Wärend ich spiele swicht mich mein pc auf den desktop

Paulx · 30.07.2013, 16:58

Hallo liebes Trojanerboard,

Immer wenn Manche spiele spiele Swicht mich mein PC auf den Desktop nach einer zeit
Die zeit abhänge sind von Spiel zu Spiel verschieden.

Habe den verdacht auf malware.
Weiß nich mehr weiter hoffe ihr könnt mir helfen.

ps habe windows 8

markusg · 30.07.2013, 17:05

Hi,
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Paulx · 30.07.2013, 17:12

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03
Ran by Kevin Moises (administrator) on 30-07-2013 18:09:37
Running from C:\Users\Kevin Moises\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(CyberLink) M:\Programme\PowerDVD13\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) M:\Programme\PowerDVD13\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(LogMeIn Inc.) M:\Hamachi\hamachi-2.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) M:\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Paul Freund - LVL3 Solutions) C:\Program Files\WindowsApps\PaulFreund-LVL3Solutions.Chat_1.2.0.34_neutral__0gdydpgbn7y1j\Chat.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\Kevin Moises\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) M:\Programme\PowerDVD13\PowerDVD13\PowerDVD13Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
(LogMeIn Inc.) M:\Hamachi\hamachi-2-ui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Valve Corporation) M:\Steam\steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\windows\SysWOW64\PnkBstrB.exe
(TeamSpeak Systems GmbH) M:\TS3\ts3client_win64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\windows\system32\wermgr.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe [51712 2012-07-26] (Microsoft Corporation)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\InprocServer32: [Default-cscui]  <==== ATTENTION!
HKCU\...\Run: [Google Update] - C:\Users\Kevin Moises\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-21] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1276152 2013-07-02] (Bogdan Sharkov)
HKCU\...\Run: [Advanced SystemCare Ultimate] - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [512384 2012-11-07] (IObit)
HKCU\...\Run: [Spotify] - C:\Users\Kevin Moises\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-08] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Kevin Moises\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-08] (Spotify Ltd)
MountPoints2: {f8e9c36c-a914-11e2-be6d-806e6f6e6963} - "F:\0data\cbs.exe" 
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD13Agent] - M:\Programme\PowerDVD13\PowerDVD13\PowerDVD13Agent.exe [513048 2013-03-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - M:\Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP&dt=071713
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {AD323E50-1AA7-4BB8-BA45-C4AC1A75E5DC} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {AD323E50-1AA7-4BB8-BA45-C4AC1A75E5DC} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=00DF4C72B980DAC7&affID=44444&tsp=4922
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {AD323E50-1AA7-4BB8-BA45-C4AC1A75E5DC} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {BF727720-7FC5-4715-B7A3-206DA281B878} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=01A99FE6-4F11-4448-B02F-A2310AEB3CBC&apn_sauid=1711A685-6381-4CFD-979E-FBB55DFAA5CA
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - M:\Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Kevin Moises\AppData\Roaming\Mozilla\Firefox\Profiles\1kr5y0ck.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - M:\Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - M:\Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kevin Moises\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kevin Moises\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Kevin Moises\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP&dt=071713",  "hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=00DF4C72B980DAC7&affID=44444&tsp=4922",  "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=00DF4C72B980DAC7&affID=44444&tsp=4922"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Kevin Moises\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kevin Moises\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kevin Moises\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Kevin Moises\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Kevin Moises\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google Docs) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.2.733_0
CHR Extension: (AdBlock) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (Virtual Keyboard) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.2.733_0
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR Extension: (Web filter ) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkkanopddcdpiefipikdkmiopinkcbga\4_0
CHR Extension: (Marc Ecko) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0
CHR Extension: (Gmail) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\KEVINM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.2.733_0
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Kevin Moises\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Kevin Moises\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASC_GhromePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [621008 2012-12-14] (IOBit)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; M:\Programme\PowerDVD13\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-03-20] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; M:\Programme\PowerDVD13\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [323336 2013-03-20] (CyberLink)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 Hamachi2Svc; M:\Hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
