| |
| |||||||
Log-Analyse und Auswertung: Win7: Computer wird remote gesteuertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.03.2014, 14:54
| #3 |
 |  Win7: Computer wird remote gesteuert Hi! Hoffentlich mach ich es so richtig!
__________________Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:58 on 21/03/2014 (KATHI)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-21 22:23:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD10 rev.15.0 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\KATHI\AppData\Local\Temp\pwloqpow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3796] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3796] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[3388] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[3388] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Steam\Steam.exe[3748] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 000000007632549c 5 bytes JMP 0000000100080800
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[3888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[3888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll 000000007732c4dd 5 bytes JMP 0000000110014b10
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!GetDeviceCaps 0000000075034de0 5 bytes JMP 0000000110007ac9
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!SelectObject 0000000075034f70 5 bytes JMP 0000000110007aa8
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!SaveDC 0000000075036e05 5 bytes JMP 0000000110007a67
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!RestoreDC 0000000075036ead 5 bytes JMP 0000000110007a87
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!GetViewportOrgEx 0000000075038659 5 bytes JMP 0000000110007931
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!SetViewportOrgEx 00000000750386cc 5 bytes JMP 000000011000796b
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!ExtSelectClipRgn 000000007503879f 5 bytes JMP 0000000110007a21
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!GetClipRgn 0000000075038a43 5 bytes JMP 0000000110007b0c
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!GetRandomRgn 000000007503ae3a 5 bytes JMP 0000000110007b2f
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!SetWindowOrgEx 000000007503af0a 5 bytes JMP 00000001100079c6
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!GetClipBox 000000007503af9f 5 bytes JMP 00000001100064ff
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!GetDCOrgEx 000000007503bcf3 5 bytes JMP 0000000110007aed
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\GDI32.dll!GetWindowOrgEx 000000007503e310 5 bytes JMP 000000011000794e
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!TranslateMessage 00000000765d7809 5 bytes JMP 0000000110007c42
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!GetMessageW 00000000765d78e2 5 bytes JMP 0000000110007711
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!GetMessageA 00000000765d7bd3 5 bytes JMP 00000001100076ca
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!GetWindowRect 00000000765d7f34 5 bytes JMP 0000000110006a34
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!SetWindowLongW 00000000765d8332 5 bytes JMP 00000001100078cd
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!MapWindowPoints 00000000765d8c40 5 bytes JMP 0000000110007b90
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!SetWindowPos 00000000765d8e4e 5 bytes JMP 0000000110006b8f
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!DestroyWindow 00000000765d9a55 5 bytes JMP 0000000110007135
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!CreateWindowExA 00000000765dd22e 5 bytes JMP 00000001100072e0
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!PeekMessageW 00000000765e05ba 5 bytes JMP 0000000110007799
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!GetCursorPos 00000000765e1218 5 bytes JMP 0000000110006397
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!InvalidateRect 00000000765e1381 5 bytes JMP 0000000110006a5b
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!RedrawWindow 00000000765e140b 5 bytes JMP 0000000110006acf
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!ScreenToClient 00000000765e227d 5 bytes JMP 0000000110006b0f
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!ClientToScreen 00000000765e2606 5 bytes JMP 00000001100068ff
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!SetWindowRgn 00000000765e284d 5 bytes JMP 000000011000752f
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!GetKeyState 00000000765e291f 5 bytes JMP 0000000110007beb
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!SetParent 00000000765e2d64 5 bytes JMP 000000011000615d
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!TrackMouseEvent 00000000765e360e 5 bytes JMP 00000001100070a1
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!MoveWindow 00000000765e3698 5 bytes JMP 0000000110006aa1
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!SetWindowPlacement 00000000765e4ab6 5 bytes JMP 00000001100070dc
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!PeekMessageA 00000000765e5f74 5 bytes JMP 0000000110007758
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!SetWindowLongA 00000000765e6110 5 bytes JMP 00000001100078b3
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!DeferWindowPos 00000000765e640f 5 bytes JMP 0000000110006926
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!InvalidateRgn 00000000765e6604 5 bytes JMP 0000000110007112
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!ValidateRect 00000000765e7849 5 bytes JMP 00000001100070fa
