafikkarte im Desktop Betrieb voll ausgelastet ist, obwohl keine Programme laufen, welche die Graka auslasten sollten. Dies geschieht nur, wenn eine Internetverbindung da - Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht....
Archiv
Du betrachtest: Grafikkarte im Desktop auf vollast, wenn eine Internet Verbindung besteht. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.