S2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; M:\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; M:\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-26] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [283032 2013-07-30] ()
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [75584 2013-04-25] (IObit)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 bdfsfltr; C:\windows\system32\Drivers\bdfsfltr.sys [431176 2011-03-24] (BitDefender)
R2 bdfsfltr; C:\windows\system32\Drivers\bdfsfltr.sys [431176 2011-03-24] (BitDefender)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [85048 2009-12-14] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [66104 2009-12-14] (Infowatch)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R0 KL1; C:\Windows\system32\DRIVERS\kl1.sys [458032 2011-10-20] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\system32\DRIVERS\kl2.sys [13616 2011-10-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [636760 2013-06-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RRNetCap; C:\Windows\system32\DRIVERS\rrnetcap.sys [37480 2013-06-13] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\system32\DRIVERS\rrnetcap.sys [37480 2013-06-13] (RapidSolution Software AG)
S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [329800 2011-11-21] (BitDefender S.R.L.)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; M:\Programme\PowerDVD13\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-03-19] (CyberLink Corp.)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; M:\Programme\PowerDVD13\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-03-19] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-30 18:08 - 2013-07-30 18:08 - 01781589 _____ (Farbar) C:\Users\Kevin Moises\Desktop\FRST64.exe
2013-07-30 17:52 - 2013-07-30 17:52 - 00000000 ___SH C:\DkHyperbootSync
2013-07-30 17:32 - 2013-07-30 17:32 - 00000000 ____D C:\Users\Kevin Moises\Desktop\Alte Firefox-Daten
2013-07-30 17:21 - 2013-07-30 17:50 - 00000000 ____D C:\Users\Kevin Moises\Documents\GTA San Andreas User Files
2013-07-30 17:21 - 2013-07-30 17:21 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-07-30 17:16 - 2013-07-30 17:16 - 00002786 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-07-30 17:16 - 2013-07-30 17:16 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-30 17:16 - 2013-07-30 17:16 - 00000000 ____D C:\Program Files\CCleaner
2013-07-30 16:48 - 2013-07-30 17:21 - 00000000 ____D C:\Users\Kevin Moises\Desktop\GTA SanAndreas
2013-07-30 16:47 - 2013-07-30 16:47 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\TeamViewer
2013-07-30 12:16 - 2013-07-30 12:17 - 00000000 ____D C:\rads
2013-07-28 21:55 - 2013-07-28 21:55 - 00000000 ____D C:\windows\SysWOW64\Adobe
2013-07-25 13:42 - 2013-07-28 21:53 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\Adobe
2013-07-21 00:25 - 2013-07-21 00:25 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\LolClient
2013-07-20 22:15 - 2013-07-20 22:15 - 00001389 _____ C:\Users\Public\Desktop\League of Legends.lnk
2013-07-20 22:15 - 2013-07-20 22:15 - 00000000 __SHD C:\windows\SysWOW64\AI_RecycleBin
2013-07-20 22:15 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2013-07-20 22:15 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2013-07-20 22:15 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2013-07-19 19:23 - 2013-07-19 19:40 - 00000000 ____D C:\Users\Kevin Moises\Documents\FIFA 13 Demo
2013-07-19 19:23 - 2013-07-19 19:23 - 00000000 __SHD C:\ProgramData\DSS
2013-07-19 19:22 - 2013-07-19 19:22 - 00000000 ____D C:\Users\Kevin Moises\Documents\FIFA 13
2013-07-19 18:54 - 2013-07-19 18:54 - 00001314 _____ C:\Users\Public\Desktop\FIFA 13 Demo.lnk
2013-07-19 18:06 - 2013-07-20 11:36 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Origin
2013-07-19 18:06 - 2013-07-19 18:12 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-19 18:05 - 2013-07-19 18:06 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\Origin
2013-07-19 18:04 - 2013-07-19 18:12 - 00000000 ____D C:\ProgramData\Origin
2013-07-19 18:04 - 2013-07-19 18:04 - 00000540 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-19 18:04 - 2013-07-19 18:04 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-17 20:00 - 2013-07-17 20:00 - 00417504 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-17 18:22 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2013-07-17 18:22 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-07-17 18:22 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-07-17 18:22 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2013-07-17 18:22 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-07-17 18:22 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-07-17 18:22 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-07-17 18:22 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-07-17 18:22 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2013-07-17 18:22 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2013-07-17 18:22 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2013-07-17 18:22 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2013-07-17 18:22 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2013-07-17 18:22 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2013-07-17 18:22 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2013-07-17 18:22 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2013-07-17 18:22 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2013-07-17 18:22 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2013-07-17 18:22 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-17 18:22 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2013-07-17 18:22 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2013-07-17 18:22 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2013-07-17 18:22 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2013-07-17 18:22 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2013-07-17 18:22 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2013-07-17 18:22 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2013-07-17 18:22 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2013-07-17 18:22 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2013-07-17 18:22 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupManager.dll