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!ValidateRgn 00000000765e8e72 5 bytes JMP 0000000110007469
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!ScrollWindow 00000000765e9320 5 bytes JMP 00000001100077da
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!UpdateLayeredWindow 00000000765eba4a 5 bytes JMP 00000001100068a5
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamAorW 00000000765fce54 5 bytes JMP 00000001100074fa
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!ScrollWindowEx 00000000765fd56b 5 bytes JMP 0000000110007803
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!GetAsyncKeyState 00000000765feb96 5 bytes JMP 0000000110007c09
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!GetKeyboardState 00000000765fec68 5 bytes JMP 0000000110007040
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!SetLayeredWindowAttributes 00000000765fec88 5 bytes JMP 00000001100070bc
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!WindowFromPoint 00000000765fed12 5 bytes JMP 0000000110006c10
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!ReleaseCapture 00000000765fed49 5 bytes JMP 000000011000705b
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!SetCapture 00000000765fed56 5 bytes JMP 0000000110006b36
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 00000000765ff170 5 bytes JMP 0000000110007ce5
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\USER32.dll!CreateDialogIndirectParamAorW 00000000766010a0 5 bytes JMP 00000001100074c5
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Razer\Core\RazerCore.exe[3892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Ask.com\Updater\Updater.exe[4324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Ask.com\Updater\Updater.exe[4324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[4484] C:\Windows\syswow64\PsApi.dll!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[4484] C:\Windows\syswow64\PsApi.dll!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe[4228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe[4228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[5516] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 000000007632549c 5 bytes JMP 00000001003c0800
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[5516] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[5516] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [3952:3312] 000007fef47c3e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [3952:3332] 000007fef47c3e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [3952:3328] 000007fef322c680
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [3952:5824] 000007fef47c3e0c
---- Processes - GMER 2.1 ----
Library C:\ProgramData\Razer\Synapse\Devices\RazerConfigNative.dll (*** suspicious ***) @ C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [4364] (Razer Configurator/Razer Inc.)(2014-03-11 10:44:50) 0000000051630000
---- EOF - GMER 2.1 ----
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by KATHI (administrator) on KATHI-PC on 21-03-2014 22:02:03
Running from C:\Users\KATHI\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\RazerCore.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
() C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1644680 2013-02-08] (Ask)
HKLM-x32\...\Run: [HTC Sync Loader] - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [651264 2012-04-17] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-09-27] ()
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\Run: [] - [X]
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1053056 2011-11-01] (Nokia)
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\Run: [Razer Comms] - C:\Program Files (x86)\Razer\Core\RazerCore.exe [1094848 2013-12-11] (Razer, Inc.)
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1236742091-3929155369-3592009709-1001\...\MountPoints2: {a435feca-e873-11e0-96ac-806e6f6e6963} - D:\Autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://nmd.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://nmd.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBED244D4817CCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {3A6147C0-360F-478F-A8B8-CD21201887F6} URL =
SearchScopes: HKCU - {D791FBDB-8E33-4C0C-A01C-1AC3AFC2085F} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYAT&apn_uid=C4919090-DBBE-451D-BAF2-6C28642459DF&apn_sauid=A00794BA-F0A3-4993-BC90-E5CED8CE6CF3
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\KATHI\AppData\Roaming\Mozilla\Firefox\Profiles\w2ii0pkk.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=de_US&apn_uid=C4919090-DBBE-451D-BAF2-6C28642459DF&apn_ptnrs=U3&apn_sauid=A00794BA-F0A3-4993-BC90-E5CED8CE6CF3&apn_dtid=YYYYYYYYAT&&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\KATHI\AppData\Roaming\Mozilla\Firefox\Profiles\w2ii0pkk.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: iCloud Bookmarks - C:\Users\KATHI\AppData\Roaming\Mozilla\Firefox\Profiles\w2ii0pkk.default\Extensions\firefoxdav@icloud.com [2013-12-20]
FF Extension: Ask Toolbar - C:\Users\KATHI\AppData\Roaming\Mozilla\Firefox\Profiles\w2ii0pkk.default\Extensions\toolbar@ask.com [2013-02-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-15]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]
FF HKLM-x32\...\Firefox\Extensions: [fe_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-12-26]
FF HKLM-x32\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011-12-26]
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-12-11] (Razer, Inc.)