2013-07-17 18:22 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2013-07-17 18:22 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2013-07-17 18:22 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2013-07-17 18:22 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2013-07-17 18:22 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2013-07-17 18:22 - 2013-05-20 02:08 - 00386642 _____ C:\windows\system32\ApnDatabase.xml
2013-07-14 22:06 - 2013-07-14 22:19 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Tropico 3
2013-07-14 21:20 - 2013-07-14 21:20 - 00000201 _____ C:\Users\Kevin Moises\Desktop\Total War SHOGUN 2.url
2013-07-14 05:45 - 2013-07-26 15:46 - 00007164 _____ C:\Users\Kevin Moises\Documents\TombRaider.log
2013-07-14 05:21 - 2009-08-27 15:56 - 01702136 _____ C:\Users\Kevin Moises\Desktop\Tropico3.exe
2013-07-13 23:56 - 2013-07-13 23:56 - 00000202 _____ C:\Users\Kevin Moises\Desktop\Tomb Raider.url
2013-07-13 21:20 - 2013-07-13 21:20 - 00000923 _____ C:\Users\Public\Desktop\Die Gilde 2 - Gold Edition.lnk
2013-07-13 21:10 - 2013-07-13 21:17 - 00000000 ____D C:\Users\Kevin Moises\Desktop\Gilde 2
2013-07-13 20:48 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-13 20:48 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-13 20:48 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-13 20:47 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-13 20:47 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-13 20:47 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-13 20:47 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-13 20:47 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-13 20:47 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-13 20:47 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-13 20:47 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-13 20:47 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-13 20:47 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-13 20:47 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-13 20:47 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-13 20:47 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-13 20:47 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-13 20:47 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-13 20:47 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-13 20:47 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-13 20:47 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-13 20:47 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-13 20:47 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-13 20:47 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-12 20:39 - 2013-07-12 20:39 - 00000000 ____D C:\Users\Public\Games
2013-07-12 20:34 - 2013-07-12 20:34 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\ArmA 2
2013-07-09 15:46 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\windows\system32\hamachi.sys
2013-07-04 22:51 - 2013-07-04 22:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-04 20:32 - 2013-07-30 18:04 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\PMB Files
2013-07-04 20:32 - 2013-07-30 18:04 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-04 20:32 - 2013-07-04 20:32 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Riot Games
2013-07-04 20:32 - 2013-07-04 20:32 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-07-03 16:32 - 2013-07-03 16:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-02 14:37 - 2013-07-02 14:37 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Notepad++
2013-07-02 14:37 - 2013-07-02 14:37 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-30 22:44 - 2013-06-30 22:44 - 00003029 _____ C:\Users\Kevin Moises\Desktop\Microsoft Word 2010.lnk
2013-06-30 16:42 - 2013-06-30 16:42 - 00017408 _____ C:\Users\KEVINM~1\AppData\Local\WebpageIcons.db
2013-06-30 16:41 - 2013-06-30 16:41 - 00001261 _____ C:\Users\Kevin Moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 2.0.lnk
2013-06-30 16:40 - 2013-06-30 16:40 - 00153053 _____ C:\windows\system32\Drivers\klin.dat
2013-06-30 16:40 - 2013-06-30 16:40 - 00107384 _____ C:\windows\system32\Drivers\klick.dat
2013-06-30 16:40 - 2009-12-14 12:44 - 00085048 _____ (Infowatch) C:\windows\system32\Drivers\CSCrySec.sys
2013-06-30 16:40 - 2009-12-14 12:44 - 00066104 _____ (Infowatch) C:\windows\system32\Drivers\CSVirtualDiskDrv.sys
2013-06-30 16:39 - 2013-07-30 16:30 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-30 16:39 - 2013-06-30 16:39 - 00636760 _____ (Kaspersky Lab) C:\windows\system32\Drivers\klif.sys
2013-06-30 16:39 - 2013-06-30 16:39 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-06-30 16:39 - 2011-11-21 18:59 - 00329800 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2013-06-30 16:39 - 2011-03-24 15:36 - 00431176 _____ (BitDefender) C:\windows\system32\Drivers\bdfsfltr.sys
2013-06-30 16:28 - 2013-07-01 00:53 - 00007935 _____ C:\Users\Kevin Moises\Documents\Die Entdeckung Amerikas-word.odt
2013-06-30 15:58 - 2013-06-30 15:58 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-30 15:56 - 2013-07-16 20:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-30 15:56 - 2013-07-01 22:56 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\Microsoft Help
2013-06-30 15:56 - 2013-06-30 15:56 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-30 15:56 - 2013-06-30 15:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-30 00:05 - 2013-06-30 00:05 - 00000201 _____ C:\Users\Kevin Moises\Desktop\Stronghold Kingdoms.url
128

==================== One Month Modified Files and Folders =======

2013-07-30 18:08 - 2013-07-30 18:08 - 01781589 _____ (Farbar) C:\Users\Kevin Moises\Desktop\FRST64.exe
2013-07-30 18:08 - 2013-05-25 12:21 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Skype
2013-07-30 18:05 - 2013-06-23 15:39 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\LogMeIn Hamachi
2013-07-30 18:04 - 2013-07-04 20:32 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\PMB Files
2013-07-30 18:04 - 2013-07-04 20:32 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-30 18:03 - 2013-05-21 16:12 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1009719884-3110667454-1196366900-1001
2013-07-30 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2013-07-30 17:52 - 2013-07-30 17:52 - 00000000 ___SH C:\DkHyperbootSync
2013-07-30 17:50 - 2013-07-30 17:21 - 00000000 ____D C:\Users\Kevin Moises\Documents\GTA San Andreas User Files
2013-07-30 17:49 - 2013-05-21 13:40 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-07-30 17:46 - 2012-08-02 04:02 - 00000000 ____D C:\windows\Panther
2013-07-30 17:38 - 2013-06-19 21:06 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\TS3Client
2013-07-30 17:38 - 2013-05-21 23:18 - 00001160 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009719884-3110667454-1196366900-1001UA.job
2013-07-30 17:32 - 2013-07-30 17:32 - 00000000 ____D C:\Users\Kevin Moises\Desktop\Alte Firefox-Daten
2013-07-30 17:21 - 2013-07-30 17:21 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2013-07-30 17:21 - 2013-07-30 16:48 - 00000000 ____D C:\Users\Kevin Moises\Desktop\GTA SanAndreas
2013-07-30 17:16 - 2013-07-30 17:16 - 00002786 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-07-30 17:16 - 2013-07-30 17:16 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-30 17:16 - 2013-07-30 17:16 - 00000000 ____D C:\Program Files\CCleaner
2013-07-30 16:47 - 2013-07-30 16:47 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\TeamViewer
2013-07-30 16:30 - 2013-06-30 16:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-30 16:06 - 2013-06-27 21:04 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Spotify
2013-07-30 15:46 - 2013-06-26 23:49 - 00283032 _____ C:\windows\SysWOW64\PnkBstrB.xtr
2013-07-30 15:46 - 2013-06-26 23:40 - 00283032 _____ C:\windows\SysWOW64\PnkBstrB.exe
2013-07-30 12:38 - 2013-05-21 23:18 - 00001108 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009719884-3110667454-1196366900-1001Core.job
2013-07-30 12:28 - 2012-11-16 18:17 - 00745562 _____ C:\windows\system32\perfh007.dat
2013-07-30 12:28 - 2012-11-16 18:17 - 00169488 _____ C:\windows\system32\perfc007.dat
2013-07-30 12:28 - 2012-07-26 09:28 - 01752720 _____ C:\windows\system32\PerfStringBackup.INI
2013-07-30 12:17 - 2013-07-30 12:16 - 00000000 ____D C:\rads
2013-07-30 10:11 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-07-29 19:58 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-07-28 21:55 - 2013-07-28 21:55 - 00000000 ____D C:\windows\SysWOW64\Adobe
2013-07-28 21:53 - 2013-07-25 13:42 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\Adobe
2013-07-28 21:53 - 2013-05-21 13:40 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-07-26 15:46 - 2013-07-14 05:45 - 00007164 _____ C:\Users\Kevin Moises\Documents\TombRaider.log
2013-07-26 15:08 - 2013-06-27 22:31 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\Spotify
2013-07-25 22:06 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-07-21 00:25 - 2013-07-21 00:25 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\LolClient
2013-07-20 22:15 - 2013-07-20 22:15 - 00001389 _____ C:\Users\Public\Desktop\League of Legends.lnk
2013-07-20 22:15 - 2013-07-20 22:15 - 00000000 __SHD C:\windows\SysWOW64\AI_RecycleBin
2013-07-20 21:55 - 2013-06-26 23:40 - 00283032 _____ C:\windows\SysWOW64\PnkBstrB.ex0
2013-07-20 20:15 - 2012-07-26 10:12 - 00000000 ____D C:\windows\rescache
2013-07-20 17:31 - 2013-05-21 23:02 - 00000000 ____D C:\Windows.old
2013-07-20 11:36 - 2013-07-19 18:06 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Origin
2013-07-19 19:40 - 2013-07-19 19:23 - 00000000 ____D C:\Users\Kevin Moises\Documents\FIFA 13 Demo
2013-07-19 19:23 - 2013-07-19 19:23 - 00000000 __SHD C:\ProgramData\DSS
2013-07-19 19:22 - 2013-07-19 19:22 - 00000000 ____D C:\Users\Kevin Moises\Documents\FIFA 13
2013-07-19 18:54 - 2013-07-19 18:54 - 00001314 _____ C:\Users\Public\Desktop\FIFA 13 Demo.lnk
2013-07-19 18:12 - 2013-07-19 18:06 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-19 18:12 - 2013-07-19 18:04 - 00000000 ____D C:\ProgramData\Origin
2013-07-19 18:06 - 2013-07-19 18:05 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\Origin
2013-07-19 18:04 - 2013-07-19 18:04 - 00000540 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-19 18:04 - 2013-07-19 18:04 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-17 20:08 - 2013-05-25 12:20 - 00000000 ____D C:\ProgramData\Skype