==================== Drivers (Whitelisted) ====================
S1 6086719drv; C:\Windows\System32\DRIVERS\6086719drv.sys [556632 2013-12-25] ()
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
S3 IAMTVE; C:\Windows\system32\drivers\IAMTVE.sys [43416 2007-04-11] (Intel Corporation)
S3 IAMTXPE; C:\Windows\system32\drivers\IAMTXPE.sys [51096 2007-04-11] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-11-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-11-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-11-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-12-11] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-12-11] (Razer, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-21 22:02 - 2014-03-21 22:02 - 00023400 _____ () C:\Users\KATHI\Desktop\FRST.txt
2014-03-21 22:02 - 2014-03-21 22:02 - 00000000 ____D () C:\FRST
2014-03-21 22:00 - 2014-03-21 22:00 - 02157056 _____ (Farbar) C:\Users\KATHI\Desktop\FRST64.exe
2014-03-21 21:57 - 2014-03-21 21:58 - 00000472 _____ () C:\Users\KATHI\Desktop\defogger_disable.log
2014-03-21 21:57 - 2014-03-21 21:57 - 00000000 _____ () C:\Users\KATHI\defogger_reenable
2014-03-21 21:47 - 2014-03-21 21:47 - 00050477 _____ () C:\Users\KATHI\Desktop\Defogger.exe
2014-03-13 20:38 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 20:38 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 20:38 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 20:38 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 20:38 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 20:38 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 20:38 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 20:38 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 20:38 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 20:38 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 20:38 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 20:38 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 20:38 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 20:38 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 20:38 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 20:38 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 20:38 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 20:38 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 20:38 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 20:38 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 20:38 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 20:38 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 20:38 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 20:38 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 20:38 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 20:38 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 20:38 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 20:38 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 20:38 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 20:38 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 20:38 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 20:38 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 20:38 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 20:38 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 20:38 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 20:38 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 20:38 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 20:38 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 20:38 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 20:38 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 20:38 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 20:38 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 20:38 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 20:38 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 20:37 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 20:37 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 20:37 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 20:37 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-09 19:14 - 2014-03-09 19:14 - 02060742 _____ () C:\Users\KATHI\Downloads\Dandelion_3(1).zip
2014-03-09 18:49 - 2014-03-09 18:49 - 02060742 _____ () C:\Users\KATHI\Downloads\Dandelion_3.zip
2014-03-09 18:48 - 2014-03-09 18:48 - 00223312 _____ () C:\Users\KATHI\Downloads\FLVPlayerSetup-cU5LwNPg.exe
2014-03-02 11:09 - 2014-03-02 11:09 - 00000000 ____D () C:\Users\KATHI\AppData\Local\Skype
2014-03-01 16:17 - 2014-03-01 16:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 16:17 - 2014-03-01 16:17 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 16:17 - 2014-03-01 16:17 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 16:17 - 2014-03-01 16:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-01 16:12 - 2014-03-01 16:12 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-01 16:02 - 2014-03-01 16:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
==================== One Month Modified Files and Folders =======
2014-03-21 22:02 - 2014-03-21 22:02 - 00023400 _____ () C:\Users\KATHI\Desktop\FRST.txt
2014-03-21 22:02 - 2014-03-21 22:02 - 00000000 ____D () C:\FRST
2014-03-21 22:00 - 2014-03-21 22:00 - 02157056 _____ (Farbar) C:\Users\KATHI\Desktop\FRST64.exe
2014-03-21 21:58 - 2014-03-21 21:57 - 00000472 _____ () C:\Users\KATHI\Desktop\defogger_disable.log
2014-03-21 21:57 - 2014-03-21 21:57 - 00000000 _____ () C:\Users\KATHI\defogger_reenable
2014-03-21 21:57 - 2011-09-26 20:21 - 00000000 ____D () C:\Users\KATHI
2014-03-21 21:47 - 2014-03-21 21:47 - 00050477 _____ () C:\Users\KATHI\Desktop\Defogger.exe
2014-03-21 21:47 - 2012-06-04 14:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-21 21:38 - 2011-12-03 22:57 - 00000000 ____D () C:\Users\KATHI\AppData\Roaming\.minecraft
2014-03-21 20:47 - 2011-09-27 13:53 - 00000000 ____D () C:\Users\KATHI\AppData\Local\PMB Files
2014-03-21 20:34 - 2012-12-30 13:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-21 20:24 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-21 20:24 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-21 20:23 - 2011-09-26 20:19 - 01340607 _____ () C:\Windows\WindowsUpdate.log