2013-07-17 20:07 - 2013-05-25 12:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-17 20:00 - 2013-07-17 20:00 - 00417504 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-17 16:21 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-17 16:21 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\oobe
2013-07-16 20:52 - 2013-06-30 15:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-16 20:50 - 2013-05-22 16:50 - 78185248 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-07-16 15:50 - 2013-05-21 20:15 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-07-14 22:19 - 2013-07-14 22:06 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Tropico 3
2013-07-14 22:03 - 2012-07-26 10:12 - 00000000 ____D C:\windows\LiveKernelReports
2013-07-14 21:20 - 2013-07-14 21:20 - 00000201 _____ C:\Users\Kevin Moises\Desktop\Total War SHOGUN 2.url
2013-07-13 23:56 - 2013-07-13 23:56 - 00000202 _____ C:\Users\Kevin Moises\Desktop\Tomb Raider.url
2013-07-13 21:20 - 2013-07-13 21:20 - 00000923 _____ C:\Users\Public\Desktop\Die Gilde 2 - Gold Edition.lnk
2013-07-13 21:17 - 2013-07-13 21:10 - 00000000 ____D C:\Users\Kevin Moises\Desktop\Gilde 2
2013-07-13 17:39 - 2013-05-21 23:19 - 00002367 _____ C:\Users\Kevin Moises\Desktop\Google Chrome.lnk
2013-07-13 12:33 - 2013-05-21 23:18 - 00004120 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009719884-3110667454-1196366900-1001UA
2013-07-13 12:33 - 2013-05-21 23:18 - 00003740 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009719884-3110667454-1196366900-1001Core
2013-07-12 20:45 - 2013-04-22 18:02 - 00000000 ____D C:\Users\Kevin Moises\Documents\ArmA 2
2013-07-12 20:39 - 2013-07-12 20:39 - 00000000 ____D C:\Users\Public\Games
2013-07-12 20:34 - 2013-07-12 20:34 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\ArmA 2
2013-07-12 18:25 - 2013-06-23 16:56 - 00000000 ____D C:\Users\Kevin Moises\Desktop\MineCraft
2013-07-11 17:05 - 2013-04-19 19:26 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\Packages
2013-07-09 15:46 - 2013-06-23 15:38 - 00000547 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-07-08 19:18 - 2013-05-21 13:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-05 16:28 - 2013-05-25 03:27 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\PAYDAY
2013-07-05 15:51 - 2013-06-24 21:23 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Tropico 3 Demo
2013-07-04 22:51 - 2013-07-04 22:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-04 20:32 - 2013-07-04 20:32 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Riot Games
2013-07-04 20:32 - 2013-07-04 20:32 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-07-03 16:32 - 2013-07-03 16:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-03 16:14 - 2013-05-26 23:32 - 00001907 _____ C:\Users\Kevin Moises\Desktop\Clownfish.lnk
2013-07-02 15:31 - 2013-06-23 16:54 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\.minecraft
2013-07-02 14:37 - 2013-07-02 14:37 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Notepad++
2013-07-02 14:37 - 2013-07-02 14:37 - 00000000 ____D C:\Users\Kevin Moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-07-02 13:45 - 2013-06-27 23:46 - 00619335 _____ C:\Users\Kevin Moises\Desktop\1.5.2 Herblore v2.1a.zip
2013-07-01 22:56 - 2013-06-30 15:56 - 00000000 ____D C:\Users\KEVINM~1\AppData\Local\Microsoft Help
2013-07-01 00:53 - 2013-06-30 16:28 - 00007935 _____ C:\Users\Kevin Moises\Documents\Die Entdeckung Amerikas-word.odt
2013-06-30 22:44 - 2013-06-30 22:44 - 00003029 _____ C:\Users\Kevin Moises\Desktop\Microsoft Word 2010.lnk
2013-06-30 17:15 - 2013-05-25 12:21 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-06-30 16:42 - 2013-06-30 16:42 - 00017408 _____ C:\Users\KEVINM~1\AppData\Local\WebpageIcons.db
2013-06-30 16:41 - 2013-06-30 16:41 - 00001261 _____ C:\Users\Kevin Moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 2.0.lnk
2013-06-30 16:40 - 2013-06-30 16:40 - 00153053 _____ C:\windows\system32\Drivers\klin.dat
2013-06-30 16:40 - 2013-06-30 16:40 - 00107384 _____ C:\windows\system32\Drivers\klick.dat
2013-06-30 16:39 - 2013-06-30 16:39 - 00636760 _____ (Kaspersky Lab) C:\windows\system32\Drivers\klif.sys
2013-06-30 16:39 - 2013-06-30 16:39 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-06-30 16:38 - 2012-11-16 09:38 - 00000000 ____D C:\ProgramData\Norton
2013-06-30 16:36 - 2012-07-26 10:12 - 00000000 ___HD C:\windows\ELAMBKUP
2013-06-30 16:36 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\ELAM
2013-06-30 15:58 - 2013-06-30 15:58 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-30 15:58 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-30 15:56 - 2013-06-30 15:56 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-30 15:56 - 2013-06-30 15:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-30 15:56 - 2012-07-26 11:45 - 00000000 ____D C:\windows\ShellNew
2013-06-30 00:05 - 2013-06-30 00:05 - 00000201 _____ C:\Users\Kevin Moises\Desktop\Stronghold Kingdoms.url

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 13:51

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03
Ran by Kevin Moises at 2013-07-30 18:10:02
Running from C:\Users\Kevin Moises\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Advanced SystemCare Ultimate 6 (x32 Version: 6.0.0)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000)
Age of Empires III (x32 Version: 1.00.0000)
ANNO 2070 (x32 Version: 1.0.0.0)
Ask Toolbar (x32 Version: 1.15.23.0)
Ask Toolbar Updater (HKCU Version: 1.2.5.36191)
Assassin's Creed II (x32 Version: 1.01)
Audials (x32 Version: 10.2.26200.0)
Bing Bar (x32 Version: 7.2.241.0)
Blacklight: Retribution (x32)
Bonjour (Version: 3.0.0.10)
Clownfish for Skype (x32)
Connected Music powered by Universal Music Group version 1.0 (x32 Version: 1.0)
CyberLink LabelPrint (x32 Version: 2.5.1.5510)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925)
CyberLink PowerDVD (x32 Version: 10.0.1.4319)
CyberLink PowerDVD 13 (x32 Version: 13.0.2720.57)
D3DX10 (x32 Version: 15.4.2368.0902)
Dead Island Riptide (x32)
Defiance (x32)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Delta Chrome Toolbar (x32)
Delta toolbar   (x32 Version: 1.8.21.5)
Die Gilde 2 - Gold Edition (x32 Version: V 1.20)
Dota 2 (x32)
eaner (Version: 4.04)
Energy Star (Version: 1.0.8)
ExpressCache (Version: 1.0.86)
FIFA 13 Demo (x32 Version: 1.0.0.0)
Google Chrome (HKCU Version: 28.0.1500.72)
Gotham City Impostors: Free To Play (x32)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000)
HP Connected Music (Meridian - installer) (x32 Version: v1.0)
HP Connected Remote (x32 Version: 1.0.1206)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Postscript Converter (Version: 3.1.3591)
HP Registration Service (Version: 1.0.5976.4186)
HP Support Assistant (x32 Version: 7.0.33.6)
HP Support Information (x32 Version: 12.00.0000)
IDT Audio (x32 Version: 1.0.6418.0)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Kaspersky PURE 2.0 (x32 Version: 12.0.2.733)
K-Lite Codec Pack 6.0.4 (Basic) (x32 Version: 6.0.4)
League of Legends (x32 Version: 3.0.1)
LibreOffice 4.0.3.3 (x32 Version: 4.0.3.3)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_x86 (x32 Version: 1.0.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
Notepad++ (x32 Version: 6.4.1)
NVIDIA Control Panel 305.29 (Version: 305.29)
NVIDIA Graphics Driver 305.29 (Version: 305.29)
NVIDIA Install Application (Version: 2.1002.82.513)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613)
Origin (x32 Version: 9.2.1.4399)
Pando Media Booster (x32 Version: 2.6.0.7)
PAYDAY: The Heist (x32)
PunkBuster Services (x32 Version: 0.992)
Recovery Manager (x32 Version: 5.5.0.5530)
Sauerbraten (x32)
Sid Meier's Civilization V (x32)
Skype™ 6.6 (x32 Version: 6.6.106)
Sniper Ghost Warrior 2 (x32)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Start Menu 8 (x32 Version: 1.1.0.0)
Stronghold Kingdoms (x32)
swMSM (x32 Version: 12.0.0.1)
TeamSpeak 3 Client (HKCU Version: 3.0.10)
Tomb Raider (x32)
Total War: SHOGUN 2 (x32)
Tropico 3 1.00 (x32 Version: 1.00)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Unity Web Player (HKCU Version: )
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
YouTube Song Downloader (x32 Version: 8.2)