2014-03-21 20:17 - 2013-08-31 18:50 - 00000000 ____D () C:\Users\KATHI\AppData\Roaming\TS3Client
2014-03-21 20:17 - 2013-07-31 11:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-21 20:17 - 2012-07-22 14:41 - 00000000 ____D () C:\Users\KATHI\AppData\Local\LogMeIn Hamachi
2014-03-21 20:17 - 2011-12-26 14:08 - 00000000 ____D () C:\Users\KATHI\AppData\Local\Htc
2014-03-21 20:16 - 2011-10-26 18:26 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-03-21 20:16 - 2011-09-15 07:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-21 20:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-21 20:16 - 2009-07-14 05:51 - 00142237 _____ () C:\Windows\setupact.log
2014-03-20 21:55 - 2013-08-25 22:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 21:51 - 2011-09-26 20:28 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-20 19:24 - 2011-10-26 18:42 - 00000000 ____D () C:\Users\KATHI\AppData\Roaming\Skype
2014-03-15 22:51 - 2011-10-26 18:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-15 01:20 - 2011-12-26 12:53 - 00163540 _____ () C:\Windows\DPINST.LOG
2014-03-15 01:19 - 2013-12-24 18:09 - 00001952 _____ () C:\Users\KATHI\Desktop\Razer Synapse 2.0.lnk
2014-03-14 23:01 - 2014-01-17 18:40 - 00000000 ____D () C:\Users\KATHI\AppData\Local\CrashDumps
2014-03-14 18:05 - 2009-07-14 05:45 - 00341400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 18:04 - 2013-03-13 21:45 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 18:04 - 2013-03-13 21:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 18:47 - 2012-06-04 14:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:47 - 2012-06-04 14:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 18:47 - 2011-10-07 16:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-09 19:14 - 2014-03-09 19:14 - 02060742 _____ () C:\Users\KATHI\Downloads\Dandelion_3(1).zip
2014-03-09 18:49 - 2014-03-09 18:49 - 02060742 _____ () C:\Users\KATHI\Downloads\Dandelion_3.zip
2014-03-09 18:48 - 2014-03-09 18:48 - 00223312 _____ () C:\Users\KATHI\Downloads\FLVPlayerSetup-cU5LwNPg.exe
2014-03-04 18:23 - 2011-09-27 18:00 - 00000000 ____D () C:\Users\KATHI\AppData\Local\Turbine
2014-03-03 20:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-02 11:09 - 2014-03-02 11:09 - 00000000 ____D () C:\Users\KATHI\AppData\Local\Skype
2014-03-02 11:09 - 2011-10-26 18:41 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-02 11:09 - 2011-10-26 18:41 - 00000000 ____D () C:\ProgramData\Skype
2014-03-01 16:17 - 2014-03-01 16:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 16:17 - 2014-03-01 16:17 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 16:17 - 2014-03-01 16:17 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 16:17 - 2014-03-01 16:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-01 16:17 - 2012-12-25 14:06 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 16:12 - 2014-03-01 16:12 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-01 16:12 - 2012-12-25 14:42 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-01 16:02 - 2014-03-01 16:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-03-01 07:05 - 2014-03-13 20:38 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 20:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 20:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 20:38 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 20:38 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 20:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 20:38 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 20:38 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 20:38 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 20:38 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 20:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 20:38 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 20:38 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 20:38 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 20:38 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 20:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 20:38 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 20:38 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 20:38 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 20:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 20:38 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 20:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 20:38 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 20:38 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 20:38 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 20:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 20:38 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 20:38 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 20:38 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 20:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 20:38 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 20:38 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 20:38 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 20:38 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 20:38 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 20:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 20:38 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 20:38 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 20:38 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 20:38 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
Some content of TEMP:
====================
C:\Users\KATHI\AppData\Local\Temp\ApnStub.exe
C:\Users\KATHI\AppData\Local\Temp\AskSLib.dll
C:\Users\KATHI\AppData\Local\Temp\EAD3572.exe
C:\Users\KATHI\AppData\Local\Temp\installerdll1604361.dll
C:\Users\KATHI\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\KATHI\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\KATHI\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\KATHI\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\KATHI\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\KATHI\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\KATHI\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\KATHI\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\KATHI\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\KATHI\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\KATHI\AppData\Local\Temp\NEventMessages.dll