==================== Restore Points  =========================

20-07-2013 20:14:06 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {11ACF2C6-F84A-4F0F-A596-0E1DADACBFAC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {245DA0C4-641B-44C9-95A3-F8EB910DE6F6} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2013-04-25] (IObit)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3874D0EE-CAE1-49E8-84E0-9F2C74558668} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2012-12-14] (IObit)
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4EC7E55C-51AC-4E8F-8C1A-19DBB223F822} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {61D96150-94AD-4B23-969B-BE9BFB9E35EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {64140151-1B6F-4B05-A9E6-AC6F38DFCE63} - System32\Tasks\{2EFF3F7A-4A15-483A-A3B6-60616D38D78B} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-07-04] (Mozilla Corporation)
Task: {65926066-996F-4136-8FD3-25A9AE18CCB3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {66F2E09E-255E-4F52-B60E-169A206240B8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009719884-3110667454-1196366900-1001UA => C:\Users\Kevin Moises\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-21] (Google Inc.)
Task: {6DEFEE73-382D-4D50-963D-C3F594F67F27} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {71945311-B335-4EF7-BE72-C8FDCE1175E2} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-03-31] ()
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {789F3951-6E90-4C48-B66F-538E46AB85BA} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1009719884-3110667454-1196366900-1001
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7E80C37F-EB43-43A5-B414-51309D54FC7E} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {8417A1B2-DF2A-4528-96C0-19A948A50F97} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB3EDDEC-EB0F-41BB-B6BE-7D1797146C33} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B40C369B-180D-4714-BD60-57D59D340C27} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BF9994A1-7B6E-4180-B89F-D3BE3D909550} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C4B2B789-46A7-44CD-A7F2-361AF4D8E8DC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-28] (Adobe Systems Incorporated)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C72E7CD8-3074-4EAA-A600-76E96E4CA5CA} - System32\Tasks\EPUpdater => C:\Users\KEVINM~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D675C53C-23EF-4E15-B4F1-045AE4AE09FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1009719884-3110667454-1196366900-1001Core => C:\Users\Kevin Moises\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-21] (Google Inc.)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E7E8A8CB-849C-495B-918E-3D8DDB58A875} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {E8B5D60F-F140-435F-BA99-7E30B56011F9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009719884-3110667454-1196366900-1001Core.job => C:\Users\Kevin Moises\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1009719884-3110667454-1196366900-1001UA.job => C:\Users\Kevin Moises\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/30/2013 06:10:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988aa6
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000003811c
ID des fehlerhaften Prozesses: 0x1354
Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0
Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1
Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2
Berichtskennung: HPConnectedRemoteService.exe3
Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5

Error: (07/30/2013 06:10:04 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (07/30/2013 06:09:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988aa6
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000003811c
ID des fehlerhaften Prozesses: 0xee0
Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0
Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1
Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2
Berichtskennung: HPConnectedRemoteService.exe3
Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5

Error: (07/30/2013 06:09:59 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (07/30/2013 06:09:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988aa6
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000003811c
ID des fehlerhaften Prozesses: 0x1628
Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0
Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1
Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2
Berichtskennung: HPConnectedRemoteService.exe3
Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5

Error: (07/30/2013 06:09:53 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (07/30/2013 06:09:47 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988aa6
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000003811c
ID des fehlerhaften Prozesses: 0x1f18
Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0
Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1
Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2
Berichtskennung: HPConnectedRemoteService.exe3
Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5

Error: (07/30/2013 06:09:47 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (07/30/2013 06:09:41 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988aa6
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000003811c
ID des fehlerhaften Prozesses: 0x10d4
Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0
Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1
Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2
Berichtskennung: HPConnectedRemoteService.exe3
Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5