C:\Users\KATHI\AppData\Local\Temp\Nokia_Suite_WU.exe
C:\Users\KATHI\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\KATHI\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\KATHI\AppData\Local\Temp\nvStInst.exe
C:\Users\KATHI\AppData\Local\Temp\Samsung_MonSetup_091006.exe
C:\Users\KATHI\AppData\Local\Temp\setup.exe
C:\Users\KATHI\AppData\Local\Temp\setup_3.0.5617.exe
C:\Users\KATHI\AppData\Local\Temp\setup_3.2.20.exe
C:\Users\KATHI\AppData\Local\Temp\SkypeSetup.exe
C:\Users\KATHI\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\KATHI\AppData\Local\Temp\UninstallEADM.dll
C:\Users\KATHI\AppData\Local\Temp\_is5CFD.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-14 18:27
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by KATHI at 2014-03-21 22:02:43
Running from C:\Users\KATHI\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.15.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Der Herr der Ringe Online v03.03.05.8039 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.03.05.8039 - Turbine, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.8.16603 - Blizzard Entertainment)
Die Sims Mittelalter Piraten und Edelleute (HKLM-x32\...\{0CC21836-A5D6-4641-B4AE-6FA01D021E41}) (Version: 2.0.109 - Electronic Arts)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.66.2 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die*Sims*Mittelalter (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.109 - Electronic Arts)
Edna Bricht Aus - Sammler Edition (HKLM-x32\...\EdnaSE) (Version: 1.1 - Daedalic Entertainment)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Harveys Neue Augen (HKLM-x32\...\Harvey) (Version: 1.0 - Daedalic Entertainment)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM-x32\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 7 Update 2 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417002FF}) (Version: 7.0.20 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Standard für Schüler, Studierende und Lehrkräfte (HKLM-x32\...\{913D0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{AF88496B-4BBA-4922-97E9-2582D3A28358}) (Version: 7.1.48.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.2.100.0 - Nokia)
Nokia Suite (x32 Version: 3.2.100.0 - Nokia) Hidden
NVIDIA 3D Vision Controller Driver (x32 Version: 275.33 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
PC Connectivity Solution (HKLM-x32\...\{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}) (Version: 11.5.13.0 - Nokia)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Comms (HKLM-x32\...\Razer Comms) (Version: 1.82.15 - Razer Inc.)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.56 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6215 - Realtek Semiconductor Corp.)
Recovery Tool (HKLM\...\Recovery Tool) (Version: 4.3.0.7 - DiTech GmbH)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Restore Points =========================
07-03-2014 15:04:43 Windows Update
13-03-2014 19:35:13 Windows Update
13-03-2014 20:47:18 Windows Update
20-03-2014 17:30:12 Windows Update
20-03-2014 20:51:42 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0F91DDF2-AA2B-4EEC-A640-9F577BF0C0AC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {1104E5C5-59E1-4C6C-9DDD-314A1F7815E1} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {21C95780-962B-4928-8F3C-8789F7CC5F96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {37E1A39E-161D-4116-B952-E0EF95ADA791} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {3DCE1618-883F-4841-B565-3AB7FC6DE3F1} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {5E230F40-59D1-4E5D-A3A4-0890BA56690C} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {95A6F263-D6DA-4672-969E-7EF0ED807ED8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A2677CCE-DB0D-4449-B9D7-CBBE83951ED3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {A311D4A3-BB50-4041-8AC5-514221B504F0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {F26094A1-6ABE-476E-B332-F6E7F2E91544} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-02-08] () <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2012-11-18 16:02 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-09-15 12:06 - 2011-09-15 12:06 - 00088576 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2011-12-17 18:38 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00651264 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 08172928 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 02288512 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 00919936 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 00346496 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2011-11-01 15:40 - 2011-11-01 15:40 - 00032640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2011-11-01 15:40 - 2011-11-01 15:40 - 00034688 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2011-11-01 15:40 - 2011-11-01 15:40 - 00202624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 00196480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 02252672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 01294208 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 02557312 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2011-11-01 15:42 - 2011-11-01 15:42 - 00095104 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 00165248 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 00384896 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 10843520 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2011-11-01 15:42 - 2011-11-01 15:42 - 00272768 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2011-11-01 15:42 - 2011-11-01 15:42 - 00392064 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2011-11-01 15:42 - 2011-11-01 15:42 - 00058240 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2011-11-01 15:40 - 2011-11-01 15:40 - 00388480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll
2011-11-01 15:39 - 2011-11-01 15:39 - 01041792 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll
2011-11-01 15:40 - 2011-11-01 15:40 - 00438144 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 00422272 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 00517504 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2011-11-01 15:41 - 2011-11-01 15:41 - 00682880 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2011-11-01 15:39 - 2011-11-01 15:39 - 00740736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2011-11-01 14:57 - 2011-11-01 14:57 - 00112640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
2014-01-08 20:38 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 20:38 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-07-01 07:20 - 2014-02-11 03:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-07-26 13:46 - 2014-02-25 22:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-15 13:32 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2012-03-23 11:15 - 2012-03-23 11:15 - 00988160 _____ () C:\Program Files (x86)\Razer\Core\Plugins\ChatApplet\libssh2.dll
2012-03-02 09:23 - 2012-03-02 09:23 - 00577621 _____ () C:\Program Files (x86)\Razer\Core\Plugins\ChatApplet\sqlite3.dll
2012-10-18 08:13 - 2012-10-18 08:13 - 04141056 _____ () C:\Program Files (x86)\Razer\Core\Plugins\ChatApplet\QQPYEngine.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00103936 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00516599 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00094208 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00389120 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00151552 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00172032 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00559244 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 01515520 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll
2014-02-15 20:46 - 2014-02-15 20:46 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 18:47 - 2014-03-12 18:47 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/21/2014 09:33:47 PM) (Source: Application Hang) (User: )
Description: Programm Skype.exe, Version 6.14.59.104 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f10
Startzeit: 01cf453a23784f7e
Endzeit: 2
Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID:
Error: (03/21/2014 08:29:53 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 1.0.0.10.in-addr.arpa. PTR KATHI-PC.local.
Error: (03/21/2014 08:29:53 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.1:5353 25 1.0.0.10.in-addr.arpa. PTR Katharinas-iPhone.local.
Error: (03/21/2014 08:18:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 08:17:19 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/20/2014 06:25:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2014 06:25:19 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/17/2014 07:34:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/17/2014 07:34:25 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/17/2014 02:52:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/21/2014 08:16:43 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
6086719drv
Error: (03/20/2014 06:24:16 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
6086719drv
Error: (03/17/2014 07:33:01 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
6086719drv
Error: (03/17/2014 02:50:29 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
6086719drv
Error: (03/17/2014 02:50:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147014847
Error: (03/16/2014 10:51:52 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (03/16/2014 04:55:26 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.1
registriert werden. Der Computer mit IP-Adresse 10.0.0.3 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (03/16/2014 04:55:00 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
6086719drv
Error: (03/14/2014 10:51:12 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
6086719drv
Error: (03/14/2014 10:50:58 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 14.03.2014 um 22:49:24 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (03/21/2014 09:33:47 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.14.59.104f1001cf453a23784f7e2C:\Program Files (x86)\Skype\Phone\Skype.exe
Error: (03/21/2014 08:29:53 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 1.0.0.10.in-addr.arpa. PTR KATHI-PC.local.
Error: (03/21/2014 08:29:53 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.1:5353 25 1.0.0.10.in-addr.arpa. PTR Katharinas-iPhone.local.
Error: (03/21/2014 08:18:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 08:17:19 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/20/2014 06:25:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2014 06:25:19 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/17/2014 07:34:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/17/2014 07:34:25 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/17/2014 02:52:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-03-15 00:31:09.656
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-15 00:31:09.654
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-15 00:31:09.652
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-15 00:31:09.637
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-15 00:31:09.636
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-15 00:31:09.634
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-14 18:28:54.330
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-14 18:28:54.330
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-14 18:28:54.330
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-14 18:28:54.283
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 8169.41 MB
Available physical RAM: 5728.54 MB
Total Pagefile: 16337.01 MB
Available Pagefile: 13138.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:919.5 GB) (Free:747.41 GB) NTFS
Drive d: (Sims3EP11) (CDROM) (Total:6.15 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FE2B9EAC)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
| Themen zu Win7: Computer wird remote gesteuert |
| aktiv, beschimpfungen, chats, computer, ferngesteuerter, fund, gen, gerettet, kaspersky, komplette, liebe, lieben, liefert, maus, namen, remote, remote control, scan, skype, spiele, tastatur, troja, voller, win, win7, woche, wochen |
Baum-Darstellung