Error: (07/30/2013 06:09:41 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()


System errors:
=============
Error: (07/30/2013 06:10:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4860 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/30/2013 06:09:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4859 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/30/2013 06:09:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4858 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/30/2013 06:09:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4857 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/30/2013 06:09:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4856 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/30/2013 06:09:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4855 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/30/2013 06:09:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4854 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/30/2013 06:09:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4853 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/30/2013 06:09:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4852 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/30/2013 06:09:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 4851 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (07/30/2013 06:10:04 PM) (Source: Application Error)(User: )
Description: HPConnectedRemoteService.exe1.0.1206.0503e3c5dKERNELBASE.dll6.2.9200.1645150988aa6e0434352000000000003811c135401ce8d3f4084e043c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\windows\system32\KERNELBASE.dll7e7609d4-f932-11e2-bead-4c72b980dac7

Error: (07/30/2013 06:10:04 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (07/30/2013 06:09:59 PM) (Source: Application Error)(User: )
Description: HPConnectedRemoteService.exe1.0.1206.0503e3c5dKERNELBASE.dll6.2.9200.1645150988aa6e0434352000000000003811cee001ce8d3f3d119095c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\windows\system32\KERNELBASE.dll7b02ba3c-f932-11e2-bead-4c72b980dac7

Error: (07/30/2013 06:09:59 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (07/30/2013 06:09:53 PM) (Source: Application Error)(User: )
Description: HPConnectedRemoteService.exe1.0.1206.0503e3c5dKERNELBASE.dll6.2.9200.1645150988aa6e0434352000000000003811c162801ce8d3f39931b86c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\windows\system32\KERNELBASE.dll7787a12b-f932-11e2-bead-4c72b980dac7

Error: (07/30/2013 06:09:53 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (07/30/2013 06:09:47 PM) (Source: Application Error)(User: )
Description: HPConnectedRemoteService.exe1.0.1206.0503e3c5dKERNELBASE.dll6.2.9200.1645150988aa6e0434352000000000003811c1f1801ce8d3f361fcbeec:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\windows\system32\KERNELBASE.dll74158a48-f932-11e2-bead-4c72b980dac7

Error: (07/30/2013 06:09:47 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (07/30/2013 06:09:41 PM) (Source: Application Error)(User: )
Description: HPConnectedRemoteService.exe1.0.1206.0503e3c5dKERNELBASE.dll6.2.9200.1645150988aa6e0434352000000000003811c10d401ce8d3f32ab6ac0c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\windows\system32\KERNELBASE.dll70a1ec88-f932-11e2-bead-4c72b980dac7

Error: (07/30/2013 06:09:41 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   bei System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   bei SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   bei SwitchBoard.SwitchBoardService.RunService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()


==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 10179.55 MB
Available physical RAM: 6237.5 MB
Total Pagefile: 11731.55 MB
Available Pagefile: 6539.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:927.57 GB) (Free:851.66 GB) NTFS (Disk=0 Partition=4) ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.25 GB) (Free:1.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (TROPICO_3) (CDROM) (Total:7.53 GB) (Free:0 GB) UDF
Drive m: (Spiele&Programme) (Fixed) (Total:550 GB) (Free:356.84 GB) NTFS
Drive o: (Datein) (Fixed) (Total:70.22 GB) (Free:70.07 GB) NTFS
Drive p: (Medien) (Fixed) (Total:302.5 GB) (Free:299.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 1F39D44F)

Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: B6203A6C)
Partition 1: (Not Active) - (Size=15 GB) - (Type=73)

==================== End Of Log ============================

markusg · 30.07.2013, 17:15

hi,
kannst du mir Malwarebytes Logs mit Funden posten, falls es solche gab.
http://www.trojaner-board.de/125889-...en-posten.html

Paulx · 30.07.2013, 17:17

müssen die funde entfernt werden oder nur mal in quarantäne getan werden?

markusg · 30.07.2013, 17:25

Hi
du sollst mir erst mal bisher erstellte bogs zeigen. In der Regel könnnen die Funde in die Quarantäne

30.07.2013, 17:25	#6
markusg /// Malware-holic	Wärend ich spiele swicht mich mein pc auf den desktop Hi du sollst mir erst mal bisher erstellte bogs zeigen. In der Regel könnnen die Funde in die Quarantäne __________________ --> Wärend ich spiele swicht mich mein pc auf den desktop

Wärend ich spiele swicht mich mein pc auf den desktop

Plagegeister aller Art und deren Bekämpfung: Wärend ich spiele swicht mich mein pc auf den desktop